- cross-posted to:
- technology@lemmy.world
- cross-posted to:
- technology@lemmy.world
Anyone who has been surfing the web for a while is probably used to clicking through a CAPTCHA grid of street images, identifying everyday objects to prove that they’re a human and not an automated bot. Now, though, new research claims that locally run bots using specially trained image-recognition models can match human-level performance in this style of CAPTCHA, achieving a 100 percent success rate despite being decidedly not human.
ETH Zurich PhD student Andreas Plesner and his colleagues’ new research, available as a pre-print paper, focuses on Google’s ReCAPTCHA v2, which challenges users to identify which street images in a grid contain items like bicycles, crosswalks, mountains, stairs, or traffic lights. Google began phasing that system out years ago in favor of an “invisible” reCAPTCHA v3 that analyzes user interactions rather than offering an explicit challenge.
Despite this, the older reCAPTCHA v2 is still used by millions of websites. And even sites that use the updated reCAPTCHA v3 will sometimes use reCAPTCHA v2 as a fallback when the updated system gives a user a low “human” confidence rating.
I fucking hate these. I’ve seen old people that don’t know any better get stuck on these for at least 30 minutes.
Same. That’s why Buster is my most recent must-have browser extension, alongside such greats as ublock and sponsorblock.
it’s super ableist. if someone has poor vision or colorblindness chances are they’re going to miss things.
I have regular everything and I still fuck them up. “click the ones with a fire hydrant”. But a tiny piece of fire hydrant is spilling into another box. Does it count? Does it not count? Good luck!!
I had one the other day that was deep fried jpegs to the max. Like, what the fuck am I supposed to do.
Sprinkle powdered sugar on them. Delicious deep fried jpegs.
They offer a sound option right below.
a hard to see option, aptly enough
I just close the page usually if I see one of these ones, I don’t have the patience to click all the boxes and then it just sends you a different one.
Unfortunately they’re on pages that I absolutely need to get into because my money is stored behind them. I cannot stand them, and I generally agree with you, if some random site has me doing a captcha in leaving.
I fail more of those checks then these AI bots do. Surreal.
Just be very general, don’t get stuck in the details.
It goes against my human nature to not overanalyze.
leaves plastic banana under your bed
You’ll find that, months from now, and you won’t know where it came from, or why it’s there.
Bots are answering them wrong. Google takes the most submitted answer as truth.
Aren’t these Captchas designed to get training data for AI models anyway?
“System does what it was designed to do” doesn’t feel that surprising…
Aren’t these Captchas designed to get training data for AI models anyway?
Yes and no, the captchas are just meant to be hard for computers to solve but easier for humans. People saw that, and thought that “if we’re making people do this might as well have them do something useful” not meant to be malevolent- and the purpose is still stopping bots, training them is a side-effect.
Pro-tip for webscrapers: using AI to solve captchas is a massive waste of effort and resources. Aim to not be presented with a captcha in the first place.
I think thats much more difficult than it seems, because usually only residential IPs are the ones that don’t get those. And if you start to use a residential proxy too much then that IP can also get flagged.
That’s why companies like Oxylabs exist
Depends on the case, sometimes its unavoidable.
That’s suspicious - I can’t pass 100%. here’s a new captcha for you: make the user do 100 in a row
- 100% is ai
- <50% is dumb “ai”
- in between is a person
we have trained them very well
So where’s my portable app to do so?
not at home but I believe there’s a few that run in docker.
Our long international nightmare is finally over!
I can see a future where the Internet is completely run by bots and AI to the point where no human actually uses the Internet anymore.
It’s like an island that gets overrun with rats - there are just too many to deal with so you leave.
Some believe this happened years ago. Check out Dead Internet Theory.
I’m already doing that now. If Lemmy starts showing signs of fuckery I’m out. I’ll switch back to magazines.
I already did… There’s some subscription stuff where you can read pretty much all available magazines and papers, it’s been a long time since I’ve been reading that much “news” and reports
Cool, so can Google shut it down now?
Buster is awesome to get past recaptcha. I use it with my own Speech to Text API key since its free from Google. Using Google to beat Google.
It’s so funny that this exists. I’m going to check it out!!
And yet I can’t beat the CAPTCHAs because reCAPTCHA doesn’t like VPNs lol
I was going to say I’ve straight up just left whatever website I was trying to access because I was stuck in some endless loop of clicking on street crossings, buses, bikes, and street lights.
Captcha these days isn’t even really a CAPTCHA in the traditional sense since most of the work it does is based on filtering of IP and browser fingerprinting, with a certain level of gamification because the goal is not just to keep out the people they fight against, but to waste their time, would work great if it didn’t waste normal people’s time, while real bad actors have easy ways to get around it.
So can we stop using those damn things? They’re super annoying!
Just means they’ll get harder, but maybe not for people, just needs to be harder for a computer
I’m kind of hoping the AI permanently beats them. I hate them too.
This is actually a good sign for self driving. Google was using this data as a training set for Waymo. If AI is accurately identifying vehicles and traffic markings, it should be able to process interactions with them easier.
As I understand it, the point of those captchas was never really “bots can’t identify these things” (though you’re right on that it was used to train). They use cursor movement, clicks, and other behaviours while you’re solving it to detect if you are a bot or not.
Is that why I’m asked to do this over and over for 14 million times when I’m on a VPN?
It is probably part of it, yeah. But to be clear I’m not a captcha expert or anything, just a layman.
It’s a combination.
Most captchas goals generally aren’t 100% prevention, it’s to put a workload in front, this makes spamming the site cost money, a bankrolled attempt could just as easily outsource the captchas to real humans.
Since I started getting good at yosu and that fishing mini game in farmrpg I’ve been failing more captchas. I wonder if they’re related knowing this
The image choosing was always just to train their own bots
The annoying thing is that they held us hostage for our free labor, but the results are proprietary for Google’s benefit only.
That training data ought to be forced to be made freely available to the public, since we’re the ones who actually created it.
Afaik this is precisely what the captcha data was intended for - training AI models. Originally leveraged machine learning. LLMs are a slightly different paradigm but same purpose and results here.
i hope you’re joking. please, tell me you’re joking?
Well reCaptcha v1 was used for the digitization of books. And that they proudly talked about.
But to be honest, the pictures were in fact used to dether bots. But also to teach selfdriving cars. I think I also remember a time they used to ask to fill in house numbers probably for their Maps accuracy.
Its never been confirmed by Google, so I may be wrong. It still tracks that the data harvesting company with a AI self driving car project would use free human labor to identify road hazards.
I was referring to the “This is actually a good sign for self driving” part of their comment.
The captcha circumvention arms race has been going on for over two decades, and every new type of captcha has and will continue to be broken as soon as it’s widely deployed enough that someone is motivated to spend the time to.
So, the notion that an academic paper about breaking the current generation of traffic-related captchas (something which the captcha solving industry has been doing for years with a pretty high success rate already) is “good news” for the autonomous vehicle industry (who has also been able to identify such objects well enough to continue existing and getting more regulatory approval for years now) is…
Not really. I’m not even sure what you’re disagreeing with based on the above comment.
My point is that if bog standard AI can accurately identify all of the road information from pictures, that is good news for self driving.
What was once a nearly impossible task for computers is now mundane, and can be used to improve safety/utility for self driving, especially for FOSS projects like comma.ai