AI bots now beat 100% of those traffic-image CAPTCHAs

ForgottenFlux@lemmy.world to Technology@lemmy.world – 763 points – AI bots now beat 100% of those traffic-image CAPTCHAs
arstechnica.com

Anyone who has been surfing the web for a while is probably used to clicking through a CAPTCHA grid of street images, identifying everyday objects to prove that they're a human and not an automated bot. Now, though, new research claims that locally run bots using specially trained image-recognition models can match human-level performance in this style of CAPTCHA, achieving a 100 percent success rate despite being decidedly not human.

ETH Zurich PhD student Andreas Plesner and his colleagues' new research, available as a pre-print paper, focuses on Google's ReCAPTCHA v2, which challenges users to identify which street images in a grid contain items like bicycles, crosswalks, mountains, stairs, or traffic lights. Google began phasing that system out years ago in favor of an "invisible" reCAPTCHA v3 that analyzes user interactions rather than offering an explicit challenge.

Despite this, the older reCAPTCHA v2 is still used by millions of websites. And even sites that use the updated reCAPTCHA v3 will sometimes use reCAPTCHA v2 as a fallback when the updated system gives a user a low "human" confidence rating.

143

This is actually a good sign for self driving. Google was using this data as a training set for Waymo. If AI is accurately identifying vehicles and traffic markings, it should be able to process interactions with them easier.

As I understand it, the point of those captchas was never really "bots can't identify these things" (though you're right on that it was used to train). They use cursor movement, clicks, and other behaviours while you're solving it to detect if you are a bot or not.

The image choosing was always just to train their own bots

It's a combination.

Most captchas goals generally aren't 100% prevention, it's to put a workload in front, this makes spamming the site cost money, a bankrolled attempt could just as easily outsource the captchas to real humans.

a bankrolled attempt could just as easily outsource the captchas to real humans.

Exactly. I've been using 2captcha for that for over a decade now

Since I started getting good at yosu and that fishing mini game in farmrpg I've been failing more captchas. I wonder if they're related knowing this

Is that why I'm asked to do this over and over for 14 million times when I'm on a VPN?

It is probably part of it, yeah. But to be clear I'm not a captcha expert or anything, just a layman.

The annoying thing is that they held us hostage for our free labor, but the results are proprietary for Google's benefit only.

That training data ought to be forced to be made freely available to the public, since we're the ones who actually created it.

Afaik this is precisely what the captcha data was intended for - training AI models. Originally leveraged machine learning. LLMs are a slightly different paradigm but same purpose and results here.

i hope you're joking. please, tell me you're joking?

Well reCaptcha v1 was used for the digitization of books. And that they proudly talked about.

But to be honest, the pictures were in fact used to dether bots. But also to teach selfdriving cars. I think I also remember a time they used to ask to fill in house numbers probably for their Maps accuracy.

Its never been confirmed by Google, so I may be wrong. It still tracks that the data harvesting company with a AI self driving car project would use free human labor to identify road hazards.

I was referring to the "This is actually a good sign for self driving" part of their comment.

The captcha circumvention arms race has been going on for over two decades, and every new type of captcha has and will continue to be broken as soon as it's widely deployed enough that someone is motivated to spend the time to.

So, the notion that an academic paper about breaking the current generation of traffic-related captchas (something which the captcha solving industry has been doing for years with a pretty high success rate already) is "good news" for the autonomous vehicle industry (who has also been able to identify such objects well enough to continue existing and getting more regulatory approval for years now) is...

fry not sure meme template, no text

Not really. I'm not even sure what you're disagreeing with based on the above comment.

My point is that if bog standard AI can accurately identify all of the road information from pictures, that is good news for self driving.

