Google is killing CAPTCHA as we know it

By techbeck
in Back Page News

 Share

Recommended Posts

Grand Master

techbeck

Posted
Posted

If you've signed up for an account recently, you've probably seen it: a quick test that gives you a few distorted words and asks you to type them back in plaintext. The official name is CAPTCHA, a test designed to weed out the automated scripts used for spam, but it's been broken for a long time. Google recently showed off a system that could crack it 99.8 percent of the time, and most spammers are happy to run their scripts knowing just one in ten will slip through. But even though everyone knows CAPTCHA is broken, there hasn't been a clear idea of what might replace it.

 

This morning, Google is unveiling the best answer yet. It's called No-CAPTCHA, a new approach built on a new API, and it's already been adopted by Snapchat, Wordpress and Humble Bundle, among other partners. Instead of asking users to pass a test, Google's new system pre-screens each user's behavior and filters out anyone who's easily identifiable as human. Most users will simply see a check mark ? click the box and you've passed the test ? while anyone marked as suspicious will be given a more elaborate test.

 

More....

http://www.theverge.com/2014/12/3/7325925/google-is-killing-captcha-as-we-know-it

Link to comment
Share on other sites
Veteran

blank

Posted
Posted

 

CAPTCHAs are an unfortunate side effect of the internet. They're those irritating collection of numbers and letters morphed into some Surrealist dreck that leaves us guessing, and guessing, and guessing. Google wants to improve all of that with updates to reCAPTCHA, a one-click solution for telling websites that you are, in fact, a human being.

 

Wouldn't abandoning those Dali-like distortions defeat the purpose of protecting websites from bots? Not really, Google says, because the old CAPTCHA system wasn't working that great anyways:

 

 

While the new reCAPTCHA API may sound simple, there is a high degree of sophistication behind that modest checkbox. CAPTCHAs have long relied on the inability of robots to solve distorted text. However, our research recently showed that today's Artificial Intelligence technology can solve even the most difficult variant of distorted text at 99.8% accuracy. Thus distorted text, on its own, is no longer a dependable test.

 

So Instead of the clunky CAPTHA you're used to, Google's new API uses a "risk analysis" engine to decide whether you can bypass the reCAPTCHA with just a quick click, or if there needs to be further analysis that you are indeed flesh and blood. However, that more frustrating process should happen much less often. According to Google, sites like WordPress and Humble Bundles, which have already adopted the new API, have let users pass by with just one-click 60 and 80 percent of the time, respectively.

 

Google also wants to make reCAPTCHAs mobile-friendly since increasingly more and more of our computing is done on a smartphone or tablet. For this, Google relies on tricking bots with Computer Vision problems. For us humans, it's just a fun game of clicking images that match a given clues, such as kittens or turkeys.

 

Unfortunately, CAPTCHAs are a permanent fixture of the internet, so they'll still be sticking around in some form, but Google wants to make them a little more invisible and also include kittens, both of which I wholeheartedly support. [Google Blog via Wired]

 

http://gizmodo.com/googles-clever-plan-to-make-captchas-way-less-annoying-1666120272?utm_campaign=socialflow_gizmodo_facebook&utm_source=gizmodo_facebook&utm_medium=socialflow

 

 

anymore these dang captchas are increasing harder and harder to read.

Hope google can finally do away with them.

 

Some sites use the picture puzzles, or choose an icon, which are nice, but still not widely used.

Link to comment
Share on other sites
Grand Master

Nagisan

Posted
Posted

From TheVerge article:

 

Google engineers said the pre-screening would look at factors like IP addresses and time spent on page, but were cagey about exactly what information would be used, citing concerns that spammers would manipulate algorithms in response.

 

I'm guessing it could also do a quick search on the email address or something and attempts to figure out whether its a bot or not. For example, if I registered on a website that required my email (which is through gmail), they could match the IP I'm using to normal IPs I access my account from (to stop or slow false registrations) as well as general usage.....things like "Is this email active, does it send spam, etc", though that part would only work for gmail addresses and only where entering an email is required.

 

That being said the example it shows is very human friendly, for example showing a picture of a cat and asking you to select all images that match it (I'm assuming it means other pictures of cats as there was no exact match to the image shown) while it shows you 10 or so images of cats, dogs and other things, which would be difficult for a bot to discern without having previous knowledge of all the images it could use and running an image search to find the correct answer.

 

It wouldn't necessarily stop all bots, but it would likely increase the resources required to create accounts with bots.

Link to comment
Share on other sites
This topic is now closed to further replies.
 Share
Go to topic listing