Fwd: CAPTCHA

From: larry.r.trout

'Three operators of a ticket scalping agency have pleaded guilty to charges that they illegally used computer scripts to bypass CAPTCHA — the squiggly letters and numbers websites display to prove a visitor is human — and automatically purchase thousands of tickets from Ticketmaster and other vendors to resell them.

Kenneth Lowson, 41, Kristofer Kirsch, 37, who owned and operated Wiseguy Tickets, pleaded guilty on Thursday in New Jersey to one count of conspiracy to commit wire fraud and hacking. Joel Stevenson, 37, who earned $150,000 as the outfit's chief computer programmer and system administrator, also pleaded guilty to one count of hacking. A fourth defendant, Faisal Nadhi, the outfit's chief financial officer, has not been apprehended.

Lowson and Kirsch face a maximum sentence of five years in prison and a $250,000 fine. Stevenson faces a maximum sentence of one year in prison and a $100,000 fine. Lowson agreed to surrender more than $1.2 million in proceeds from the crimes. Sentencing for all three defendants is set for March 15, 2011.

The defendants were indicted last March for an elaborate scheme that used a network of bots and other deceptive means to bypass CAPTCHA and grab more than 1 million tickets for concerts and sporting events. They were able to impersonate thousands of individual ticket buyers, defeating the security and fraud measures that online ticket vendors such as Ticketmaster, Musictoday and Tickets.com put in place to thwart automated ticket buying. According to prosecutors, they made more than $25 million in profits from the resale of the tickets between 2002 and 2009.

In bringing charges, prosecutors pushed the envelope on the federal computer hacking law by asserting that bypassing CAPTCHA constituted unauthorized access of ticket seller servers, according to policy groups who filed an amicus brief in the case to back the defendant's motion to have the charges dismissed.'

http://www.wired.com/threatlevel/2010/11/wiseguys-plead-guilty/