450
submitted 4 months ago* (last edited 4 months ago) by tek@calckey.world to c/technology@lemmy.world
top 50 comments
sorted by: hot top controversial new old
[-] Bonesince1997@lemmy.world 166 points 4 months ago

Bro, everytime I get the select all the 'x' tiles (motorcycle, bicycle, bus, etc) one I never know if it means "all" of them, like even ones with just a little bit on the tile. Does it want the tires, too? It's bullshit. Never seems to be correct, what I select.

[-] ultranaut@lemmy.world 100 points 4 months ago

I've always done any square that includes any part of the thing, so the tire on the bus or the helmet of the motorcycle rider. That no longer works for me though, recently I keep getting more images and they seemingly never stop so I just give up on whatever I was trying to load. Its pretty ridiculous how shit the internet has become.

[-] Eril@feddit.org 23 points 4 months ago

By now I'm up to filling one of these things. If they show me a second one, I'm out. Not wasting my time training some AI

[-] hendrik@palaver.p3x.de 13 points 4 months ago

I think they don't train AI with captchas anymore. That used to be the case 10 years ago when we put in all the house numbers for google maps. but as far as I know they learned to do it cheaper without the captcha service. as of now (and for some time already) the results are just wasted.

load more comments (2 replies)
[-] FutileRecipe@lemmy.world 15 points 4 months ago

so the tire on the bus

Ok, part of the bus.

the helmet of the motorcycle rider

The helmet is not part of a motorcycle. I will fail that captcha every time if it requires it.

[-] knatschus@discuss.tchncs.de 12 points 4 months ago

You're training AI on road safety, the head of the rider is the most important part of the motorcycle i would argue

load more comments (1 replies)
load more comments (2 replies)
[-] Exusia@lemmy.world 35 points 4 months ago

"select the bikes" That's a motorcycle and that's a moped. Those don't count-uh I fucking guess they do?

"Select the bus" Bro that's an intersection at 200 feet.

"Type the Captcha letters" Is that a lowercase r or a capital T?

[-] Damage@slrpnk.net 15 points 4 months ago

Lowercase L and uppercase i are so fucking problematic

load more comments (1 replies)
[-] EliteDragonX@lemmy.world 15 points 4 months ago

IKR! i try and solve the CAPTCHA and theres a tiny 5 nanometer slice of crosswalk on another tile, and i have no idea if i need to click it or not. And then sometimes you don’t have that issue, and you click all the correct tiles, and then it just takes you to another one, and another one, and another one… they really need to improve it

load more comments (2 replies)
[-] kambusha@sh.itjust.works 11 points 4 months ago

I don't think it matters, as that isn't the real test. Instead, it's testing whether you are "behaving" as a human. Mouse movements, hesitation etc.

[-] Fitik@fedia.io 7 points 4 months ago

@kambusha@sh.itjust.works Then why does it keep repeating it if I get a tiny detail or a letter wrong?

@technology@lemmy.world @tek@calckey.world @Bonesince1997@lemmy.world

load more comments (1 replies)
load more comments (2 replies)
load more comments (7 replies)
[-] cupcakezealot@lemmy.blahaj.zone 103 points 4 months ago

me: clicks all the traffic lights

<wrong!>

[-] Dark_Arc@social.packetloss.gg 52 points 4 months ago

I hate that captcha -- the Google captcha where a single image (like a picture of a street with traffic lights, bikes, buses, etc) is divided up -- it is the worst one by far.

[-] GamingChairModel@lemmy.world 30 points 4 months ago

I've always thought it was intentional so that humans could train the edge detection of the machine vision algorithms.

[-] Silentiea@lemmy.blahaj.zone 30 points 4 months ago

It is. The actual test for humans there isn't the fact that you clicked the right squares, it's how your mouse jitters or how your finger moves a bit when you tap.

[-] AnarchistArtificer@slrpnk.net 24 points 4 months ago

What really stresses me out is the question of whether a human on a motorcycle becomes part of the motorcycle.

[-] Plopp@lemmy.world 16 points 4 months ago

Of course not. But what about that millimeter of tire? Or the tenth of the rearview mirror?

load more comments (1 replies)
load more comments (3 replies)
[-] locuester@lemmy.zip 11 points 4 months ago

You can just click a couple squares and hit ok. It doesn’t have to be right.

load more comments (2 replies)
load more comments (1 replies)
[-] jwt@programming.dev 42 points 4 months ago

So we just invert the logic now, right?
Make the captcha impossibly hard to get right for humans but doable for bots, and let people in if they fail the test.

[-] banazir@lemmy.ml 37 points 4 months ago

I haven't been able to solve CAPTHCAs in years.

[-] lud@lemm.ee 27 points 4 months ago

I suggest you get an appointment with your local blade runner.

load more comments (1 replies)
[-] leanleft@lemmy.ml 36 points 4 months ago

Are you a robot?

I guess not

[-] lvxferre@mander.xyz 26 points 4 months ago

Ditching CAPTCHA systems because they don't work any more is kind of obvious. I'm more interested on what to replace them with; as in, what to use to prevent access of bots to a given resource and/or functionality.

In some cases we could use human connections to do that for us; that's basically what db0's Fediseer does, by creating a chain of groups of users (instances) guaranteeing each other.

[-] shortwavesurfer@lemmy.zip 18 points 4 months ago

Proof of work. This won't stop all bots from getting into the system, but it will prevent large numbers of them from doing so.

load more comments (4 replies)
[-] lauha@lemmy.one 13 points 4 months ago

What prevents the adversaries from guafanteeing their bots that then guarantee more bots?

