There's a lot of controversy about CAPTCHAs, not least because visually impaired users have a very hard time using them, but also because there are a lot of programmers who believe that creating an app to read CAPTCHAs just isn't that hard (the easiest way may be to inline a CAPTCHA from the site you're attacking on a site where you're offering free porn, and get the people signing up for the free porn to solve the CAPTCHAs for you).
PWNTCHA is an app that decodes different vendors' CAPTCHAs, to varying degrees of accuracy, producing evidence for the case that CAPTCHAs don't do a great job of keep bad guys out nor of letting good guys in:
PWNtcha stands for "Pretend We're Not a Turing Computer but a Human Antagonist", as well as PWN capTCHAs. This project's goal is to demonstrate the inefficiency of many captcha implementations.Link (via Waxy) Discuss Next post
For an overview on why visual captchas are a bad idea, see Matt May's excellent presentation, Escape from CAPTCHA, as well as the W3C's Inaccessibility of Visually-Oriented Anti-Robot Tests working draft.