reCAPTCHAs are finally readable by normal humans

I have a feeling this won't last very long now that they've publicized the fact that they profile a users interaction with the system. Things like rate of hitting captchas, mouse movements, characters typed before pressing send, etc are all easy to mimic and control if you know they're analyzing that info.

I thought maybe I was the only one who struggled with recaptcha captchas. On some sites I have literally tried 10-15 times before finally becoming too frustrated and giving up solving the captcha because whatever it was (form to fill out for a download, fill out a comment on a site), just wasn't worth the time I was wasting. Hugely irritating.

If you own a website and use Recaptcha for human verification you know it's been broken for years. Whether it's too hard for humans, too easy for bots, or by-passed using 3rd party labor for pennies per solve.

I wonder if a Javascript based proof-of-work system could be used as an alternative to CAPTCHAs. It wouldn't stop spam entirely but it would rate-limit it and possibly render some forms of spam unprofitable. Aa a bonus, the proof-of-work could be tied to something useful (Folding@home?) just like reCAPTCHA's CAPTCHAs are useful for digitizing books.

Does this mean that digitizing of books through reCAPTCHAs will be done at a much slower rate or not at all?

While it's nice that they're trying to design the captchas to be more user friendly, these new number captchas are quite easy to crack. This might lead to an uptick in spam as recaptcha ocrs become easier to create.

Google knows your searches, and I am pretty sure google knows every site you visit, via google analytics, which most sites run.<p>Combine this with browser fingerprinting (your browser&#x27;s fingerprint is incredibly unique), and the fact that you probably have a google account. There is a high probability they know who you are. From your history they can determine if you&#x27;re human or not.

I cannot believe that in 2013 captchas remain the most effective way to achieve whatever they are used for. I bet Google could bake something into Chrome to avoid captchas.

Personally I have an easier time typing the letter&#x2F;word based captchas than the digit ones.

<i>Perhaps in some glorious future utopian society, humans won&#x27;t have to see CAPTCHAs at all.</i><p>They don&#x27;t. You can implement basic defenses like hidden input forms or checkboxes that are masked by CSS rules or served on the client side with JavaScript to weed out bots from human users, among other less intrusive techniques.<p>Of course some bots may make use of high-level browser engines (such as those provided by acceptance testing frameworks) to try and get around this, plus you&#x27;ll always have cheap human labor. But ultimately, anti-spam is an arms race and simple tactics like this will get rid of most unwanted agents.

...and why, pray tell, are they still providing turing tests to humans, if they already know who the humans are, you ask?<p>Well! Very obviously, any human can behave just as maliciously as a bot might! So captchas are there to slow us down. Point blank. They are flood control. They prevent spam, be it from bot or human.<p>The real question is, why would Ars Technica be so chicken-shit, that they can&#x27;t come out and say that?