• dragontamer@lemmy.world
    link
    fedilink
    English
    arrow-up
    32
    arrow-down
    1
    ·
    1 year ago

    Except we know its not true.

    Just one month ago, Lemmy didn’t have CAPTCHAs, and we were hit by so many script-kiddies that signups to https://lemmy.world had to be disabled.

    The hackers who will create thousands-of-accounts and make thousands-of-spam posts are largely low-quality hackers who don’t know how to make an AI bot. Proof? When the Admins added the dumbest of CAPTCHAs to https://lemmy.world, those fake-signups stopped.

    CAPTCHAs work, at least at the level that lemmy.world is at. We’ll have to get better as we get more popular but there’s an ocean of difference from wget/curl script-kiddie and AI-using bot master.

    • agent_flounder@lemmy.one
      link
      fedilink
      English
      arrow-up
      10
      ·
      1 year ago

      I suspect it is just a matter of time before someone makes the tech easy to use and affordable enough for the masses of bad actors.

    • Terrasque@infosec.pub
      link
      fedilink
      English
      arrow-up
      5
      ·
      edit-2
      1 year ago

      They work as in they raise the bar on how complex the bot needs to be.

      Believe me, there’s tons of spammers out there that have captcha cracking bots. They’re just not as dumb as the basic skiddie that can barely make a http POST

  • deong@lemmy.world
    link
    fedilink
    English
    arrow-up
    13
    ·
    1 year ago

    I’ve been saying for a while now that the actual test should be that you miss a couple. If you can look at a this 4 nanometer picture of what is either a bird, a sofa, or the titanic, and correctly tell me if it has part of one pedal from a bicycle in it, you’re a robot.

    • Brokkr@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      That’s already built in. If you answer too quickly or too accurately (with the pictures at least), it will give you another one. Best way to beat this is to select an incorrect answer and then deselect it before submitting

  • OfficerBribe@lemm.ee
    link
    fedilink
    English
    arrow-up
    8
    arrow-down
    1
    ·
    edit-2
    1 year ago

    Furthermore the bots’ solving times are significantly lower in all cases, except reCAPTCHA, where human solving time of 18 seconds is nearly similar to the bots’ time of 17.5 seconds.

    Due to this solving time captchas still provide an easy method how to reduce spammy request count. Also kind of doubt it is super easy to create your own setup that would bypass captchas so everyone could do this, but there probably are 3rd party services exactly for this.

    • JohnEdwa@kbin.social
      link
      fedilink
      arrow-up
      3
      arrow-down
      1
      ·
      1 year ago

      Countless services exist where you can buy captcha solving, though currently it’s done by actual humans in developing countries for tiny pay. Yet another job that’s going to soon be replaced by AI, though this time it almost certainly will result in some people starving to death.

  • Brokkr@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    I thought the point of captchas was to train AI models?

    So does this mean all that work is finally paying off? This is a success right?

  • war@kbin.social
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    “AI bots”, my lord. Sounds like my grandmother trying to describe the modern world.