this post was submitted on 30 May 2024
1103 points (98.8% liked)

Funny

7013 readers
283 users here now

General rules:

Exceptions may be made at the discretion of the mods.

founded 2 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 131 points 7 months ago (3 children)

Captchas te not meant to deter all bots. It's meant to make it ever so slightly expensive that a mass DDOS attack would be extremely expensive to perform. Think like thousand sof requests per second, all being Captcha'd and how much it costs to run AI. It's current not a feasible solution.

There is cheaper AI that can solve Captchas though, and it's only gonna get cheaper.

[–] [email protected] 32 points 7 months ago (1 children)

It's long been cheap enough that you can pay a call center full of people in a developing country to solve them for you. Going to be a while before AI is cheaper than that.

Having used them to protect a few web sites from spammers filling up forms, they do cut down on the bullshit. This makes things more convenient for the people reading the information coming in from those forms, but I sometimes wonder if it's worth the cost of everyone else having to pick out the bicycles in the picture.

[–] Anticorp 6 points 7 months ago

They can't solve them a million times per minute though.

[–] [email protected] 28 points 7 months ago* (last edited 7 months ago) (1 children)

Also, captchas are meant to gather data to train on. That's why we used to have pictures of writing, but that's basically solved now. It's why we now have a lot of self driving vehicle focused ones now, like identifying busses, bikes, traffic lights/signs, and that sort of thing.

Captchas get humans to label data so the ML algorithms can train on it, eventually being able to identify the tests themselves.

[–] Anticorp 5 points 7 months ago (2 children)

Now it's making me identify developed pictures from a photo negative. I'm not quite sure what they're going to do with that training since computers can already perform that task.

[–] [email protected] 3 points 7 months ago (1 children)

Also the "select the image below containing the example image above."

Like... we already have computers that can recognize image repetitions.

[–] [email protected] 5 points 7 months ago

So that's almost certainly trying to gather data to defeat data poisoning. The other image is probably slightly altered in a way you can't detect.

[–] [email protected] 2 points 7 months ago

A common OCR tactic is to turn the image negative and bump the contrast to make text easier to recognize.

It could be a precursor for that step.

[–] Ballistic_86 16 points 7 months ago* (last edited 7 months ago) (2 children)

I believe this is why Google, and a few other companies, have started using behavioral analysis to figure out if you are human. Did your mouse wonder around the page before clicking to verify? Did you come from another website as if browsing the web? What device are you using and have you used it on this site before? Are you logged into an account? I’m sure they use many more factors, but it’s something that would be hard to replicate with bot behavior on a consistent basis (for now).

[–] [email protected] 6 points 7 months ago

Apple and Cloudflare are using “Private Access Tokens

Some negative implications for the open web I believe

[–] [email protected] 1 points 7 months ago

Basically yeah, but that has been the case since almost the start of recaptcha. Fingerprinting just got so good to the point that the visual test was not even needed anymore.