When will 4chan start using this simplified reCAPTCHA with risk analysis? What are your thoughts on this?
Video for the lazy: https://www.youtube.com/watch?v=jwslDn3ImM0
Unless you're logged into your Google account and turn on third-party tracking cookies, it just gives you the old captcha in an awkward pop-up.
am logged into google account but have 3rd party cookies off (along with various privacy extensions) and it works fine
dont see why this is news though, some places, such as humble bundle have been using it for a while already.
Isn't a server-side script like this good enough for 4chan?
I don't like where Google is taking Recaptcha.
i remember how moot introduced capcha to stop anont@lk spam, and promised that it will be temporary measure, then he realized that he can cash in on passcodes.
look at krautcanal- they turn capcha on when there are spam waves and then turn it right off. not that hard, right?
moot didn't want to "cash in", he fought against it for quite a while as he doesn't want to sell anything (dont ask me why)
it was 4chan itself that bitched at him until he implemented it. there were tons of suggestions about a way to have some people avoid captcha and the passes were the winning one
It's still not enough, Google tried the same algorithm they use for Google Street View and it manages to crack up to 96% of their Captchas. Now they'll use this system of "found the cat picture" but even that will be useless in no time, look for "Evaluating Automatic Image Annotation Using Human Descriptions at Different Levels of Granularity".
Fair, but it's easy enough for the spammed to modify. There were several versions of the Trojan that ocred the futaba captcha and used tricks /g/ found to bypass recaptcha (namely at several points any input over a certain length was always validated as correct )
Yeah. And they apparently track mouse movements too now. Used to just be IPs and other identifiable stuff that was already present like cookies.
It's really just a matter of
>will they figure out away to sell this data to people and will they be shitty enough people to actually do it, and
>will the NSA break in again and just take more of it anyway
They will most definitely store it in some form because that's how they identify people in the first place. So I'm afraid the answer to both of those is probably yes.
>$1/1K is a lot
If you can solve one CAPTCHA every two seconds, which is a pretty aggressive pace considering it takes half a second for the thing to even load, you'll get under $2 an hour assuming you maintain that rate with a focused pace. If it takes you four, which is more realistic, then you're not even making a buck.
Even for an Indian that would be pretty bad. It might not even pay for the electricity and hardware depreciation, especially after internet fees.
Image-less CAPTCHAS exist for years. It's up to the website coder to come up with a good alternative. I dislike distorted texts because there are so many better ways.
reCAPTCHA doesn't even work well. I'm a forum administrator and we used it once and Spambots registered en masse. Now we switched to a Question & Answer CAPTCHA with questions related to our forum and it works really well. You can keep the questions really simple and it will still work against bots.
Obviously it will fail if you are targeted specifically, but that never happened.
Also the idea behind reCAPTCHA is to let users identify words their own algorithm couldn't. If they replace it with just a tick box, you have to wonder how Google gets an advantage out of that.
>it will fail if you are targeted specifically
good plan m8
because 4chan wouldn't be targeted
because the other sites that are likely 50 times as big as your shitty forum won't be targeted
most of the 4chan spam we dealt with in the past was targeted at 4chan.
That was just my example. But we use phpBB and our options are limited. (Well, no, we have root access to the server, but why make it unnecessary complicated.)
You can do stuff like take a look at how long it takes someone to fill out the forms and if it is too fast or someone makes too many posts fall back to image CAPTCHAs.
Just use your brain and you'll come up with a good alternative.
It would seem it takes into account a number of factors which they're obviously not going to tell us. But at least for me, third party cookies and Google sign ins are definitely two of them.
>tfw this captcha gets implemented on 4chan
>Can't just tab to the captcha input
>Have to click a button so I can be denied and forced to do the captcha that way
I should just end my life.
>Unless you're logged into your Google account and turn on third-party tracking cookies, it just gives you the old captcha in an awkward pop-up.
I'm fine with that. I should only have to fill it in once a session.
>I'm fine with that. I should only have to fill it in once a session.
That's perhaps how it should work, but not how it works. Have you tested it out? As far as I can tell, getting the captcha right doesn't typically make the captchas go away next time.
Seems like a lot of unnecessary stuff just for a CAPTCHA.
>The new reCAPTCHA API uses an Advanced Risk Analysis (ARA) system, which tracks user behavior before, during, and after they tick the reCAPTCHA
Maximum Botnet? How does the API know my behavior?
Cornelia repeatedly uploaded a copy of itself as an HTA (Microsoft hypertext application) embedded in the pixels of a BMP image that was converted to PNG, along with instructions on how to extract and run it, written in the image to make it hard to filter. For comments it used reposted comments from other 4chan users, with some letters shuffled around. Some versions included random files from the computers of those who ran it.