“This step is necessary to prove I’m not a bot,” wrote the bot as it passed an anti-AI screening step.
Meanwhile my ass is in tears every time I have to do a fucking “click all the squares that show a motorcycle” prompt. Maybe I should just join the bots.
Ooh, sorry, you missed the single pixel on the corner of the adjacent tile, FAIL
You didn’t miss it the second time, ALSO FAIL
Meanwhile google slapped me with nine captchas to fill out a form like wtf?
Lemme guess… traffic lights, too many motorcycles, and buses? There was something “wrong” with your cookies cache or IP. Google just straight fucks with you if it sees network traffic it doesn’t like.
Google hates non chromium browsers
i never know what’s expected on those type of captcha. if the handle bars of a bike go into an adjacent box and are 99% covered by a hand does that count? what do you do when you have a blurry image full of jpg artifacts and are asked to identify if it contains a fire hydrant. I’m pretty sure it usually classifies me as a bot for being too exact since I’m asked follow ups for a few minutes until i give up and just close the tab out of annoyance.
That’s kind of the point, though. You’re teaching their AI how to make those decisions.
Am I? Or does it think I’m a bot?
I guess it’s on brand for Google to try and squeeze more value out of a product by making it worse for users. Just like Prabhakar Raghavan ruined Google search.
They almost always know whether or not you’re a bot before you get to any of those pictures. Making you deal with the pictures is how they “pay” for the capcha.
You’ll notice most of the images are related to traffic. That’s training data for their self driving cars.
Fuck that I might as well answer them wrong then. Bullshit
Makes sense.
- Google’s “anti bot” verification has long been considered woefully inadequate.
- It works largely by tracking how long the user takes to click on it.
- LLMs are inherently fuzzy and for a bot, incredibly slow.
The article talks about Cloudflare’s very different CAPTCHA, not Google’s, but I agree.
I count on Cloudflare’s useless captcha for my *arr stack.
Ah yes, cloudflare’s captcha that just tracks how many hits you’ve done in a timeframe on a site recently.
Same shit different pile.
From the screenshot in the article, the bot is bypassing Cloudflare’s Turnstile which is not just tracking hits.
I work in bot detection. You and anyone else reading this should understand that, behind the scenes, proof-of-work, proof-of-space, and other tests are being run to verify if the device is what it says it is. Typically, a bot is run with a tool like Playwright or Puppeteer. These frameworks are detectable with the right tests. Bots will also attempt to spoof another device’s fingerprints to blend in. These changes are also detectable if you know what to test for.
We implement tools like Turnstile and other CAPTCHAless CAPTCHA because bots are pretty good at passing CAPTCHA while humans, rightfully, hate verifying they they’re human. Humans also struggle at passing CAPTCHA.
The general population has zero idea the massive volume of bot traffic that is being generated right now. These tools are implemented for a reason. So the fact that a bot just breezes past this test is a problem for us all.
Definitely not “same shit different pile”, friend.
Lol who downvoted this
Thanks for the write up, but I was blocked from logging in on a cloudflare website because I opened too many windows once and their tracking cookie flagged that browser as a bot.
Meanwhile the bot I built to track mod updates to my modlist for Rimworld and Mw5 on nexus? Never ran into any issues.
So when I refer to Cloudflare’s bot detection as shit, that is a highly personal and professional opinion.
Cloudflare is one of many contributing factors to how annoying the internet is now.
