[ ] I'm not a robot | Text-based CAPTCHAs cracked by AI after very little training - Sensationalist Headlines

[quote]Machines masquerading as humans have never had it so easy. New artificial intelligence can crack a range of CAPTCHAs — tests commonly used by websites to check if a user is a person or robot — with very little practice. Inspired by the human brain, a team from an artificial intelligence company in California has developed an algorithm that can be trained up to break complex text-based CAPTCHAs, including those used by PayPal and Google And it can do so with 50,000 times fewer training examples than current state-of-the-art programs. "We just have to accept that, as computer vision systems improve, traditional text-based CAPTCHA systems no longer offer the protection they used to," said study co-author Miguel Lazaro Gredilla of Vicarious AI. Source: [url]http://www.abc.net.au/news/science/2017-10-27/captcha-cracking-artificial-intelligence-machine-learning/9080608[/url] [/quote] More information in source article.

What new iteration of hell will captcha release on us to combat this?

Text-based CAPTCHA was already out-of-date, so this isn't at all surprising really

[QUOTE=c:;52824769]What new iteration of hell will captcha release on us to combat this?[/QUOTE] [video]https://youtu.be/WqnXp6Saa8Y[/video]

[QUOTE=c:;52824769]What new iteration of hell will captcha release on us to combat this?[/QUOTE] [img]http://i.imgur.com/EAZ9A3i.png[/img]

to be fair, robots have beaten captcha before. [video=youtube;fsF7enQY8uI]http://www.youtube.com/watch?v=fsF7enQY8uI[/video] This is still impressive, though.

[QUOTE=c:;52824769]What new iteration of hell will captcha release on us to combat this?[/QUOTE] Google has known text based captchas were broken since they bought reCAPTCHA. That's why they use their new I Am Not a Robot service. It uses Google tracking statistics rather than just the captchas. They assign a risk rating to every Google user it tracks and gives more difficult challenges based on the risk of a user being a bot. The big vulnerability that researchers have been exploiting is the fact that in about ~16 days of a single machine using Google services legitimately, Google lowers the risk score and lets the bot pass the more difficult captchas in favor of easy text captchas. That allows them to employ their cool text recognition AI to defeat the easy captchas with a high percentage. Basically, better risk statistics and the gradual phasing out of captchas entirely.

[QUOTE=Gbps;52824995]Google has known text based captchas were broken since they bought reCAPTCHA. That's why they use their new I Am Not a Robot service. It uses Google tracking statistics rather than just the captchas. They assign a risk rating to every Google user it tracks and gives more difficult challenges based on the risk of a user being a bot. The big vulnerability that researchers have been exploiting is the fact that in about ~16 days of a single machine using Google services legitimately, Google lowers the risk score and lets the bot pass the more difficult captchas in favor of easy text captchas.[/QUOTE] and then i'm over here looking like a fucking idiot with the ghostery tracker-blocking plugin as recaptcha makes me Click All Of The Squares With Cars In Them for the seventh time in a row while i'm trying to log in to soundcloud

[QUOTE=Cmx;52824787][img]http://i.imgur.com/EAZ9A3i.png[/img][/QUOTE] I haven't laughed out loud in a long time. Thanks.

and that's how you pass the Turing test

[QUOTE=nAXiom090;52825529]and that's how you pass the Turing test[/QUOTE] Only if it was a human operating the captcha, and it required a conversation.

Why don't we just use semantics? Show a picture and ask which of the multiple choice answers represents the same meaning, or something like that.

[QUOTE=Zenreon117;52826063]Why don't we just use semantics? Show a picture and ask which of the multiple choice answers represents the same meaning, or something like that.[/QUOTE] The unique tests must be generated by a server. If the server understands the semantics enough to make the questions, it would defeat the purpose. That's the central problem with bot prevention tests. Also singular multi-choice does not work. To be considered good enough by current standards (<1% success), you would need more than 100 choices to select from. It's a really hard problem, and there's quite a bit of research done in the field. There's really no simple solution. CAPTCHAs were the best solution we had for a long time.

I like Google's image based captchas the best.

[QUOTE=helifreak;52826569]I like Google's image based captchas the best.[/QUOTE] I hate them. Especially when you get things like 'click the road signs' and you click them but it doesn't register properly, and then it gives you another set of pictures and then in the words of DJ Khaled, another one. It's a PITA

[QUOTE=helifreak;52826569]I like Google's image based captchas the best.[/QUOTE] The image-based ones only appear if it doesn't recognise the cursor movement as "human", or possibly if you're constantly accessing the same captcha/page. The latter can be a bit annoying sometimes if you need to submit a form multiple times. The image based ones can be finicky like the above user said, so I'm not sure they're the "best". Otherwise, you just click the checkbox and you're done.