[-] lvxferre@mander.xyz 15 points 4 months ago* (last edited 4 months ago)

The chain of trust being formed. If some adversary does slip past the radar, and gets guaranteed, once you revoke their access you're revoking the access of everyone else guaranteed by that person, by their guarantees, by their guarantees' guarantees, etc. recursively.

For example. Let's say that Alice is confirmed human (as you need to start somewhere, right?). Alice guarantees Bob and Charlie, saying "they're humans, let them in!". Bob is a good user and guarantees Dan and Ed. Now all five have access to the resource.

But let's say that Charlie is an adversary. She uses the system to guarantee a bunch of bots. And you detect bots in your network. They all backtrack to Charlie; so once you revoke access to Charlie, everyone else that she guaranteed loses access to the network. And their guarantees, etc. recursively.

If Charlie happened to also recruit a human, like Fran, Fran will also get orphaned like the bots. However Fran can simply ask someone else to be her guarantee.

[I'll edit this comment with a picture illustrating the process.]

EDIT: shitty infographic, behold!

Note that the Fediseer works in a simpler way, as each instance can only guarantee another instance (in this example I'm allowing multiple people to be guaranteed by the same person). However, the underlying reasoning is the same.

[-] ArmokGoB@lemmy.dbzer0.com 8 points 4 months ago

I feel like this could be abused by admins to create a system of social credit. An admin acting unethically could revoke access up the chain as punishment for being associated with people voicing unpopular opinions, for example.

load more comments (6 replies)
load more comments (6 replies)
load more comments (4 replies)
[-] Wistful@discuss.tchncs.de 17 points 4 months ago

So what would be a good solution to this? What is something simple that bots are bad at but humans are good at it?

[-] tal@lemmy.today 92 points 4 months ago
[-] db0@lemmy.dbzer0.com 35 points 4 months ago

Knowing what we now know, the bots will instead just make convincingly wrong arguments which appear constructive on the surface.

[-] DarkDarkHouse@lemmy.sdf.org 21 points 4 months ago

So, human level intelligence

load more comments (3 replies)
[-] OsrsNeedsF2P@lemmy.ml 33 points 4 months ago* (last edited 4 months ago)

I work in a related space. There is no good solution. Companies are quickly developing DRM that takes full control of your device to verify you're legit (think anticheat, but it's not called that). Android and iPhones already have it, Windows is coming with TPM and MacOS is coming soon too.

Edit: Fun fact, we actually know who is (beating the captchas). The problem is if we blocked them, they would figure out how we're detecting them and work around that. Then we'd just be blind to the size of the issue.

Edit2: Puzzle captchas around images are still a good way to beat 99% of commercial AIs due to how image recognition works (the text is extracted separately with a much more sophisticated model). But if I had to guess, image puzzles will be better solved by AI in a few years (if not sooner)

[-] brbposting@sh.itjust.works 21 points 4 months ago

I love Microsoft’s email signup CAPTCHA:

Repeat ten times. Get one wrong, restart.


iPhones already have it

Private Access Tokens? Enabled by default in Settings  > [your name] > Sign-In & Security > Automatic Verification. Neat that it works without us realizing it, but disconcerting nonetheless.

So, the spammers will need physical Android device farms…

[-] OsrsNeedsF2P@lemmy.ml 17 points 4 months ago* (last edited 4 months ago)

More industry insight: walls of phones like this is how company's like Plaid operate for connecting to banks that don't have APIs.

Plaid is the backend for a lot of customer to buisness financial services, including H&R Block, Affirm, Robinhood, Coinbase, and a whole bunch more

Edit: just confirmed, they did this to pass rate limiting, not due to lack of API access. They also stopped 1-2 years ago

load more comments (2 replies)
[-] EliteDragonX@lemmy.world 6 points 4 months ago

Oh my god. I lost my fucking mind at the microsoft one. You might aswell have them solve a PhD level theoretical physics question

load more comments (1 replies)
load more comments (1 replies)
[-] Lost_My_Mind@lemmy.world 10 points 4 months ago

Pizza toppings. Glue is not a topping.

load more comments (5 replies)
[-] NegativeInf@lemmy.world 8 points 4 months ago

Isn't the real security from how you and your browser act before and during the captcha? The point was to label the data with humans to make robots better at it. Any trivial/novel task is sufficient generally, right?

load more comments (7 replies)
[-] 96VXb9ktTjFnRi@feddit.nl 15 points 4 months ago* (last edited 4 months ago)

How the hell am I supposed to know which parts of that picture contain bicycles?

load more comments (4 replies)
[-] Plume@lemmy.blahaj.zone 14 points 4 months ago

Hey, failing at being a human being while trying to highlight where the bicycle starts and end on the picture is my job! You won't take that away from me, you fucking robot!

load more comments (1 replies)
[-] A_Random_Idiot@lemmy.world 12 points 4 months ago

am I gonna need an AI to solve captchas now?

cause they've gotten so patently stupidly ridiculous that I cant even solve them as a somewhat barely functional biological intelligence.

[-] Fuzzy_Red_Panda@lemm.ee 10 points 4 months ago

If some sites only need me to click the one checkbox to prove I am a human, why aren't ALL sites using this method?!

[-] kiagam@lemmy.world 18 points 4 months ago

when you have to click once, means they have been gathering all your actions up to that point, and for sure you are human. If you get asked to click images, means they don't have enough information yet, or you failed some security step (wrong password) and the site told captcha to be extra sure

load more comments
view more: next ›
this post was submitted on 19 Jul 2024
450 points (99.3% liked)

Technology

59598 readers
1993 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS