So I wanted to book some places for my next holidays on Airbnb and I came on the most annoying CAPTCHA I ever saw<p><a href="https://i.postimg.cc/sXppmyxm/airbnbdes.png" rel="nofollow">https://i.postimg.cc/sXppmyxm/airbnbdes.png</a><p>Now you have to make sum of dices only to acces the website. And 5 times in a row.<p>And be sure to make no mistake ! I unfortunatly did on the fifth/last one (was getting really p*ssed), and had to start over !<p>So this morning I had to make around 50 dices sum just to acces this website.<p>I don't kow who came with this idea, but I find this really bad.
I see this as high-IQ software developers building systems to shut out non-high-IQ people from society. Managers look at these CAPTCHAs and think "oh I could solve these no problem, let's use them". In fact, they can only be solved by unusually smart people or by ML bots. Arkose Labs (the maker of this particular captcha) explicitly advertises that their methods can keep out "low-skilled workers" on "human fraud farms". They keep out everyone else too if they're not that good at mental rotation and mental arithmetic or logic -- this dice puzzle and the mouse labyrinth puzzle are pretty much prototypical IQ test problems.
It's Arkose Labs (also used by Roblox, GitHub, Dropbox, Twitch, and more). There's some more links here: <a href="https://github.com/dessant/buster/issues/178" rel="nofollow">https://github.com/dessant/buster/issues/178</a> (Buster is a browser extension for automated captcha solving). You can subscribe here <a href="https://github.com/dessant/buster/issues/320" rel="nofollow">https://github.com/dessant/buster/issues/320</a><p>Their audio captcha (no longer available?) involved listening to 3 MIDI tunes and picking "the sad one".
Airbnb has been very human hostile since the beginning.<p>The first time I had to create an account, they required that I connect with a google account with access to all my contacts. Then ask me to make a video of myself.<p>I didn't create the account and booked an hotel.<p>Now they are less aggressive with their new procedures, but still, you can see that the people behind it see technical solutions way before they perceive the human impact.<p>My grand-father was like that. A brilliant engineer from the most elite school of his generation in France. He once told me very seriously a solution for making more accommodations for the poorest people would be to remove individual bathrooms, and create common ones for the whole building instead.<p>Airbnb tech teams remind me of him.
Let's push the idiocracy to the extreme by asking Arkose to add a timeout to their captchas, so people have to solve it fast and make the default puzzle be a prime factorization.<p>Modern web become so unusable and poluted that I don't think that it can get worse.
As someone who added CAPTCHA to their own platform recently after resisting for years because of how much I hate them, I have to tell you that the unfortunate truth is that eventually bad actors ruin the party for everyone on every platform.<p>CAPTCHA is necessary for the same reason locking your car/house is necessary. You can probably not do it 9 times out of 10 and it will be fine, but then that 1/10 happens, all your stuff gets stolen, and you start locking your doors 100% of the time.
The single worst captcha I've ever had to this day was the « gift » of German hosting company 1&1, which managed to stonewall their customer support (I think) by putting it behind a captcha made exclusively of a string of the digit <i>1</i> and the lower case letter <i>l</i> in a font where they look nearly identical. I remember trying for an hour to get past it but never could. It left such a sour taste in my mouth that even 15 years later it's still engraved in my mind, and I refuse to ever do business with that company again.
That's the moment I'd recommend you to close the website and book a hotel.<p>The whole pandemic reminded me I miss staying in hotels.<p>Not having to worry about groceries, lunch, cleaning ... A great hotel experience turns your holiday into a holiday experience. The older I get the whole bnb experience feels like a premium stressful hostel.
Yeah, you know what computers suck at but it's relatively easy for humans? Summing numbers. /s<p>edit: I mean the captcha could keep all the "hard for robot" elements (recognizing top face, recognizing symbols) and remove the "hard for human" one (sum), like "select the dice that have the following symbols on top: <red circle>, <blue rectangle>, <green triangle>".
That looks like a really poor captcha, as overhyped as machine learning is I think defeating a system like this accurately is something you’d give as a class project. It might slow down legitimate users but anyone nefarious will get through. Never mind you can outsource solving these to Bali for a penny each - maybe less.
Captchas are often used to prevent credential stuffing where an attacker has a list of email addresses and passwords and runs a script to try those out on different sites.<p>They also help prevent password brute force, i.e. an attacker has your email and tries the top 100 passwords to crack your account.<p>There are other ways to tackle this, for example email OTP where a code (or link) is emailed to you before you login.<p>Probably the reason Captchas are getting harder is that there are services on the internet that will use human operators to crack captchas in a semi automated fashion.
I came across a website that wanted to force-feed ads to me before watching a video yesterday. However, they wanted <i>me</i> to select the best-fitting ad of 5 different ads with one ad playing automatically after 30s of not choosing one to play.<p>Sometimes this branch of reality feels like it wasn't meant for productive use. Needless to say I will never come back.
