The original reCAPTCHA served the dual purpose of fighting spam and training optical character recognition algorithms. It displayed a pair of words, one of which was unambiguously resolved by an OCR and the other of which OCRs couldn’t easily read. The first word was used to disambiguate humans from bots, and the second word was used to train the OCR.
Today, CAPTCHAs serve a similar purpose, except they’re used to train self-driving cars’ image recognition AIs. I always try to be a little subversive and correctly identify the images that are clearly unambiguously classified by the AI, and then purposefully screw up identifying the image that the AI struggles with. It lets me through the majority of the time, which indicates that my bad input made it into their training data.
Unlike the CAPTCHAs of yore, when machine vision simply was not advanced enough to solve them, anyone has access to pre-trained vision models easily capable of identifying the unambiguously resolved buses or crosswalks in the CAPTCHA image. The deterrent to spammers is no longer that actual humans need to solve the CAPTCHA, but rather that it’s too computationally expensive to solve them at scale. Today’s CAPTCHAs are basically Hashcash proof-of-work [0], but with the added benefit to Google et al. (and annoyance to users) that they help train computer vision models.
>> It displayed a pair of words, one of which was unambiguously resolved by an OCR and the other of which OCRs couldn’t easily read. The first word was used to disambiguate humans from bots, and the second word was used to train the OCR.
Was I the only person who has always inserted some nonsense word as my answer for the clearly scanned word? It was very obvious which word was generated and would be checked, and which one was scanned and which wouldn't be checked just accepted as-is. I always just typed in something else other than the word - I think it was just being contrarian against being used by a corporation to do their word recognition for them for free.
4chan famously promoted the usage of the n-word for that purpose. You're going to get enough wrong answers even with compliant users - I'm 100% positive any dev with at least two brain cells and a passing grade in statistics would be able to filter all of these out of the dataset.
But yeah, I also cross the street on the red light.
I mean, they probably do - so if 9/10 people said the word is "apple" and I said it's "banana" then it will accept apple. But at the same time I can't imagine I was the only one doing this.
Maybe the system has determined that you are human and you are intentionally attempting to mess with them. Since the primary goal of CAPTCHA (confirm that you are human) has been fulfilled and you appear to not be a good source for the secondary goal (crowdsource training data), the system decided to not waste any more time with you.
That's ok, the chances of several intentional saboteurs on a single image sample are presumably pretty low.
i.e. even if the saboteur rate was as high as 10%, and I only showed images three times, only 10% * 10% * 10% = 0.1% of data would have three people intentionally picking the wrong answer. I suspect the rate is much lower, and 99%+ people just want to pick the right answer to get the captcha program to go away as quickly as possible.
Images with less than 3/3 matching results in this example would presumably be retested until you got the desired confidence level.
Then assuming your ML model isn't overfit/overtrained, you could even then assess your original input data to detect/flag anomalies for manual review.
I figured this out a while ago and I do it as a challenge - how can I incorrectly pass the test - probably there are more of us doing this than you estimate? We could be in the majority (unlikely I know)
The only reason we still solve those stupid image recognition puzzles is because Google/Waymo and other self-driving car companies have managed to trick us into helping them do their training work for them.
Is there a link beyond that blog post explaining how it's a proof-of-work and how you keep people with thick wallets willing to pay for compute from exploiting?
I'm waiting for the check to arrive after all of these years of training—especially after moving to the East from the West and now I have 5× as many prompts.
How about the text ones that Google uses that are text that are alternately compressed and stretched in the same word to the degree that many of them are completely illegible to human eyes? Some of them appear like text wrapped around an invisible sphere almost like a mercator projection. What meaningful work domain is those captchas targeting?
The cynic in me says because I resent being forced to help multi-billion dollar companies crowdsource their AI training.
The techno-optimist in me says because I want to force them to improve their underlying models. When their engineers notice that their model struggles with weird edge cases that I purposefully mislabel (e.g. when prompted to select images containing motorcycles, I also pick a mountain bike with fat, motorcycle-sized tires), perhaps they will contemplate how to rigorously encode the concepts of “motorcycle” and “mountain bike” into their model, rather than simply pushing an abundance of training data through a black box classifier and hoping that by adding more crowdsourced data, it will eventually arrive at the right answer.
Not if you believe that the people working on this are going too fast and/or have a misguided goal.
I think it's reasonable to believe that real self-driving cars are not inevitable, or even if they are, deliberate disruption of this process is healthy; e.g. it shouldn't rely on something this dumb.
Don't you think that if this data was known to be widely and mostly beneficial, reCaptcha would be falling all over themselves to grab the good PR? The fact that regular folks hear virtually nothing about this strongly indicates that it's like most data collection -- if people knew the real deal they probably wouldn't happily sign on and would likely bring more questions than they want to deal with.
Not really, non-tech people don't know or care about reCaptcha. I still think its evil for reCaptcha to be so prolific and used for data collection, but it's a positive side-effect that its also used for less evil things like labeling for data sets.
Right. But if it was mostly good, whoever reCaptcha is could raise/make boatloads of money with "you're not just practicing safe computing, you're helping save children's lives" type ads/fundraising.
Then they can pay for their own mechanical Turk labour, thank you very much. I will not be sponsoring a corporation out of the goodness of my heart, out of my own time.
If I ever learn that they release that dataset to the public, my position on this may change.
If that is something important that we should rely on any company involved in that should be spending the readily available resources to do it correctly, not hoping that random people trying to log in to their email pick the correctly labeled data.
> a pair of words, one of which was unambiguously resolved by an OCR and the other of which OCRs couldn’t easily read
4chan had a lot of fun with this when it was first implemented. Perhaps unsurprisingly, there very quickly developed a campaign to have everyone insert "n**r" in place of the unknown word. Many threads were dedicated to education, onboarding, and, of course, sharing 'trophies' when such a replacement was found to have taken effect in one of Google's products (Books, iirc?).
I know a little bit about this "industry". I would be pretty surprised if this actually done by AI. At least if it is, it's likely only AI-assisted. If it were truly AI, then they would make more money offering their own CAPTCHA service instead of a CAPTCHA-breaking service. You can see how many active workers (ie humans) are online on their network stats screen: https://nopecha.com/statistics_network
I'm surprised these players are still around. They've been operating for nearly 20 years back when I had discovered them.
The entire industry is actually not completely as black hat as you might think. Yes, it's used for spam and botting, but at least at the time a lot of people used it for bulk downloading, which is how I discovered it. Additionally, it does provide work for the poorer parts of the world.
This does seem to use AI or at least not use the "human workers" method.
Going to the Google SSO page for their signin flow and clicking on the blue domain name for their app, the Google auth page shows the email of the GCP account that started the auth project, which in this case is jaewany@gmail.com
Looking that up on Google shows that it corresponds to Jaewan Yun.
Looking him up on GitHub gives you his profile which contains some captcha solver extension code for this very website and also many TensorFlow-related things.
His personal website[1] also lists the solver under "My Products"
If I were to enter the CAPTCHA-breaking business today, I'd probably use one of these services at first to collect a million correct solutions for $800, and then use that dataset to train my AI.
Once the AI is good enough, I can buy a bunch of used GPUs from former ethereum miners, throw them in a cheap DC somewhere, and undercut everyone else! Sounds like a decent side project that could yield a bit of passive income. Somebody else has probably done it already. Maybe OP is that somebody.
This is what hCaptcha is currently doing, they are switching the image category every 24-72 hours.
How useful is it? Not very. Modern ML models such as mobilenet, resnet or yolo require only a few hundred images for it to be accurate to solve those captchas.
You don't need few million samples, with 500-700 images per category you are more than ready to solve current captchas.
As someone with experience using services like these, and at the price point and solve speed their offering its quite clear that is a model. Legacy players using low paid humans had solve speeds >20 seconds usually and now model based solvers are now down to under a second.
Note that while the Chrome extension declares that your data is not "used or transferred for purposes that are unrelated to the item's core functionality," their Privacy Policy totally allows for that: https://nopecha.com/privacy
> We may share Your information with Our business partners to offer You certain products, services or promotions.
Re-captcha is about google exercising monopoly power to try and force you to use their browser and let them track you. It has little to do with finding stopsigns or whatever. It would be cool to see that problem addressed, i.e. allow me to use the internet normally without a browser and privacy settings that google endorses.
Incidentally, in almost all cases, if I'm faced with a recaptcha, I just don't do the thing. I have foregone purchases and charity donations, and not used products, because organizations care so little about their customers that they think making us solve a puzzle before we give them money is acceptable.
> The main purpose of recaptcha is to prevent bots from abusing services
It's funny when people think they are adding to the conversation by contradicting a thoughtful and interesting comment (even if it may be a bit conspiracy-theory-ish), by simply re-reciting the corporate line.
I downvoted because I run several non-profit websites, and start without any captcha’s by default. But forms always end up getting spammed, and then I have to add some protection. This is literally why captchas exist in the first place, as well as why so many sites have them. Google came along and offered a convenient, free version, so many people started to use it, although I don’t. Why Google decided to offer it is possibly what you claim, but that changes nothing about why the nonprofit makes use of it.
It's not free. It increases friction, and at least in my case, results in abandoned transactions. I'm not well versed in the different options for spam protection (or the attacks) but I do know that most merchants don't make their users solve a puzzle, especially at a critical point along the purchase workflow where is it most likely to get derailed.
The fact that google is (probably unintentionally) particularly appealing to small providers or charities, pretending they offer a "free" product, makes it even worse.
Edit: not an endorsement, but elsewhere in the discussion someone posted a link to cloudflare's captcha solution, which they say specifically addresses the privacy and annoyingness concerns of Google's captcha. So there are options:
https://www.cloudflare.com/en-ca/products/turnstile/ (I'm not actually familiar with this, it may have a downside I don't know about)
(Also, disagreeing with something is generally a poor reason to downvote. It's much better to have a discussion, and I appreciate your comment)
True enough. That’s why I don’t use it. Google’s solution is absolutely awful, and I’m positive you aren’t the only one abandoning important flows on non-profit websites because of it.
I always just use a form field that's hidden by CSS or JS and then reject submissions with a value in that field. Just name the field after something bots or other services may care about but you don't (e.g. name, if you're not using real names).
Comparative benefit in the case of complex interactions is notoriously hard to judge.
A simple case of "subject does X and gains Y benefit" can, at scale become something like "subject is tasked with X, some fraction cooperate, some fraction defect, plus there are other induced effects such as cost of provisioning / supporting service S under various attack modes".
So:
- Without CAPTCHA, the service might be entirely nonviable.
- CAPTCHA tends to come with a large set of additional data-tracking elements and aspects. (E.g., I've got to enable multiple Google-domain JS in order to log in to several non-Google websites.)
- CAPTCHA itself directly consumes people's time, and thwarts legitimate use of numerous sites by many people.
- CAPTCHA and other countermeasures often mean that basic HTTP-based Web access is no longer viable. E.g., Internet Archive and Worldcat (two domains I make heavy use of) are no longer accessible via a terminal-mode browser. As I'd had (and still have) numerous terminal-mode query quick-lookup tools, this means I've now got to 1) break my terminal workflow and 2) invoke the full resources of a GUI browser (and usually a very limited set of very-heavy-weight such browsers) rather than run a quick one-liner on the terminal / command line.
(I'm not going to remotely pretend that this is a frequently encountered use-case from providers' perspectives. It's a frequently-encountered use-case from my perspective, however, and impacts strongly on various command-line, terminal, batch, script, automated tools, etc., and the value that these provided for Web interactions. Yes, in many cases, because of bad-faith / bad-actor abuse of those capabilities.)
- Measuring the net beneficial value of interactions is ... hard. A doctor looking up information probably has greater societal value than a bored pensioner or a pub's quiz-night team looking up answers to a game question. Discerning those at the Webserver level is ... difficult. Total requests is easy to measure, if not necessarily informative. W. Edwards Deming rolls in his grave....
I call that sort of reply "coin operated" - there is some crude pattern recognition that goes on (dropping any subtlety or new information a parent comment may be providing) and a sort of pre-recorded viewpoint gets spit out. There are certain topics where it's very common
I think it also happens sometimes when the parent comment hits close to home... perhaps someone actually worked on implementing a feature for a few years and even from the inside never figured out the actual purpose of what was being built. That cognitive dissonance hits hard when an outsider points it out in black and white. "Wait, I built non-consensual tracking software? But nobody told me they would use it for that!!!"
No, or at least, if it is now, it historically hasn’t been (Firefox in particular suffered from this due to default-blocking other signals that Google used). They also had “having a Google account cookie” as a signal, which is a pretty nasty abuse of power.
It's identity, which is why Google shows "Your computer or network may be sending automated queries" message on recaptcha if you trigger too many heuristic and IP reputation signals to be classified as a bot. That's why, for Google, you get to carry around your reputation in the form of your Google Account, and for Cloudflare, they have private access tokens[0] (which might be the only reason you don't get blocked by every CF site on iCloud Private Relay), and otherwise Cloudflare's big ambition is "human attestation" via WebAuthn credentials[1,2].
Google accounts give you a good score and tend to deliver easy captchas while dealing with Recaptcha; however, for this reason, google accounts are being sold and bought constantly.
People have tried similar fight tactics in the past. SMS and phone verification have failed because the return on investment is far greater than the price barrier it adds to get any of those "virtual identities".
iPhones might work but then, for how long? If you guarantee that an IPhone won't get captchas, it's a good investment to buy many old(or new) ones and sell token access to skip any captcha.
Many farms already have thousands of phones scrolling through youtube videos to get views, likes, and other stats for videos/channels.
The same "logic" applies to yubikeys and similar auth hardware; attackers can exploit it similarly.
Companies will tell you that they have abuse policies and actively fight abuse/bot farms, but again, they are not solving a problem but solving the problem with tape.
ReCAPTCHA was very useful for a while, it did genuinely stop bots reasonably well, but none of the "newer" versions seem as efficient as the older versions used to be. Progress stopped after V2.
...which really sucks when you try to use any of those sites via tor (no cookies, "bad" IP) or at a place with a shared external IP (public access points).
Open google.. captcha... every page has a 5 second cloudflare page before opening the page itself.
Bots have the time, they can wait and do other stuff in the meantime, but we, humans get bothered by that.
I've also wondered about the more speculative future of CAPTCHas - e.g. how to prove you are human when ML get better and better. Would be fun to add to the near future sci-fi I'm sometimes writing. I'd imagine CAPTCHAs could go towards social proofs ("Carl is asking you to verify he is human, are you sure?", doing things in the physical world ("Go out and make <this gesture> to the Google satellite") or being asked more and more difficult world reasoning questions, those that GPT (so far) struggle with.
Very cool, thanks for submitting this. I use Buster[1] but I've always been annoyed it doesn't support hCaptcha (used by Cloudflare). I'm excited to try this out!
I would argue that ReCAPTCHA’s still work, at least to some extent. Spamming a form is much easier to do when you don’t have to spin up an entire virtual browser to fill out those form while also paying for the GPU computer necessary to run this ML model. Plus, “click farms” for solving captchas have always existed, at cents per solve.
Plus, ReCAPTCHAv3 makes this entire attack irrelevant by making image classification not a part of the CAPTCHA.
I have seen recaptcha v3 bypassed with seemingly little effort by financially motivated spammers. I have also seen them spin up large numbers of Gmail accounts for email verification. I'm curious what people have tried that actually worked.
Can't speak for anyone else but we recently implemented V3 with V2 as a fallback entirely to help mitigate DDoS attacks. Haven't been hit with another one yet but I have a feeling it will be sufficient.
No luck in this situation. They were making ~$0.50-$1.00 per hit, and the captcha only slowed them down for a couple hours. The only think that stopped it was shutting down the source of the income, so legitimate users lost out.
Computers are getting better than human at solving these challenges. So recaptcha v4 might end up being a micropayment system since humans still have more money than bots.
In my opinion next gen captcha should be asking user to prove that he's human.
