The simplicity of it is logic defying. It used to be that you had to find crosswalks or move puzzle pieces or type blurred letters and numbers, but NOW all the sudden I can just click a box and HEY!, I’m human?

That’s hardly the Turing Test I’d expected.

  • @[email protected]
    link
    fedilink
    473 months ago

    Theres a few answrs to this

    1. It uses your movements before this to determine whether it feels like your a bot or not
    2. It makes you wait, the biggest issue with bots is they may try to log in say 50 different passwords for example, so if it takes 5 seconds to do each one it makes boting multiple acounts not worth it.
    3. Google uses catchphas with images to choose. They use this to train their own AI or data to sell
    • @[email protected]
      link
      fedilink
      English
      7
      edit-2
      3 months ago

      Smarter bots know how to easily avoid being detected based on the speed of their requests by simply adding a random delay to them. A few years ago we discovered a very slow speed credential stuffing attack (testing usernames & passwords) against my employers site. It was only testing one set of credentials every couple of minutes.

      Once we discovered it we didn’t block it though. We were able to spot the attack fairly easily once we knew what to look for, so we updated our system to always return a login failure no matter what credentials they sent.

    • @[email protected]
      link
      fedilink
      13 months ago

      To elaborate on point 1, it’s about uniqueness and timing of the path the mouse takes to click the checkbox. If it’s too straight or consistent it will red flag you.