[QUOTE=Zenreon117;52826063]Why don't we just use semantics? Show a picture and ask which of the multiple choice answers represents the same meaning, or something like that.[/QUOTE] With machine learning algorythms semantics are going to be just as easy. In the end, we ARE resolving to semantics when doing captcha.

[QUOTE=xxfalconxx;52824915]to be fair, robots have beaten captcha before. [video=youtube;fsF7enQY8uI]http://www.youtube.com/watch?v=fsF7enQY8uI[/video] This is still impressive, though.[/QUOTE] This made me laugh harder than it should have.

[QUOTE=benbb;52826700]I hate them. Especially when you get things like 'click the road signs' and you click them but it doesn't register properly, and then it gives you another set of pictures and then in the words of DJ Khaled, another one. It's a PITA[/QUOTE] My favorite is when its like "select pictures with trains" then you select the 2 with trains in them and its like "please select ALL the pictures with trains" when the rest of them have nothing to do with trains.

Gets even worse if you're using a VPN that puts you in another country. Suddenly I don't have to just prove I'm a human, but I have to prove I can read Swedish as well

[QUOTE=benbb;52826700]I hate them. Especially when you get things like 'click the road signs' and you click them but it doesn't register properly, and then it gives you another set of pictures and then in the words of DJ Khaled, another one. It's a PITA[/QUOTE] I dunno man it worked perfectly every single time I've got it.

Guess it depends on how "robot"-like it thinks you are. Sometimes you only have to do 1 set of images which isn't too bad, but I've had times where I've had to sometimes even do 3, and that's where it gets frustrating. Especially when it's "draw lines around the street signs" instead of just clicking them

[QUOTE=c:;52824769]What new iteration of hell will captcha release on us to combat this?[/QUOTE] "Pls send nudes"

[QUOTE=c:;52824769]What new iteration of hell will captcha release on us to combat this?[/QUOTE] You can easily fool neural networks by adding various types of noise, like a filter onto the image. I guess it's harder to do on simple text based captchas though. [editline]27th October 2017[/editline] But recently I've heard about these networks that works to combat tampered inputs: [url]https://en.wikipedia.org/wiki/Adversarial_machine_learning[/url]

They're not the best, but they do fool robots (for now)

[QUOTE=Cmx;52826740]My favorite is when its like "select pictures with trains" then you select the 2 with trains in them and its like "please select ALL the pictures with trains" when the rest of them have nothing to do with trains.[/QUOTE] Never had that issue. I don't mind the "Click the squares of road signs" ones where you have to "highlight" the correct sections of the picture by clicking them, but the "Click the ones with X in them until there's no more pictures with X in them" piss me off to no end. You click it, and ANOTHER one pops up, click that, and ANOTHER ONE. Like 90% of my time with them is fucking clicking the same panel only for it to be replaced by another picture with X in it, sometimes like eight times in a row. It might be because I'm clicking too fast. (the slow fade from white isn't completely gone, but I can already see a fucking car in the picture so I'm not going to wait just to click it again.)

How robots do it? I barely can do it :/

You know, since my persona is a robot, actually getting flagged as a robot by CAPTCHAs is nice. But it's still annoying :v:

[QUOTE=Sockpuppetss;52827243]How robots do it? I barely can do it :/[/QUOTE] Oh god this is it. The robot takeover is begn.

[QUOTE=usaokay;52826898]is this why we have those shitty "click on the images that has signs in them" captchas now?[/QUOTE] They use that to help train Machine Learning models. Essentially, if they wanted to build a machine learning model that recognizes signs in pictures, they need a large amount of labeled images (IE, images they know for certain contain signs). Intrinsically, labeling images needs to be done by humans. From what I understand, they send images they think contain signs (probably taken automatically by a camera attached to a car at intersections, pointed at an angle that would likely capture a sign. Idk, just an example.) and put that into their captcha program's database. When a certain number of users label an image the same way, they accept it as a valid image to train their models on. An interesting side effect is that a small fraction of images that are used to check if you are human likely have little to no data on them. So you could click whatever and submit it. But this is a small fraction. Captcha used to be used in a similar way for transcribing books with difficult to read words. When they sent you two wierd looking words, they only knew what one of them was. The other was a word scanned in from a book. They counted on you filling in both correctly since you didn't know which was known and which they wanted you to transcribe. Also, I sent this article to my friend on the captcha team. He just sent me this and said they figured this out years ago and stopped serving them. [url]https://research.google.com/pubs/pub43464.html[/url]