this post was submitted on 27 Sep 2024
787 points (98.6% liked)

Technology

59378 readers
3544 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Anyone who has been surfing the web for a while is probably used to clicking through a CAPTCHA grid of street images, identifying everyday objects to prove that they're a human and not an automated bot. Now, though, new research claims that locally run bots using specially trained image-recognition models can match human-level performance in this style of CAPTCHA, achieving a 100 percent success rate despite being decidedly not human.

ETH Zurich PhD student Andreas Plesner and his colleagues' new research, available as a pre-print paper, focuses on Google's ReCAPTCHA v2, which challenges users to identify which street images in a grid contain items like bicycles, crosswalks, mountains, stairs, or traffic lights. Google began phasing that system out years ago in favor of an "invisible" reCAPTCHA v3 that analyzes user interactions rather than offering an explicit challenge.

Despite this, the older reCAPTCHA v2 is still used by millions of websites. And even sites that use the updated reCAPTCHA v3 will sometimes use reCAPTCHA v2 as a fallback when the updated system gives a user a low "human" confidence rating.

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 13 points 1 month ago* (last edited 1 month ago)

CAPTCHA doesn't stop bots, and let us be honest, it never really did. It frustrated the hell out of people though, and caused people to waste time doing these challenges. Meanwhile even before AI bad actors and bots could get past it simply by using captcha solver services run by exploited humans solving captchas for the service.

It's a display of security theater meant to make normies feel safe but in reality doesn't stop most bad actors.

[–] [email protected] 13 points 1 month ago* (last edited 1 month ago)

Meanwhile I sometimes fail those. I have been locked out of applications because I missed a square of a bus, or perhaps because I like to be efficient in my mouse cursor movements. I ducking hate CAPTCHAs.

[–] [email protected] 11 points 1 month ago (1 children)

the new ones suck so fucking much though

[–] [email protected] 1 points 1 month ago (1 children)

If I see the newer ones pop up at all I just skip what ever the task is that was requiring me to bother with it.

[–] [email protected] 1 points 1 month ago (1 children)

i love when websites (twitter is a really bad example) hit me with like 8 captchas, and then if i get my username/password wrong i have to do another 8. It's just so obviously gaming for training data on shit lmao.

[–] [email protected] 1 points 1 month ago (1 children)

What is it actually training? Google owns captcha right?

[–] [email protected] 1 points 1 month ago

i have no clue, but i would assume it's native to twitter if they're pushing it that hard, either that or someone is paying a lot of money for that captcha access lol.

[–] [email protected] 3 points 1 month ago

There is a Russian captcha solver bot called xevil that costs under $100 (I think, last time I looked) that has been able to solve nearly all captchas for years. You just have to supply it with relatively expensive proxy IP addresses because Google rate limits solve attempts.

So the title of this article has been true for a long long time. Capatchas are absolutely useless except against poor or uninformed script kiddies.

[–] [email protected] 9 points 1 month ago

Technically the "correct" answer is set by the highest percentage of people choosing it. EG: 19 people select Box A and 1 selects Box B, then the machine decides Box A is in fact correct.

That means these AI could be selecting the wrong answers for all anybody knows, if enough of them are answering the prompts, and still passing.

[–] [email protected] 4 points 1 month ago (2 children)

So...if CAPTCHA are already beaten by bots what's the point if it still exists ? to mock our weakness ?
In the old days CAPTCHA could do its job, but nowadays nah....even crawler/scrapper/meta bots can bypass it easily.
The real question is why do we as real humans still often fail to beat CHAPTCHA? Are we less human? Are we really robots in CHAPTCHA perspective ?

[–] [email protected] 2 points 1 month ago

Just because it's possible, doesn't mean it's common.

[–] [email protected] 6 points 1 month ago (1 children)

To train Google/Cloudflare's AI tools, and to double check against DDOS. That's it.

[–] [email protected] 4 points 1 month ago (1 children)

So now we're going to have AI training other AIs

load more comments
view more: next ›