this post was submitted on 19 Jul 2024
450 points (99.3% liked)
Technology
59123 readers
2290 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
So what would be a good solution to this? What is something simple that bots are bad at but humans are good at it?
I work in a related space. There is no good solution. Companies are quickly developing DRM that takes full control of your device to verify you're legit (think anticheat, but it's not called that). Android and iPhones already have it, Windows is coming with TPM and MacOS is coming soon too.
Edit: Fun fact, we actually know who is (beating the captchas). The problem is if we blocked them, they would figure out how we're detecting them and work around that. Then we'd just be blind to the size of the issue.
Edit2: Puzzle captchas around images are still a good way to beat 99% of commercial AIs due to how image recognition works (the text is extracted separately with a much more sophisticated model). But if I had to guess, image puzzles will be better solved by AI in a few years (if not sooner)
I love Microsoft’s email signup CAPTCHA:
Repeat ten times. Get one wrong, restart.
Private Access Tokens? Enabled by default in Settings > [your name] > Sign-In & Security > Automatic Verification. Neat that it works without us realizing it, but disconcerting nonetheless.
So, the spammers will need physical Android device farms…
Oh my god. I lost my fucking mind at the microsoft one. You might aswell have them solve a PhD level theoretical physics question
Just noticed the screenshot shows 1 of 5.
So five wasn’t good enough… they had to double it. Do kinda respect that they’re fighting spammers, but wonder how Google does it with Gmail. They seem to have tightened then recently loosened up on their requirement for SMS verification (but this may be an inaccurate perception).