Technology

37565 readers

576 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago

MODERATORS

[email protected]

Google's reCAPTCHAv2 is just labor exploitation, boffins say • The Register (www.theregister.com)

submitted 1 month ago by [email protected] to c/[email protected]

7 comments fedilink hide all child comments

cross-posted from: https://lazysoci.al/post/15908451

I've been saying this and people keep arguing.

top 7 comments

sorted by: hot top controversial new old

[–] [email protected] 2 points 1 month ago (2 children)

This seems like the critical part to me:

The paper, released in November 2023, notes that even back in 2016 researchers were able to defeat reCAPTCHA v2 image challenges 70 percent of the time. The reCAPTCHA v2 checkbox challenge is even more vulnerable – the researchers claim it can be defeated 100 percent of the time.

reCAPTCHA v3 has fared no better. In 2019, researchers devised a reinforcement learning attack that breaks reCAPTCHAv3's behavior-based challenges 97 percent of the time.

So it isn't even effective at deterring bots? Then what the hell was all this for?

[–] [email protected] 3 points 1 month ago

Introducing a Captcha on a form on my website basically blocked bots 100% of the time. It's arguably good enough from a practical standpoint.

If someone really wants to exploit my site, then they will find a way. You can only make it harder but never truly impossible if you don't want to dispose of all convenience.

[–] [email protected] 1 points 1 month ago (1 children)

For getting free labor, of course.

[–] [email protected] 1 points 1 month ago

We are basically training their models/bots for them.

[–] [email protected] 1 points 1 month ago

Yeah it's pretty clearly just getting people to manually train self-driving cars for a while now.

[–] [email protected] 0 points 1 month ago (1 children)

Always has been

[–] [email protected] 1 points 1 month ago

I mean that is true but there is some nuance.

At one time it was a cheap way to protect your site from drive by scripts and make your users help pay for that protection.

They still work in that way on say the comment section of a tiny WordPress blog because the cost to solve them isn't worth what a random boner pill ad is worth.

The issue now (made worse recently by LLMs) is that more bots then ever are scraping any and every thing so people are putting captchas on every bit of every web app content they have. This increases the work of your users while it only slows down the bots. The hope is that the cost to solve is slightly higher than the value of the data.