I experienced the HBO Max captchas just a few days ago. Everyone did since they launched a new app and made everyone switch to that and re-login.<p>Some of the solutions are clearly just wrong. I have a PhD in Computer Science and if I am failing multiple basic addition problems, I assure you that it isn't me, the answers are wrong.<p>I had to do the same audio puzzles and got the first audio puzzle wrong too, and I even had my partner helping me. It is clearly just a bad test bank. Which begs the question, if the answers are wrong and there are only 3 choices, then what's the point? Regardless of whether you are human or not you are going to guess it eventually in about 5 tries, which is what it gives you before locking you out.
This is Arkose MatchKey. Hopefully, they will one day fix the UI covering the images.<p><a href="https://www.arkoselabs.com/arkose-matchkey/" rel="nofollow">https://www.arkoselabs.com/arkose-matchkey/</a>
This is going to be one of the best parts of the new AI-ridden world: humans gradually getting locked out of and giving up on online services because the bots are more patient and more skilled at proving their humanness than humans are.<p>Twitter’s new captchas are also pretty insane, though not quite this bad last I ran into them.
Cruel And Prejudiced Test Completely Harming Accessibility<p>Imagine a non-native-english speaking visually impaired grandma trying to register to a random web service. CAPTCHAs are not a problem, people say, there are the audio versions, so go for it! Oh, you were never able to pick a language? Too bad you dont speak english. Oh, your hearing is not the best? You are clearly not a human, official stamp from SV. Why? Oh, we just couldn't think of any other solution, so we implemented CAPTCHA and just dumped you and your pesky disabled friends. What?! You want to cross the digital divide? Not as long as we are in power!
Did a bit at online fashion retailer Net a porter a while back, and they rolled their own ‘domain specific’ captcha that had you do things like "select the cuff links". I think it was pretty dynamically powered by their live catalogue.<p>Once during development I got a captcha that said "select the glasses" where my options was a photo of sunglasses, or a pair of glass drinking cups.
Not saying these are good, but it's been ~10 years and I still have no idea what I'm supposed to click when Google says "click the traffic lights." Just the light sections? What about the edge that takes up 10% of the adjoining box? What about the back or side of a different traffic light?<p>I've tried them all, and my success rate doesn't noticeably change.
Time's a flat circle. We've reinvented cable and have it delivered via the internet. The quality of the content has fallen off now that folks have been roped into the platforms and everything's getting bundled back up so you have to subsidize garbage just to watch a show or two you like per platform.
“Piracy is a service problem.” - Gabe Newell<p>Also, Arkose Labs CAPTCHA (what HBO Max is using) is awful, please don't use it. There's reCAPTCHA, hCAPTCHA, mCAPTCHA, and now even Cloudflare Turnstile. Or better yet, recognize your costumers can still download the movie for free whether your service exists or not and adapt your strategy to provide them with content easier :)
GitHub also has dice captchas.<p>I remember one day in class we were doing a group project and using GitHub to share our work, and a friend of mine had trouble to log into his GitHub account and got this captcha.<p>A team of 4 people in the class went to help him pass the (if I remember correctly) 10 tries you needed to have correct in order to log in.<p>And they still took about 10 minutes!
Some people miss the old user interfaces. Windows 95, XP, 2000 etc. What is the reason? We had some programs with a horrible interface (Real Player, for example), but never with this level of stupidity.<p>It's more of a joke than an interface, like reddit's competition for the worst volume control: <a href="https://uxdesign.cc/the-worst-volume-control-ui-in-the-world-60713dc86950" rel="nofollow">https://uxdesign.cc/the-worst-volume-control-ui-in-the-world...</a>
I see stuff like this and immediately think "the team responsible, in its entirety, should be fired." Zero conscious thought occurred during the entire lifecycle of this feature being implemented.
Terrible UX aside, aren't these really... REALLY easy to solve for a bot?<p>Sum the digits on the dies? 5 lines of openCV should do the trick<p>Find which of 3 (three!) extracts is a repeating pattern?? Could this be any easier? This sounds actually easier for a machine than for a human being!
The HBO MAX (aka just MAX now) in PS4 is just a disaster. Can't play videos anymore, as it gets stuck on a infinite loop in the intro of every movie.<p>It the remaining time is displayed as a negative integer, and for some reason the system just thinks the move is done and resets it to the beginning.<p>Seems like a bug that some very basic QA testing should have caught it.<p>The new rollout seems like a total clown show, and unfortunately it ruined the service and made it impossible for me to view movies, unless it is from a laptop.
I was cracking up when it started playing the bagpipes.<p>I don't think its too much of an exaggeration to say this is what happens when security teams don't receive enough pushback from the higher ups or from other teams. I see this all the time in large big tech companies.
