| ▲ | CAPTCHAs can still detect AI agents(research.roundtable.ai) |
| 27 points by timshell 2 hours ago | 11 comments |
| |
|
| ▲ | Cider9986 10 minutes ago | parent | next [-] |
| CAPTCHAs are great. Exploiters get around them with proprietary anti-detect browsers and unethical residential proxies, while privacy browsers and affordable privacy VPNs get blocked and shadowbanned to death. Fingerprint.com, while not a CAPTCHA, gives you +3 suspicious score just for using privacy settings like adblock on your browser. This makes it harder to sign up for any sites that use fingerprint.com. https://github.com/CloakHQ/CloakBrowser is a good anti-detect browser as well as CAPTCHA bypass. |
|
| ▲ | docheinestages 40 minutes ago | parent | prev | next [-] |
| I think it's just a game of cat and mouse. It might be easier to catch naive AI agents that are not fine-tuned for specific CAPTCHA tasks with human behavior, can't recognize new challenges, don't know when to stop and ask a human, and just want to brute force their way with limited or no specialized harness and tools available. |
|
| ▲ | technotarek 24 minutes ago | parent | prev | next [-] |
| Apparently CloudFlare’s turnstile can’t, as evidenced by several public-facing CRUD and mail routines we maintain that no longer are warding off the spam. |
| |
| ▲ | hellcow 20 minutes ago | parent [-] | | Meanwhile the moment I (a human, of which I'm reasonably confident) see a Cloudflare captcha I nope immediately out of the site and block it forevermore in Kagi. It's not worth the waiting game. "Verifying..." lasts ages. The anime girl captcha works fine and provides no such annoyance. |
|
|
| ▲ | cute_boi an hour ago | parent | prev | next [-] |
| I’ve been using Claude Opus 4.7 with Chrome MCP, and it has worked successfully about 95% of the time. However, I’ve failed various hCaptcha challenges. |
|
| ▲ | BiteCode_dev an hour ago | parent | prev [-] |
| Until they learn to do that. So cat and mouse. So nothing new. |
| |
| ▲ | catsrus an hour ago | parent [-] | | think the point is that they can't just "learn to do that", because to do so would mean solving human mind (that famously hasn't been going well) | | |
| ▲ | dpoloncsak 11 minutes ago | parent | next [-] | | until Google trains an AI model off that data, too | |
| ▲ | sigbottle 42 minutes ago | parent | prev [-] | | Well no, the idea is a tradeoff between interfaces and telemetry. OK, the agents don't click in the same way as humans. You learn that, what about mouse hovering telemetry, time spent, etc. And one of the most extreme is to force biometrics - a lot of telemetry, breaks the interface a lot - but hey, you have assurance. And none of these tradeoffs require understanding the deep processes of the human mind. Just, map is not the territory, how you do game the map harder and harder and how do the mapmakers respond to that? | | |
| ▲ | catsrus 38 minutes ago | parent [-] | | did you look at the paper? they specifically look at mini tasks with cognitive processes (Eg what dictates the strategy of how people solve tasks) | | |
| ▲ | CamperBob2 14 minutes ago | parent [-] | | LLMs can solve original math problems at the IMO level and beyond, and you might be talking to one now. I don't think they are going to have problems with any CAPTCHA short of separate device attestation. Whatever mechanism the paper proposes, rest assured it can be trained on. |
|
|
|
|
