86
Google's reCAPTCHAv2 is just labor exploitation, boffins say • The Register (www.theregister.com)
submitted 1 month ago by sabreW4K3@lazysoci.al to c/technology@beehaw.org
17 comments fedilink hide all child comments

cross-posted from: https://lazysoci.al/post/15908451

I've been saying this and people keep arguing.

you are viewing a single comment's thread
view the rest of the comments
[-] theangriestbird@beehaw.org 35 points 1 month ago

This seems like the critical part to me:

The paper, released in November 2023, notes that even back in 2016 researchers were able to defeat reCAPTCHA v2 image challenges 70 percent of the time. The reCAPTCHA v2 checkbox challenge is even more vulnerable – the researchers claim it can be defeated 100 percent of the time.

reCAPTCHA v3 has fared no better. In 2019, researchers devised a reinforcement learning attack that breaks reCAPTCHAv3's behavior-based challenges 97 percent of the time.

So it isn't even effective at deterring bots? Then what the hell was all this for?

[-] Sneptaur@pawb.social 33 points 1 month ago

For getting free labor, of course.

[-] themurphy@lemmy.ml 30 points 1 month ago

We are basically training their models/bots for them.

[-] Kichae@lemmy.ca 15 points 1 month ago

It's great for gaslighting people into thinking they don't know what a bicycle looks like!

[-] Cube6392@beehaw.org 6 points 1 month ago

I spent a huge amount of time last night clicking on motorcycles because I absolutely could not convince PayPal or Google I was a legitimate human who wanted to exchange currency for goods and services

[-] saigot@lemmy.ca 1 points 1 month ago

I find if I trace a figure 8 in the screen with my mouse the captcha passes much more often. I think it probably reads the small variations in your mouse movement to sus out bots, so the figure 8 gives it more data to work with.

[-] Cube6392@beehaw.org 2 points 1 month ago

I eventually gave up and decided to see if they were being hostile to my network and privacy settings. Lo and behold, I was able to log in when I adjusted the strictness of my VPN. Fortunately the service I was trying to exchange currency for was a better VPN with more security and privacy, so I was willing to take the L on that one interactions

[-] prof@infosec.pub 14 points 1 month ago

Introducing a Captcha on a form on my website basically blocked bots 100% of the time. It's arguably good enough from a practical standpoint.

If someone really wants to exploit my site, then they will find a way. You can only make it harder but never truly impossible if you don't want to dispose of all convenience.

[-] theangriestbird@beehaw.org 5 points 1 month ago

thank you for sharing your experience! Good to hear an anecdote to the contrary.

this post was submitted on 24 Jul 2024
86 points (100.0% liked)

Technology

37554 readers
172 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
alyaza@beehaw.org
TheRtRevKaiser@beehaw.org
gyrfalcon@beehaw.org
rs5th@beehaw.org
coldredlight@beehaw.org
Los@beehaw.org
SemioticStandard@beehaw.org
TheRtRevKaiser@kbin.social
remington@beehaw.org