Let's recap reCAPTCHA gotcha: Our cunning AI can defeat Google's anti-bot tech, say uni boffins US-based academics claim they have developed a machine-learning system that can beat Google's bot-detecting reCAPTCHA system. Designed to stop stuff like automated scripts from doing things like creating accounts or purchasing tickets online en masse, reCAPTCHA v2 presents an image, or a series of images, and asks netizens to …
Have to respectfully disagree - the text ones you can just do a renew to get one you can read.
The picture based ones need to be killed with fire. Especially since it's all yank based and, as someone mentioned, not everyone around the world knows what a "crosswalk" is. It's the rough equivalent of a pelican crossing in the UK BTW.
Kill it with fire, drown the ashes, then lob the steaming pile into space. Can that AI thingie be made available for download so one can simply set it to attack the next recaptcha box, go get another beverage, come back to a completed exercise, and save some sanity?
Yup I have no idea what a "crosswalk" is, what constitutes a "storefront" for Google or why they show me pictures of yellow cars when they want me to click on Taxis. There's never a single black cab in any of the pictures! reCAPTCHA v2 is clearly the work of a Trump supporter because they think everyone understands Yank.
O.K. fair enough. It would be insane if the refresh wasn't there for the text ones. Yet, I'm finding that some of those text ones are so bad that a single refresh doesn't do it. I've definitely had to do more than a few refreshes for some of them.
Ah, you had to ask, didn't you? A Pelican (or PeLiCon) crossing is a Pedestrian Light Controlled crossing - a crossing with traffic lights activated by a pedestrian who wants to cross the road. Looking at https://www.drivingtests.co.nz/resources/pedestrian-crossings-and-refuges-sharing-the-roads-with-pedestrians/, you don't have them in NZ, nor most of the other menagerie of crossings - Puffin, Toucan, Pegasus, Tiger, and the extinct Panda, though you do have Zebras! See https://www.citylab.com/transportation/2012/03/puffins-pelicans-and-toucans-delightful-terms-british-crosswalks/1515/ for a quite amusing account of these creatures :-)
Ah, you had to ask, didn't you? A Pelican (or PeLiCon) crossing is a Pedestrian Light Controlled crossing - a crossing with traffic lights activated by a pedestrian who wants to cross the road.
Ah yes, I know what they are now. We have several here in NZ actually. I'd send you a link to one but google maps doesn't seem to want to show me the menu that'd allow me to activate street view.
Much like the one lower down in the link you gave, but without the accompanying road intersection.
(I notice the other sign - "Turning traffic give way to pedestrians" has been changing - used to be shortened to "PEDS" but someone took offence at the preference given to paedos..... Yes sadly we have people who have too few other real problems and a pathological need to complain, or to few braincells (or both)
The ones that boil my piss quickest are those that have a standalone image in each square and display a new one as you dismiss each one but it takes around thirty seconds to display each new image and keeps displaying new images for several days before letting you through
I'm fairly sure it breaches disability discrimination legislation but can't find a public body willing to pursue this. Instead they tell me to complaint individually to the companies using it to block me from contacting them.
reCaptcha and autism spectrum disorders are seriously incompatible.
Your so correct Captcha is so tiresome and annoying. I suffer from sight impairment and find it difficult to make out the letters, despite trying to refresh. The photos are just a blur to me. The audio, even worse. There must be a better way.
and WORSE, if you make the photos SO HARD TO READ that you CANNOT SEE THE OBJECTS, and you have to CLICK ON MULTIPLE SCREENS to get past it... kinda like NOW.
I had to use CAPTCHA on a California government web site the other day. IT REALLY PISSED ME OFF.
Find all of the traffic lights - ok a walk signal, obvious on the pole, is it a "traffic light" or not. Then there's one WAY off in the distance, do I included THAT square too? Seems like including it GETS YOU ANOTHER CAPTCHA because YOU FAILED IT.
@#$% captcha is the BANE OF TEH INTARWEBS. A _BOT_ that solves it BETTER THAN I CAN would be a WELCOME PLUGIN to my browser!!!
I hate the things as much as anyone else, often struggling to get them correct after numerous attempts; but some sites don't even implement them correctly. On several occasions I've spent some time filling in an online form or browsing and placing an order on wesites only to be confronted with a message prompting me to solve a CAPTCHA at the end or checkout... except there is no CAPTCHA there to solve. I tick the box "I'm not a robot" and nothing, nada, zilch. Result... I end up abandoning the site and buying elsewhere, never to return to the original site.
Sites that implement captchas are just strong arming you into working on train Googles self driving cars for free. Funny how most of those sites are also dependent on Googles Ads to keep the lights on. So just stick an ineffective captcha instead of using SSO, 2FA, FIDO tokens or Authenticator and stick with the one that exploits all of your users as slave labor.
Those images I'm afraid are already trained ... Google will get richer user activity reports, DATA, while the Average User (AU from now on) would probably see some kind of fun in the process except in cases already mentioned like when you don't understand english - not a bad opportunity to learn something anyway.
Other solutions require further data to be extracted, for the government, attackers, etc. while increasing your website security. Every website should provide at least two alternatives in my opinion, i.e., for those who like to play with graphics, or the 'better' 2FA for example. As a 2FA AU, I like to give - AU hint - my phone number only to mainstream companies that are supposed to better manage their anti-attackers, resources wise.
I'm afraid v3 will end up like v2 (if not more 'unreliable'), time will tell. You can always use both anyway.
Eager to see an innovative v4 .. But I'm afraid it will be based on V3 due to the fact that it's built upon multiple sources vs. how easy a puzzle problem a machine is able to solve (and Google's commitment with 'open source').
It's always bugged me at some deep level that I'm being forced to train Google's automated ML just to use things like banking websites, with that training then used to further break my privacy and limit what I can do in the real world. I've been pissed enough at it to try to feed it as much bad data as I can, hoping it'll do things like misidentify traffic lights as stop signs when Google tries to take over transport (I know, low chance of success, but still it's about the only act of rebellion available to me).
The faster we can just throw a few seconds of processor power at sidestepping the entire headache, the better in my opinion.
I am sorry... Maybe it's because I'm from a different part of the world... But, are you telling me that banks where you live, institutions that have, as one of their most important tasks (or at least pretend ;) to safeguard your money, do not rely on their own hardened security, but depend on a widely used, third party, outside their control application? And I'm not even referring to the implications of the privacy of your financials...
It's always bugged me at some deep level that I'm being forced to train Google's automated ML just to use things like banking websites
Start making some noise then. Surely you have a banking code of practice where you are that makes passing your details on to any 3rd party a bad thing? Privacy laws etc?
Make a bit of a fuss, name names etc, maybe ask around to see if there's a lawyer who'll do a class action on behalf of the bank's customers...
This stuff can be changed.
Recaptcha is used in large part to train machine learning algorithms in image recognition. Now it's been used enough that machine learning algorithms are able to pass the test used to train them. It does make one wonder exactly what they expected to happen. Take a system specifically designed to train computers to be able to pass a test, then use that test to identify computers that are unable to pass it...
This post has been deleted by its author
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
