Thread replies: 75
Thread images: 7
Thread images: 7
File: captcha.png (142KB, 1301x453px) Image search:
[Google]
142KB, 1301x453px
http://www.geek.com/mobile/google-updates-recaptcha-replaces-captcha-with-a-tick-box-1610837/
When will 4chan start using this simplified reCAPTCHA with risk analysis? What are your thoughts on this?
Video for the lazy: https://www.youtube.com/watch?v=jwslDn3ImM0
>>
>>45456018
>gay-ass folk guitar song in the background
Must google have this in everything? I bet it's full of subliminal messages. Also good job at not explaining anything
>>
Security IT guy here. It sounds sexy, but dat loss of privacy... I don't need Google looking at my history of loli picture browsing at work and home.
>>
It's shit.
https://www.google.com/recaptcha/api2/demo
Unless you're logged into your Google account and turn on third-party tracking cookies, it just gives you the old captcha in an awkward pop-up.
>>
So that's why the 4chan Pass sale happened.
>>
>>45460601
am logged into google account but have 3rd party cookies off (along with various privacy extensions) and it works fine
dont see why this is news though, some places, such as humble bundle have been using it for a while already.
>>
>>45456018
when will moot stop sucking google's dick?
>>
>>45460733
Cry
>>
>>45460638
It happened last year, newfig.
>>
>>45460638
> Implying cyber monday is not a yearly event.
> Implying cyber monday is an initiative from the United Jewdom of Mootlkins created specifically to separate us from our shekels.
>>
File: securimage_show.php?sid=846c071b792aa249dc3e91bb1a6508f2.png (4KB, 215x80px) Image search:
[Google]
4KB, 215x80px
https://www.phpcaptcha.org/
Isn't a server-side script like this good enough for 4chan?
I don't like where Google is taking Recaptcha.
>>
Moot wil never turn that on. How else would you sell those passes?
>>
File: hero-recaptcha-demo.gif (58KB, 616x164px) Image search:
[Google]
58KB, 616x164px
its just this you idiots.
>>
>>45460996
too easy to crack
>>
File: 1381149451273.jpg (135KB, 1024x1024px) Image search:
[Google]
135KB, 1024x1024px
>>45456018
never.
i remember how moot introduced capcha to stop anont@lk spam, and promised that it will be temporary measure, then he realized that he can cash in on passcodes.
look at krautcanal- they turn capcha on when there are spam waves and then turn it right off. not that hard, right?
>>
>>45462054
>then he realized that he can cash in on passcodes.
You mean like 3 years later?
>>
>>45462094
was it 3 years? i feel like passcodes were introduced shortly after capcha, like in a year or smth.
>>
>>45461938
Just increase the distortion and decrease the letter spacing if needed.
>>
>>45462105
are you dumb? passcodes came a long time after capatcha, after /q/ was deleted
>>
>>45462054
moot didn't want to "cash in", he fought against it for quite a while as he doesn't want to sell anything (dont ask me why)
it was 4chan itself that bitched at him until he implemented it. there were tons of suggestions about a way to have some people avoid captcha and the passes were the winning one
>>
Make a PSA and force him to make the change. People love making a fuss over stupid shit like this.
>>
File: op(5) a faggot(1) a dick(2) cum(1).jpg (190KB, 892x367px) Image search:
[Google]
190KB, 892x367px
>>45462202
It's still not enough, Google tried the same algorithm they use for Google Street View and it manages to crack up to 96% of their Captchas. Now they'll use this system of "found the cat picture" but even that will be useless in no time, look for "Evaluating Automatic Image Annotation Using Human Descriptions at Different Levels of Granularity".
>>
>>45462370
You're thinking under the assumption that 4chan spammers are as sophisticated as Google, which they are not.
>>
>>45462054
If he ever turns the captcha off, all the computers infected with the chafpin Trojan will spam the site and self replicate again.
>>
>>45462397
Nope, the posting URL has changed since then.