I'm currently in a conversation with hCaptcha's Support team that has gotten a bit Kafka-esque. Apparently, in order to sign up for the Accessibility option, you need to... fill out a captcha.<p>Fantastic. Good job.
Captchas have gotten _crazy_ hard in the last year. The more difficult ones often take me 2-3 tries. There's got to be a better solution; in a year or two AIs are going to be performing these tasks better than humans possibly can.
I really want to sell a t-shirt that reads "I didn't visit your web site to play video games".<p>Incidentally, my other t-shirt would read "I don't care about your stupid app".
So the audio captcha was just two one-of-three challenges? How does this slow an automated bot down, it could just guess repeatedly and get it right 1/9th of the time.
Heard about the Arkose sale tactics at Roblox (a site whose usability is also nuked by them)<p>I've been told Arkose pay people to run these captchas and present lots of fancy metrics of attacks they've stopped (when in reality with Captcha's like this a lot of that is normal users) which is why some websites seem to be ok with destroying user experience by running this<p>I'd be surprised if anybody in a technical role decided on this provider
So the options are: basic ocr and arithmetic, and performing a Fourier transform?<p>Both that that computers are very good at, and have been good at for decades now?
Had similar issues with the Google recaptcha where the question is satisfied by either all the square or none of them - both being considered a wrong answer: <a href="https://twitter.com/ManiGandham/status/1635193312264200192" rel="nofollow">https://twitter.com/ManiGandham/status/1635193312264200192</a>
I think re-posting one of my past comments might be appropriate:<p>"All Captcha's could in the USA be illegal aswell under the ADA.... As some people with learning disabilities won't be able to complete them."
Until it works with noscript/basic (x)html browsers, fine by me (static HTML <audio> and <video>).<p>But how would you detect click farms with real humans via VPNs or compromised devices?<p>Not to mention AI, trained by those very click farms which may ramp up significantly the issue.<p>If a "valid" credit card or a wallet code is provided at account creation, a lot can filtered out (unicity, funds availability, etc).<p>Actually, there are so many ways to deal with that better than how it is currently done, I would have troubles to know where to start.<p>It is all about the skills of the people put in charge.
Computers and everything related to them should be all about helping me, but I have to spend even more time on idiocies like this, because I have to prove I'm not a bot... I have to accept the cookie monster bullshit everywhere, or I have to mark bicycles or fire hoses because google is so high up in its own back orifice it didn't have time with their 10K+ topnotch engineers to modernize their shit.<p>And these... I think epicgames also uses this horrible system, and I was on the brink of smashing something in the room, when I saw it.
GF said she had to cancel and switch to subscribing through Amazon because it wanted her to use an HDMI cable connected to her phone to play on the TV after the switch to Max.
Why is there a captcha at all? A paid subscription is a stronger signal of humanness than any captcha. I don't even see what use a bot would be in the first place.
I'm noticing a lot of sites using different captcha services, either in-house or a completely different one from Google's, and I can understand using CloudFlare's but I'm not sure what's driving the move. I'm not against it, but it felt like for ages ReCaptcha (or w/e) was king of captcha. Do they charge up a premium for some sites or something?
Let me remind folks:<p>There's no captchas on torrents, or trackers like thepiratebay.org<p>None at all.<p>Whereas you're evidently the enemy if you legit buy service.
What about twitter itself, where this was posted? It’s similar to this one and beyond ridiculous, and the best part is that at the end of the process it failed with a generic error message. Not sure if they were a/b testing or what but I ended up not creating the account.
The writing has been on the walls for captcha. We’re going to need some Idena-like solution, or services are going to have to deal with non-human uses as a normal occurrence and design anti-abuse mechanisms accordingly (or redefine abuse, or both).
Wow, those captchas almost look like satire. On a side note, what the hell is up with branding for HBO streaming? They’ve gone from HBO GO to HBO Now to HBO Max. And now, according to ads I recently saw, it’s just Max. Talk about whiplash.
I had the same Captcha system when I tried logging in to my Sony Playstation account as well a couple of days ago. Did eventually give up because it was basically unsolvable. Who would even want to implement a system like that?
Meanwhile in India, JioCinema gave away access to its streaming app for free and hosted 35M simultaneous live viewers yesterday for a cricket match.<p>What are these paid subscription platforms trying to protect?
you know what, my spouse actually wanted to subscribe to one of these kind of services. but now i guess i have to go back to the old way. could be piracy, or could be not watching any tv at all.
What did I just watch?<p>Someone recorded a computer screen <i>with their phone</i>. But that's not enough, it's recorded in vertical…<p>I'm really speechless seeing this level of IT illiteracy.<p>The completely messed up "captcha" fades away given that video…<p>Obligatory: <a href="https://www.youtube.com/watch?v=OaN2Y8GjIqA">https://www.youtube.com/watch?v=OaN2Y8GjIqA</a>