I've run into these before, on a site run by DataBricks. If you've never tried them, then you need to believe OP: There is something deeply broken about them. I suspect they're only used when the company doesn't want you to access the resource they're protecting.
I don’t know if Rockstar Social Club dice CAPTCHA is still around, but about half a year ago I’ve had an opportunity to experience it. That CAPTCHA required you to select one image out of six in which two displayed dice would add up to a certain number. To pass the test, you had to do this 10 times in a row, making no mistakes. The worst part was that it didn’t even tell you that you failed; it restarted the whole thing only when you finished selecting the last 10th image.
All CAPTCHA are abusive and hostile against the user.
Soon the EUPARL will debate&introduce a regulation to forbid CAPTHCA across EU.
The service providers/SaaS must find another way to protect their servers from abuse/DDOS, by not penalizing the users.
The other week I was in an argument with a product owner regarding an interface for creating new items in our web portal. His take was that we should make it more difficult to make new items, since that would make it annoying for our competitors to map our site and functionality. I would have loved watching Steve Jobs reaction to someone suggesting that to him.
Just a tip, if you find a place that looks nice to book on airbnb, try checking for booking directly. I found a place on airbnb and was in a hurry, but later when I checked the cabin rental's website, I found that the money I spent in fees to airbnb could get me an upgrade to a much nicer cabin if I had booked directly with the cabin rental company.
Funnily enough I got this captcha 2 days ago and tried searching out to see if anyone else had thought about how ridiculous this captcha is - couldn't find any discussions elsewhere though at the time. Glad someone has brought it up though.<p>There has to be better way to determine if someone is a robot or not surely.
I call this "protection from real customers".<p>If it takes me 5 minutes to solve this puzzle of yours, I just lost 5/60 of my hourly wage, which could easily be $10 or more.<p>What a novel idea to protect your website from real customers. The worst is when they do these puzzles when you simply want to access some static information like the product page, the cost of serving which is way below 1¢.
Why can't Google and apple solve the 'are you a human?' check at operating system level. As a user on mobile phone they are already tracking our clicks and should be easy to communicate that to the apps and browsers.
Putting besides the fact that I'm 100% certain it's not to hard to brake it with AI and it being dam annoying:<p>There are people with Discalculia, for them such a think is torture. This is an accessibility nightmare.
It feels like sometimes that developers are more interested in showing how clever they are than proving Im not a robot. If I can correctly choose 2 buses from 3 then surely give me the benefit of the doubt!
The issue is, we want tasks where it s easy to generate lots of data that a human of any level of healthy intelligence can solve with simple intuition and low prior skill.<p>I.e. exactly the kind of tasks where ML excels.
Captchas in general are user hostile and rude, when possible I back out and won’t use a website when I see them. If you give a company money when they fuck you, they are gonna keep fucking you.
Do you have a bunch of ad blockers or similar types of add-ons running? I doubt they’re using this sort of captcha for every user, and I wouldn’t be surprised if something about your setup flagged you as potentially malicious or fraudulent.<p>If your aim is to deactivate every other possible strategy a site has for knowing if you’re a real user or not, then of course you’re going to end up with stuff like this. This can’t possibly be a surprise to you, can it?
I found the world has more confusing captcha for foreigners...Like this Chinese captcha provider named TongDun. A Rubik's Cube like experience. Interesting.
<a href="https://postimg.cc/rdyh52mc" rel="nofollow">https://postimg.cc/rdyh52mc</a>
<a href="https://postimg.cc/HJL2V0Zk" rel="nofollow">https://postimg.cc/HJL2V0Zk</a>
I could understand if this was for a job application, but it does seem excessive<p>Requiring the sum of one set would (I think) be almost as effective and less painful
In the usa you can sue airbnb for ada accessibility compliance (this captcha spunds like an a obvious fail). all it takes to qualify tis feeling "embarrassed" by the way they treated you / or exparte.
You can do this in small claims court on your own, or behalf of an organization that helps other disabled web users.
I remember interviewing for Airbnb and how every interviewer made it a point to say user experience & design is in their core. In my head I was thinking slow page load time, dark user patterns, it takes several clicks to get to search results, home page feed is pretty much static.
At least they don't make you work for a company you possibly detest, like RECAPCHA forcing you to work for Google. It often boggles my mind how serious businesses do that kind of thing to their customers.
You're lucky. I always get prompted to access new terms of use and when I say yes, I get an error that I've tried to change something I don't have the right to change.
I have to say, knowing to only read the 'top' number in a picture that is two dimensions is kind of a heavy lift.<p>Part of my really wants to just add up every number I see in the picture.
I remember when Google's new CAPTCHA system was introduced and you just had one click and could get through, now you have to spend ages clicking photos of american busses.