>>
>>45462387
The guy who made the chafpin Trojan put in code to OCR the captcha built into futaba when moot was trying it for browsers with javascript disabled.
>>
>>45462407
That captcha was absolutely terrible, though. There's a large gulf between "can be solved with imagemagick and gocr" and "can be solved by a team of Google engineers."
>>
>>45462403
Fair, but it's easy enough for the spammed to modify. There were several versions of the Trojan that ocred the futaba captcha and used tricks /g/ found to bypass recaptcha (namely at several points any input over a certain length was always validated as correct )
>>
>>45462397
but it was genuinely fun
>>
>that loss of privacy
You need to be signed in, google may as well have the ability to find out about your posts here.
This shit is horrible.
>>
>>45462758
Yeah. And they apparently track mouse movements too now. Used to just be IPs and other identifiable stuff that was already present like cookies.
It's really just a matter of
>will they figure out away to sell this data to people and will they be shitty enough people to actually do it, and
>will the NSA break in again and just take more of it anyway
They will most definitely store it in some form because that's how they identify people in the first place. So I'm afraid the answer to both of those is probably yes.
>>
>>45462837
well, I guess I will never use this shit ever.
>>
> $1 per 1000 challenges from hired captcha solvers
we just make a browser extension that calls India and sell discount 4chan passes and undercut moot to the point where he has no choice
>>
>>45462941
>$1/1K is a lot
If you can solve one CAPTCHA every two seconds, which is a pretty aggressive pace considering it takes half a second for the thing to even load, you'll get under $2 an hour assuming you maintain that rate with a focused pace. If it takes you four, which is more realistic, then you're not even making a buck.
Even for an Indian that would be pretty bad. It might not even pay for the electricity and hardware depreciation, especially after internet fees.
>>
>>45461910
Except it's not, it pops up the regular captcha after a few seconds.
It also requires you to run scripts from gstatic, which I refuse to do.
>>
>>45463066
Actually, it would be doable, if they can do it from home.
There's a profit margin in a buck an hour in India.
>>
>>45456018
Image-less CAPTCHAS exist for years. It's up to the website coder to come up with a good alternative. I dislike distorted texts because there are so many better ways.
reCAPTCHA doesn't even work well. I'm a forum administrator and we used it once and Spambots registered en masse. Now we switched to a Question & Answer CAPTCHA with questions related to our forum and it works really well. You can keep the questions really simple and it will still work against bots.
Obviously it will fail if you are targeted specifically, but that never happened.
Also the idea behind reCAPTCHA is to let users identify words their own algorithm couldn't. If they replace it with just a tick box, you have to wonder how Google gets an advantage out of that.
>>
>>45463778
>it will fail if you are targeted specifically
good plan m8
because 4chan wouldn't be targeted
because the other sites that are likely 50 times as big as your shitty forum won't be targeted
most of the 4chan spam we dealt with in the past was targeted at 4chan.
>>
>>45460601
I have third party cookies enabled and I'm logged into my Google account.
Despite this I still get the popup.
I hate my life.
>>
>>45463955
That was just my example. But we use phpBB and our options are limited. (Well, no, we have root access to the server, but why make it unnecessary complicated.)
You can do stuff like take a look at how long it takes someone to fill out the forms and if it is too fast or someone makes too many posts fall back to image CAPTCHAs.
Just use your brain and you'll come up with a good alternative.
>>
>>45456018
How does No-Captcha work?
What's the logic behind it?
making a script that says it's not a robot and it's favorite color is red would be qute simple.
>>
>>45464444
It analyzes your behavior anywhere it's embedded before, during and after you tick the box. I'm sure that it also integrates analysis with your Google account.
>>
>>45463989
It would seem it takes into account a number of factors which they're obviously not going to tell us. But at least for me, third party cookies and Google sign ins are definitely two of them.
>>
If the animation displayed is any indication of speed then I'd rather he didn't.
>>
>>45465099
So kind of if I'm a robot I'd click the box instantly, right?
