When an Oregon man was shopping for a pre-owned Prius, he did what most of us would do and checked the vehicle's history out on CarFax. When the website asked him to enter one of those randomly generated letter/number combos to prevent bots he says he was presented with a racial slur.

According to Oregonlive.com, Don Francis, an Oregon environmentalist, wanted to purchase a pre-owned Prius as a company car. He located a vehicle that he was interested in and then went to CarFax to check the history. Like most websites CarFax uses a code on their webpage called CAPTCHA, that prevents bots (computers) from filling out forms and overwhelming the site. The system creates a combination of randomly generated numbers and letters for the user to input in order confirm that they are human.

But this time CAPTCHA generated the following -

Francis says he couldn't believe what he saw. He immediately grabbed a screenshot and attempted to contact CarFax to report the issue. CarFax initially blamed the incident on a customer password issue, but once Francis explained that it was the CAPTCHA system and not a customer password, the company issued an apology.

"I am so sorry that such an offensive word appeared on one of our websites. We were just as shocked as you were to see it, and we took immediate action to address this as soon as we saw your email yesterday. Thank you also for providing the screenshot, which we also sent over to the development team this morning. The CAPTCHA service is provided by a third party, which means we do not directly control what displays. Will do whatever we can to make sure it does not happen again."

However, Francis says that the statement doesn't go far enough and he asked CarFax to give a donation to the NAACP or another civil rights organization.

Advertisement

As to how the CAPTCHA system could have generated such an offensive word, OregonLive spoke with Tom Shrimpton, a Portland State University associate professor of computer science who specializes in cryptology. He said CAPTCHA codes usually aren't even recognizable words and that the third party software is automated, most likely free of human monitoring.

"They are randomly generated combinations of letters and so the probability of an offensive word coming up is extremely small...It's certainly possible someone could have intentionally circumvented the letter-generation process to have a word appear...but that would require malicious intent."

Francis is still in the market for a pre-owned Prius and hopes CarFax and CAPTCHA find away to prevent this type of thing from ever happening again.

Advertisement

If you have a question, a tip, or something you would like to to share about car-buying, drop me a line at AutomatchConsulting@gmail.com and be sure to include your Kinja handle.