The Italian income agency decided to publish online all the income levels for each and every single citizen and company in the country.
I did not manage to see the actual data, because the entire income agency website was swamped with request and timing out all the time. You should have heard the comments of my accountant, who every day needs to access other parts of the website for work.
That service is supposed to have been taken offline now, after the Italian privacy watchdog issued a polite What The Fuck! Why Didn't You Tell Us Anything About This? sort of note. The minister defended himself by saying "I can't see what is the problem, it's the same in all the world: if you want proof just watch any American TV series". What a wise man. I should watch some of The Greatest American Hero again.
Since I could not see the actual data, I could not verify if what people were saying was actually true, that is that income information were published together with the full home address, providing a nice shopping list for house robbers, kidnappers and the other kind of professionals that would politely wait next to your door for you to come home late in the night.
But fear not, the website was protected from bots: it used a captcha.
Not only that: in order to comply with standard accessibility rules, the website used a perfectly accessible captcha:
You can't get more accessible than that: the captcha is displayed in plain text, so any accessibility technology will be able to read it. Plus, anyone can easily copy and paste it into the text box. And if someone needs to do it often, it's even trivial to write a script that does it for you!
But it's unfair to say that it was just plain text: it was cleverly encrypted:
<div class="educaptcha"><label for="educaptcha">I<!-- id9113507 -->nser<span>ire </span><span>nel c</span><span>ampo</span> di <!-- id5058508 -->v<span>erific</span><span>a suc</span><!-- id2643358 -->ces<span>sivo i</span><!-- id2500023 -->l valore <span>695</span><span>8571</span>4<!-- id3588853 -->:</label>
<input id="educaptcha" type="text" name="ucaptcha" value="" maxlength="10" size="20" /></div>
For your convenience, here is the version cracked with a malicious
:%s/<[^>]\+>//g
in vim. If you do not speak Italian, you can still look for
this phrase in the screenshot above:
Inserire nel campo di verifica successivo il valore 69585714:
The meaning is of course:
Insert the value 69585714 in the following verification field:
It's been a fun day for Italians online.