• BubbleMonkey@slrpnk.net
    link
    fedilink
    arrow-up
    88
    ·
    6 months ago

    I’m pretty sure that’s always what capchas were for… training ai image recognition.

    They just also use it as security theater.

    • OhNoMoreLemmy@lemmy.ml
      link
      fedilink
      arrow-up
      10
      arrow-down
      1
      ·
      edit-2
      6 months ago

      Not these ones. They’re automatically generated so the computer that creates them will already know what the string is meant to be. You don’t need human annotations to use these kinds of capcha as training data.

      This is just a road block. They’re designed to inconvenience spammers so you get less spam to delete.

    • polonius-rex@kbin.run
      link
      fedilink
      arrow-up
      5
      ·
      edit-2
      6 months ago

      it was both

      it used to be two screenshots of books, one of which was blurred as fuck, and one of which was usually pretty easy

      the easy one was to verify that you were a human, and the blurry one was to train ai

      now that they’ve moved on to “select all the fire hydrants” or whatever, you can still see a distinction between the ones the system knows and the ones the system doesn’t know, and if you get good enough at spotting it, you can pass the captcha while feeding it deliberately incorrect information

      similarly, the audio test will normally be a short phrase, the first half of which is harder to understand; if you get the second part of it right, you can basically write whatever you want for the first part

       

      also, i’m not sure security theater really exists as a concept in cybersecurity, because the psychology isn’t really the same

      bad actors will always be able to just hire people in meatspace to solve whatever shibboleth you throw at them, which is pennies per solve

      however, pennies per request is still a cost orders of magnitude higher than what each request would cost otherwise, so the hope is it pushes whatever scam or whatever you’re running into the territory of unprofitability

        • x_cell@slrpnk.net
          link
          fedilink
          arrow-up
          8
          ·
          6 months ago

          Probably? I’m no expert but I always answer with just lower case without issue

        • Muscar@discuss.online
          link
          fedilink
          arrow-up
          3
          arrow-down
          1
          ·
          6 months ago

          Less effective in what way? The actual answer is their use for training AI isn’t as good, but that’s not what I think you (or most other people) mean. The main use of them is to train AI via humans, the security is secondary and just a smart way to get free work.

      • Nougat@fedia.io
        link
        fedilink
        arrow-up
        3
        ·
        6 months ago

        Depends. I know that Microsoft changed to non-case sensitive not terribly long ago (for things like testexchangeconnectivity).

    • bobs_monkey@lemm.ee
      link
      fedilink
      arrow-up
      13
      ·
      6 months ago

      And bicycles.

      Tin foil hat theory: the oil lobby loves encouraging the use of bicycles for captchas because no matter what, there’s always part of the rim of the grainy ass photo just barely sticking into the other square, making you keep locating the fucking bicycles for hours on end, with the hopes that you absolutely hate the sight of them after you’ve developed PTSD from just trying to visit a stupid website to read something. God damn fucking bicycle captchas.

  • Fern@lemmy.world
    link
    fedilink
    arrow-up
    3
    ·
    6 months ago

    This came out a few months ago, right? A bit after chat gpt was tricking people into doing captchas for it.