CAPTCHAs have failed for 20 years

Posted by harsehaj 4 hours ago

CAPTCHAs have failed for 20 years(www.browserbase.com)

58 points | 46 commentspage 2

thenthenthen 3 hours ago|

Omg. I am on various VPN’s and now and again Google Auth (for youtube) throws me a captcha. They are mostly unreadable, but there is an audio option… which is just insane and does not make any sense, anyone had that? It sounds like a recording of 300 people speaking at the same time in a call center while on various dosages of LSD

nosioptar 3 hours ago||

I've actually been in a call center with 300 intoxicated folk all talking at once. Its easier to understand than the recaptcha audio.

(Only a couple folks on hallucinogenics, most on various downers.)

moralestapia 3 hours ago|||

I've got captchas that made me play a small game and I score like 3 points to go ahead, lol. For real.

willmadden 3 hours ago||

They give you that (or hieroglyphics) if you are using certain VPNs and don't leave a specific browser fingerprint.

prmoustache 3 hours ago||

There is a point where not leaving fingerprints becomes a fingerprint in itself.

GL26 4 hours ago||

Question that I've been wondering, can't attackers record human sessions and use it to attack a website to bypass cloudflare ?

bluGill 4 hours ago|

They can. They have already figured out a lot of what cloudflare is looking for and have figured out how to bypass it. (according to the article) Which is why protection is trying something else. I suppose this is why every website wants me to login with my google account (which I never use)

ezst 3 hours ago||

They have served to train multiple generations of ANN and ML algorithms, in that, I think they've been a resounding success!

randrus 3 hours ago||

Always reminds me of the forces that shape the mechanisms around the exchange of genetic information that powers evolution.

See: Red Queen by Matt Ridley.

visiondude 3 hours ago||

although not perfect for other reasons, a captcha made using phone motion and device attestation like prsn.you is a more challenging bypass for today’s agent environments

akimbostrawman 2 hours ago||

Failed? They have very successfully pushed people towards chromium browser and traceable residential IPs while also training AI.

throw7 3 hours ago||

Just today a website presented me a qrcode captcha. I threw up.

echoangle 4 hours ago||

Oh my good I hate AI articles. Why do we have to make an interactive visualization for every single sentence? Thanks for showing me how distorted text is made in steps.

And being a cat and mouse game doesn’t mean the defenders failed.

qweqwe14 4 hours ago|

> And being a cat and mouse game doesn’t mean the defenders failed.

It does though, in the end attackers always win. If something is a "cat and mouse game" then it's unwinnable by design from the defender side.

Sure, you can keep playing it if you feel like it, but at some point the attacker will be indistinguishable from a legitimate user and you will lose that fight.

echoangle 4 hours ago||

By that logic, every security task is doomed to fail. Spam detection and antivirus are cat and mouse games too. I wouldn’t say they fail just because they have to adapt over time.

kgwxd 3 hours ago||

They're great for keeping humans out. Tried to setup Discord on a new phone yesterday. CAPTCHAs over and over again, just trying to log in. I uninstalled instead.

cute_boi 3 hours ago|

It has failed because of these company like browserbase and hackers who hack smart device and TV's for residential proxy.

More comments...