For example ask him to upload his video with his ID. This video will be verified by another human operator.
In the end, user will be given some kind of identifier. He should present that identifier to anyone asking if he's a robot.
Of course that kind of verification will be paid. So you're paying $100 to get a verified identifier and then you keep that identifier (probably in the form of private key with signed public key).
There will be multiple certificate authorities who will issue those certificates to people. Rest of software companies will trust those authorities.
You need to renew that certificate every year.
If someone spotted your certificate being used in a nefarious schemes, your certificate will be revoked and you'll need to pay $5000 fine next time you'll ask for new certificate.
If you don't possess certificate, you're not qualified to be a human.
From the submitted link we can find the homepage for this extension. You will then find that you can use the service over an API and a pricing page ($4.99/2K daily recognitions, $19.99/20K daily recognitions).
I would say this is useful for spammers and snipper bots.
Google have a special naughty list for anyone who google searches automatic or paid captcha solving, which makes recaptcha stricter for a few weeks/months. I wouldn’t be surprised if they apply it to visitors to this chrome web store page and/or installations of the addon
one thing that annoys me is they dont ask you HOW MANY boxes to check. So you dont know if you need to be "conservative" or "aggressive". So I started just clicking a single box, then if it prompts me I will keep adding one until I meet the requirement. I think sometimes its just one or two.
However some shitheads like Discord also wont tell you how many, and will also outright fail you if you click too few, forcing you to restart the whole multi-test process. So fuck all of it. I fully support this extension, they deserve what they get. They need to figure out how to make it hard to fake, without making it a nightmare for legitimate users.
this is obviously wrong, for reason I already gave. many times you can click one or two boxes, even though more "correct" boxes might exist. I dont want to click more than needed, thats wasted time. Although to be fair my method is probably slower overall.
I think that you need to have a behaviour similar to other humans. So I'm trying to think what squared would select some kind of ordinary human who want to get it done as soon as possible. Being very careful might actually work backwards.
isnt it time to abandon the idea and accept that the internet is more bots than humans and more malicious and hostile actors rather than well meaning ones?
twitter/fb/google with their vast ml knowhow still cant figure out how to weed out the bots, even the ones that are doing obviously bot actions, at this point we are just increasing the tracking and are in diminishing returns, so maybe its time for a paradigm shift of some sort.
show your id to read a blog because the blog has ads and we want to know you are not a bot, is this where we are heading?
maybe even worse send your faceid and touchid hashes or crypto signed heart rate?
Was wondering how these people make money... looks like you can buy 'enterprise plans' where you can have them solve captchas en-masse... Not sure if I agree with whatever people want to make use of that.
I am actually surprised to see this extension existing and listed on the extensions page. I bet google will remove this very soon. Unlike adblocks, this is threatening google's security claims.
I thought google's captcha (the tick captcha) used mouse and keyboard movements to detect humans. If a bot is using the web, their mouse movements must be either zero or very precise. So an erratic movement can be a signal of human user.
Is this actually how it's done? If it is, how can an AI beat that?
Thanks!
I cannot for the life of me figure out how this magic works. They claim Deep learning. If someone has some relevant material, please suggest them. Thank you!
Today, CAPTCHAs serve a similar purpose, except they’re used to train self-driving cars’ image recognition AIs. I always try to be a little subversive and correctly identify the images that are clearly unambiguously classified by the AI, and then purposefully screw up identifying the image that the AI struggles with. It lets me through the majority of the time, which indicates that my bad input made it into their training data.
Unlike the CAPTCHAs of yore, when machine vision simply was not advanced enough to solve them, anyone has access to pre-trained vision models easily capable of identifying the unambiguously resolved buses or crosswalks in the CAPTCHA image. The deterrent to spammers is no longer that actual humans need to solve the CAPTCHA, but rather that it’s too computationally expensive to solve them at scale. Today’s CAPTCHAs are basically Hashcash proof-of-work [0], but with the added benefit to Google et al. (and annoyance to users) that they help train computer vision models.
[0] https://en.m.wikipedia.org/wiki/Hashcash