I'm telling you, if you use on your website it's like spitting into the face of the people that want to use your service.

· Web · 9 · 72 · 64

@pallgone One of the biggest problems these complaints about ReCaptcha have is that most of them are not constructive.

If you want someone to replace Google's captcha service from their web page, try to provide them an alternative that achieves (almost) the same without being a Google service.

Simply because from a technical and financial perspective most alternatives are either expensive or not efficient.

And expensive for most private web pages often means everything is not gratis.

@sheogorath @pallgone That's like saying, "If you don't like being punched in the face, please give me an alternative place to kick you."

Some of us prefer not being punched at all.

@deejoe @blocknonip @sheogorath my critisism goes much further. it's a rotten system and these shitty methods are the spreading cancer. don't cater to bullshit.


hmm. not sure I want to delve into how far you want to go, but brute forcing authentication has to be considered if we're to have it at all. seeing you here makes me think you're not for ditching it.


@deejoe against brute forcing auth there other methods, it's not even needed for that. it is out of sheer laziness they use these captchas: they don't give a shit about their users (because if they did, they would clearly *not* use those captchas). companies who don't give a shit about the people that use their website deserve to die @blocknonip @sheogorath

@blocknonip @pallgone

Well, captchas try solve a problem. Preventing bots from abusing a service. That's definitely a valid use case. The alternative is dropping suspicious traffic completely.

For example, your, for sure 😉, "best friends" at Cloudflare decided to implement captchas instead of simply dropping traffic. Because captchas are cheap, efficent and just work.

I'm not sure if you would prefer it when these pages simply drop tor-exit traffic completely.

@sheogorath all of that, and most except from googles are not screen reader friendly and don’t let blind users in.

Honest question. How would you ortherwise address the issue solved by capchas?

@Argus using simple questions which are made by humans and changed regularly so robots cannot be trained

@pallgone @Argus That’s a joke, I assume? Because that means you only need to give the answer to the bot once and then it can create as many account as it wants.

hah, obviously there will not only be *one* question. on bigger sites there would be even a team of people crafting answers and overlooking the signup process to make it AS GENTLE ON THE USER AS POSSIBLE. how do you fight bots? with HUMANS, not with OTHER BOTS. @js @Argus

@pallgone @Argus That does not scale even slightly. Doesn’t work either because you only need to answer every question once and then add it to your database. It’s clear you were lucky so far and never had to deal with real abuse. CAPTCHs suck and are annoying, and AI is becoming ever closer to being able to solve them better than humans. But academia has not found a better solution yet.

@js AFAIK itself doesn't use captchas on it's own signup forms. how can that be then? even wants you to solve a captcha for logins. wow. they really suck. @Argus

@pallgone @Argus Because they *require* you to provide your phone number to sign up. Do you want to provide your phone number to every site that is asking you to solve a CAPTCHA now? I think solving a CAPTCHA is much better than giving random people your phone number.

@js @Argus google didn't require a phone number for any account I have made over the years and didn't have a captcha either. clearly captchas are for lazy admins who do not care about users. but hey, it's good because that's how you can know whom you should avoid, like (the bastards demand a captcha even to login) and

@pallgone @Argus It had a CAPTCHA in the past and now requires a phone number.

CAPTCHAs are against mass registrations by bots, which then send millions of spam mails.

So, either you have clearly not understood what real problems CAPTCHAs solve, are advocating for leaving your phone number everywhere or are advocating for more spam. Which is it?

@js @pallgone @Argus It's not CAPTCHAs the problem, it's Google's reCAPTCHA. It's both a surveillance tool and an AI learning program...

@pallgone @Argus I dislike CAPTCHAs and you could neither anticipate what problem they solve, nor provide a working alternative (unsurprisingly, since academia also couldn't so far). This is your only argument? That's a child's argument. And complete ignorance to the problem.

Usually captchas are used to avoid spamming, like a brute force attack.
The correct way to avoid this is having login quotas in places. For example: you have daily 1000 logins, so you can put a quote of 1200 logins. Of course you can expand this a lot and make the algorithm decide the size. You also want a quota per-IP and so on.
There is lots of ways to avoid spam, its just that using captcha is much faster (and insecure).

@jlhertel using captchas is convenient for the hoster who disregards his users. not to seek alternative ways marks out a rotten business. @Argus

I will go a step further and say that even if you use captchas you should have other security measures in places,because even captchas are not 100% secure.
That being said, if you value your business and your customers, the minimal thing you should do is have proper security measures in places. If you implemented proper security, the captcha simple becomes a small thing that can be ignored.

A side note: very big and secure websites don't use captchas.
Take a look on Facebook and try to see if you find one.
I think google also doesn't uses captchas on their sites.

@hirojin probably for the same reason people enjoy waiting in long lines at hipster shops: folly

The website has changed dramatically since the early days, but used to have a great way to prove you weren't a robot when posting reviews. You would have to solve a very simple word problem like "Larry has two guitars and Sheila has Three, how many total guitars do they have?" You would have to input the right answer to post your review. Also, beyond robots, it would weed out complete idiots that can't do math.

@cigarBGuitarEfx yeah, that's a neat way to do it. the captcha proponents are just too lazy and dumb to really look for alternatives. instead they prefer to annoy their own users 😖

@cigarBGuitarEfx @pallgone the questions would have to be harder than that nowdays, e.g. #cleverbot can solve questions like that:

@cigarBGuitarEfx @pallgone maybe cleverbot just fluked it on that questions, it's failed sadly on everything else I asked such as "if bob is taller than mary but shorter than harry, is harry taller or shorter than mary?"

Yeah, not saying that would work today, the example I was giving was from about 10 years ago, but someone ought to be able to come up with something better than clicking on pictures of street signs for 10 minutes.

@cigarBGuitarEfx @pallgone it's interesting though I think it's going to get really difficult to be able to tell the difference between machine and human logins in the next few years.

My big question is... how long until the bots sue Captcha and the websites for discrimination? Just because their life is artificial, doesnt mean they shouldvbe treated any differently.

@cigarBGuitarEfx @pallgone yeah I guess at some point in the not too distant future bot rights are going to be a major issue. I guess it could also become very hard to actually classify beings as being bio/bot too.

@aran @cigarBGuitarEfx as long as the bots buy stuff and their behavior can be influenced by ads... all is well 😉

@pallgone @cigarBGuitarEfx at last the solution to prevent capitalism from killing itself! Make robots to earn money, watch ads and buy stuff 😂

@pallgone I despise captchas. The smaller and lighter ones where you have to enter a scrambled line of text is ok, but the fire hydrants and traffic lights are depressing.

@djsumdog I'd say you have to be clever, then it doesn't take a lot - and certainly not a

Sign in to participate in the conversation

Linux Geeks doing what Linux Geeks do..