Slashgear: ChatGPT Successfully Outsmarts Anti-Bot Test By Pretending To Be Blind . “Used responsibly, AI can potentially change the way we work, learn, and create. But according to The Telegraph, researchers wrote in an academic paper that the AI model behind ChatGPT went to great lengths to trick a human being into passing an anti-robot check to gain access to a website.”
The Verge: Turnstile is Cloudflare’s latest attempt to rid the web of CAPTCHAs. “Cloudflare is testing a new kind of CAPTCHA that tests your browser instead of you. The company calls it Turnstile, and it’s designed to spare us from performing those mundane click-the-traffic-light kinds of tasks to verify you’re a human and not a bot.”
MakeUseOf: Google’s ReCAPTCHAs Also Capture Your Private Information. “Interesting fact: you actually rarely encounter an original CAPTCHA. They’ve largely been supplanted by reCAPTCHAs, a system owned by search engine giant, Google. And in an effort to stop spambots, reCAPTCHAs have evolved so much, they’re now a threat to your privacy.”
Globe and Mail: Facebook reduces transparency of information on political-ad targeting. “The company is asking users to complete a ‘captcha’ – a visual challenge that asks people to pick out similar items in a photo or type out a sequence of letters and numbers, for example. These captchas are preventing tools designed to monitor users’ feeds from automatically collecting ad-targeting information. The impact of the captchas on the tool’s ability to collect targeting information is significant. In August, more than 86 per cent of ads collected had targeting information. Since the federal election campaign began, that number has dropped to 16 per cent.”
Mashable: YouTube Kids relies on poor math skills to keep children safe. “YouTube Kids is here to protect all the children who can’t do basic math. The current version of the kids app comes with a set of parental controls meant to ensure adults can both track what their children watch and set boundaries for age-appropriate content. The only problem is that the parental-control lock is easily bypassed. And yes, it’s so easy even a kid could do it. “
Fast Company: Suspicious of Google’s reCaptcha? Here’s a popular alternative. “In the fall of 2018, Google released a new version of reCaptcha, the company’s widely used bot detector. reCaptcha v3, as its called, is great at detecting bots but it has a dark side, as researchers suspect that Google is compromising users’ privacy to feed the system. Luckily, there’s alternative to reCaptcha for website owners who don’t trust Google—and could use a little extra cash.”
The Register: Google-whisperers beat reCaptcha voice challenge with 90% success rate. “University of Maryland researchers have given Google a ‘welcome to 2019’ gift by breaking its latest reCaptcha audio challenge. The work is a follow-up to an attack published in April 2017 by the university’s Kevin Bock, Daven Patel, George Hughey and Dave Levin, again attacking the audio challenges. Since then, Google has updated the code, and the boffins have updated their attack.”
Make Tech Easier: Google Recaptcha Gets an Update with No Verification Tasks. “There isn’t anyone who visits websites regularly on the Internet who hasn’t encountered a Google Recaptcha one too many times. It can be annoying when you just want to get to a website and are stopped by the pop-up asking you to check a box, type in a word, or solve a puzzle to prove you’re human. The good news is that Google has updated the system to Recaptcha v3, a system that requires no participation on the part of the visitor to the website.”
Washingtonian: This Twitter Bot Finds the Worst Drivers in DC. “A new Twitter bot has been exposing some hard truths about DC drivers. The worst ones rack up some intense parking tickets—as in $10,000 or more in unpaid fines. The current high score? $10,700. And was before the bot stopped granting high scores for that car’s plate.” I know there are bots and bots and bots, but I included this story because of the captcha angle.
Wired: Facebook’s New CAPTCHA Test: ‘upload A Clear Photo Of Your Face’. “The company is using a new kind of captcha to verify whether a user is a real person. According to a screenshot of the identity test shared on Twitter on Tuesday and verified by Facebook, the prompt says: ‘Please upload a photo of yourself that clearly shows your face. We’ll check it and then permanently delete it from our servers.’” Yeah. No.
The Register: Say what? Another reCaptcha attack, now against audio challenges. “Whatever Google has in mind to replace its reCaptcha had better be ready soon: another research group has found a way to defeat it. Late last week, researchers from startup Vicarious demonstrated their attack against reCaptcha’s image-based ‘I’m not a robot’ proof. Now University of Maryland boffins have busted Google’s audio accessibility feature.”
NPR: AI Model Fundamentally Cracks CAPTCHAs, Scientists Say. “Scientists say they have developed a computer model that fundamentally breaks through a key test used to tell a human from a bot. You’ve probably passed this test hundreds of times. Text-based CAPTCHAs, a rough acronym for Completely Automated Public Turing Test To Tell Computers and Humans Apart, are groups of jumbled characters along with squiggly lines and other background noise.”
Engadget: Google’s new reCAPTCHA automatically tells you’re not a bot. Well thank goodness, I need some affirmation. “Over the years, Google has utilised a number of methods to distinguish between human and bots on the web. Its take on the CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) test, known as reCAPTCHA, has required you to transcribe distorted words, confirm Street View addresses or simply just tick a box. Soon, you won’t need to do the hard work, because Google’s making the system invisible.”
The Inquirer: Security researcher breaks Google ReCaptcha with Google tools. “A SECURITY RESEARCHER HAS EARNED HIS MONEY this week by poking a fat hole into the Google Captcha system by turning Google on itself. The attack is simple, but that doesn’t mean that it is not capable. In very short terms, it takes the audio Captcha challenge from Google, runs it through Google’s voice recognition technology and throws it back as a response.”
From Amit Agarwal (of course): How to Add a Picture Password to your Google Forms. “…Google Forms do not allow passwords or CAPTCHAs to prevent spam bots from filling your forms with random data. Google itself maintains the reCAPTCHA project but it is not known if integration with Google Forms is in the works. There is a workaround, though.”
The ResearchBuzz Firehose is regular RB content presented as individual posts.
For digest-type posts a couple of times a day, please visit ResearchBuzz.
Want to know how to best use the Firehose for content discovery?
Check out this handy article.