>>
>>45462105
>i feel like passcodes were introduced shortly after capcha, like in a year or smth.
I can't estimate time well but it was certainly a long time after. Not a year.
>>
>>45465111
>tfw this captcha gets implemented on 4chan
>Can't just tab to the captcha input
>Have to click a button so I can be denied and forced to do the captcha that way
I should just end my life.
>>
>>45465135
I would assume so, yes. As well as filling out any input fields in a matter of milliseconds. It also analyzes your mouse movement, somehow.
>>
>>45460601
>Unless you're logged into your Google account and turn on third-party tracking cookies, it just gives you the old captcha in an awkward pop-up.
I'm fine with that. I should only have to fill it in once a session.
>>
>>45465182
>I'm fine with that. I should only have to fill it in once a session.
That's perhaps how it should work, but not how it works. Have you tested it out? As far as I can tell, getting the captcha right doesn't typically make the captchas go away next time.
>>
>>45465218
Damn you're right. Well I'm never going to make a Google account or allow their 3rd party cookies so this just made captchas even worse.
>>
File: new_captcha.png (27KB, 646x168px) Image search:
[Google]
27KB, 646x168px
Seems like a lot of unnecessary stuff just for a CAPTCHA.
>>
yeah let me just give moot my name and email along with my social security number and checking account numbers too, i hope thats proof enough i'm not a robot :D
>>
Really? Bots crack hard ass scrambled captchas and Google expects that little checkbox will fix everything? Like any basement dweller can't program a bot to do that within minutes?
>>
If you dont want a google account or to be logged in 24/7, you cant use the internet now.
thanks jewgle
>>
Why can't moot use one of the MANY Captcha replacements?
>>
>>45456018
So the only new thing is they flag spam accounts?
>>
>>45465521
>>45465492
It's a lot more in-depth than that. There's a lot that happens in the background to determine whether you're a bot when you load these.
>>
>>45465509
because 4chan gold pass shekels
>>
>>45465528
so they also get all of your data? cool botnet, I prefer to type then
>>
>>45465528
How do you know? Are you a Google employee?
>>
>>45465566
No, I just have basic reading comprehension and research skills.
>>
>>45465566
Check out the thread from yesterday, someone posted an interesting link about how it monitors browser behavior like clicks and mouse movement.
>>
>>45460601
The audio CAPTCHA doesn't work for me.
>>
>>45465687
I reckon they'll implement the audio CAPTCHA properly on live sites that already use the new API. I'll test it on Humble Bundle or WordPress to check it.
>>
>>45465413
Well it needs to get enough shit from your computer to uniquely identify you no matter what network you're on.
>>
>>45456018
>The new reCAPTCHA API uses an Advanced Risk Analysis (ARA) system, which tracks user behavior before, during, and after they tick the reCAPTCHA
Maximum Botnet? How does the API know my behavior?
>>
>>45460885
kekd way too much
>>
>>45462397
im a newfag, what exactly made chafpin?
>mfw i failed now on the captcha the fucking third time
>>
>>45466980
>How does the API know my behavior?
Google's everywhere. Odds are they know what websites you were shitposting on 5 years ago.
>>
>>45467104
*did
>>
We're in this botnet hell just because web devs can't figure out their own way of distorting text with GD/ImageMagik/Pillow or whatever kids use these days.
>>
>>45466980
Using various javascript fuckery to collect data on you obviously.
>how long have you had this page open
>is there any mouse movement
Etc.
>>
>>45467251
More like checking if your IP+Agent matches natural searching habits on google.com
>>
>>45467104
Cornelia repeatedly uploaded a copy of itself as an HTA (Microsoft hypertext application) embedded in the pixels of a BMP image that was converted to PNG, along with instructions on how to extract and run it, written in the image to make it hard to filter. For comments it used reposted comments from other 4chan users, with some letters shuffled around. Some versions included random files from the computers of those who ran it.
Thread posts: 75
Thread images: 7
Thread images: 7