It is incredibly obvious that CAPTCHAs are at the very least a way of exploiting distributed labor to train AI.
They had been used to help with text recognition for book scanning for more than a decade. It has never been secret, it was explained on them time ago.
This is the logical progression, regardless of your feelings with “AI”
deleted by creator
This sounds like a conspiracy theory but I’d like to know more.
The study that they reference: https://arxiv.org/abs/2311.10911 [PDF]
They don’t seem to actually identify the cookies as tracking (as opposed to just identifying that the account can bypass further challenges), just assuming that any third party cookie has a monetary tracking value.
It also appears to be unreviewed and unpublished a few years later. Just being in paper format and up on arXiv doesn’t mean that the contents are reliable science.
we do so via a large-scale (over 3, 600 distinct users) 13-month real-world user study and post-study survey
results indicate that the website context directly influences (with statistically significant differences) solving time between pass- word recovery and account creation.
We explore the cost and security of reCAPTCHAv2 and conclude that it has an immense cost and no security. Overall, we believe that this study’s results prompt a natural conclusion: reCAPTCHAv2 and similar reCAPTCHA technology should be deprecated.
A reminder that recaptcha is no longer free, but since a few months ago now the website owner needs to pay $0.001 each time a verification is performed
https://cloud.google.com/recaptcha/docs/compare-tiers
Free tier is only 10k verifications per month and must link a valid credit card so they can charge you immediately when you reach higher level.
Hopefully this kills the product in the long term as bots solve recaptcha faster than humans, so it’s just for slowing down humans than actual security. I personally use a browser extension that solves them with a click in a second.
It’s a lot easier to determine the intent of this hed with the quote being closed somewhere. Just after “service” would have been my guess, but it’s a disservice to remove that and leave people dangling.
My larger issue is that when I’m faced with traffic lights – or, god forbid, motorcycles – this is performative nonsense wherein I’m supposed to guess percentage coverage on a given square without having been provided parameters.
At this point, CAPTCHAs feel designed to make sure you can never get through the first time, thus needing to continue training image models several times before I can just fucking do what I originally came to the site for.
At this point, CAPTCHAs feel designed […] training image models
It was never a secret:
The reCAPTCHA program originated with Guatemalan computer scientist Luis von Ahn, and was aided by a MacArthur Fellowship. An early CAPTCHA developer, he realized “he had unwittingly created a system that was frittering away, in ten-second increments, millions of hours of a most precious resource: human brain cycles”
I was fine with it when it was wavy text to digitise old works. This shit is just asinine and a time sink.
Yeah… only OCR and AI have advanced to the point where a spammer/bot can easily bypass them.
20+ years ago, Microsoft proposed a [Penny Black project](https://en.m.wikipedia.org/wiki/Penny_Black_(research_project)), which was superseded by reCAPTCHA. Nowadays, we might have to go back to that… maybe by mining crypto as a proof of effort.
Since Cloudflare published Turnstile I’ve hated Captchas even more, because Turnstile does it so much better. Captchas are such a hassle. One website I occasionally visit does not keep me logged in and then presents one of the worst captcha puzzle systems. Shitty captchas are a huge barrier.
Turnstile is, in almost all cases, one checkbox to click (I’ve never been challenged beyond that). All captcha puzzles should be replaced with Turnstile or similar simple (for the user to solve) tech.
How’s that work anyway. Fingerprinting?
The announcement blog post linked on the bottom of the linked Turnstile page has some info on that
For Turnstile, the actual act of checking a box isn’t important, it’s the background data we’re analyzing while the box is checked that matters. We find and stop bots by running a series of in-browser tests, checking browser characteristics, native browser APIs, and asking the browser to pass lightweight tests (ex: proof-of-work tests, proof-of-space tests) to prove that it’s an actual browser. The current deployment of Turnstile checks billions of visitors every day, and we are able to identify browser abnormalities that bots exhibit while attempting to pass those tests.
I’m a simple guy. If a website I visit uses any kind of captcha other than Cloudflare’s Turnstile, then I close that website and don’t use it ever again. I’m not interested in wasting five minutes picking which squares have busses in them because ReCaptcha has decided I have to do the captcha 200 times.
What is infuriating, is that some government official website in my country used google captcha
Past tense?