What was once a nearly impossible task for computers is now mundane, and can be used to improve safety/utility for self driving, especially for FOSS projects like comma.ai

And yet I can't beat the CAPTCHAs because reCAPTCHA doesn't like VPNs lol

Captcha these days isn't even really a CAPTCHA in the traditional sense since most of the work it does is based on filtering of IP and browser fingerprinting, with a certain level of gamification because the goal is not just to keep out the people they fight against, but to waste their time, would work great if it didn't waste normal people's time, while real bad actors have easy ways to get around it.

I was going to say I’ve straight up just left whatever website I was trying to access because I was stuck in some endless loop of clicking on street crossings, buses, bikes, and street lights.

The capchas getting really bad on Mullvad almost made me give up on using a VPN. But then I learned about Buster.

This is my third post in a row shilling for this browser extension lol, it's so good.

Fellow vpn user here, it's been really bad lately. I'm definitely installing this.

So can we stop using those damn things? They're super annoying!

Just means they'll get harder, but maybe not for people, just needs to be harder for a computer

Aren't these Captchas designed to get training data for AI models anyway?

"System does what it was designed to do" doesn't feel that surprising...

Aren’t these Captchas designed to get training data for AI models anyway?

Yes and no, the captchas are just meant to be hard for computers to solve but easier for humans. People saw that, and thought that "if we're making people do this might as well have them do something useful" not meant to be malevolent- and the purpose is still stopping bots, training them is a side-effect.

No, you're wrong, the Traffic Light examples ARE specifically to gather data to train models. Being a good Captcha was just a byproduct of that. If people just wanted a good captcha they wouldn't need hundreds of millions of photos of street lights and bicycles.

No, you’re wrong, the Traffic Light examples ARE specifically to gather data to train models.

No you're wrong, because the sites that embed those captchas on their page are not doing that to help good.

If people just wanted a good captcha they wouldn’t need hundreds of millions of photos of street lights and bicycles.

Yes, they are getting something productive out of the human labor that would be done anyways. Trust me as a web developer, and web scraper, some kind of captcha is necessary for many free services to be useful/economically viable. The core of a good captcha is just making it marginally more expensive for the scraper/bot than it is for you.

The sites don't create the captcha, you yourself just said it was embedded there.

They embed for a reason... And the captchas wouldn't exist if they weren't embedded anywhere

Well yeah, I'd hope so, that's the entire point.

Catcha's data collection always was with the intent for training ai on these skills. That's "the point" of them.

It's reasonable to expect that the older version of captchas can now be beaten by modern ai, because they're often literally trained on that exact data to beat it.

Captcha effectively is free to use on websites as a tool because the data collection is the "payment", they then license that data out to people like OpenAI to train with for stuff like image recognition.

It's why ai is progressing so fast, captchas are one of humanity's long term collected data silos that are very full now.

We are going to have to keep progressing the complexity of catches as it will be the only way to catch modern AIs, and in turn it will collect more data to improve it.

Yeah, my understanding is that these capchas were made to harvest data to use for AI/Autopilot driven cars. That's why they are always having you identify motorcycles, bycicles, crosswalks, stoplights, busses, etc. It's all stuff that automatic driving cars have had a hard time identifying.

We are going to have to keep progressing the complexity of catches as it will be the only way to catch modern AIs, and in turn it will collect more data to improve it.

I wanted to use 4chan alot before I came here, but FUCK that slider capcha. I bailed after the first time I didn't pass.

I wanted to use 4chan

I am relatively confident that you are one of the first people to ever type that sentence out.

I reread his comment three times because I was convinced I must have read it in error somehow.

When it's asking for motorcycles but it's clearly a scooter

Or, like, "there's the bottom 10% of a traffic light in this one. Do I click that box? Ia that supposed to count?"

What they are doing is comparing your answer and seeing if it is consistent with how it has been answered previously. They realize that not everyone is going to give the exact same answer, so as long as you answer it in a way that enough other people have answered it, it should let you in.

I'll usually go with the minimum number of clicks that I think will get me through, since I'm lazy and it'll also at times slow down how fast you can click which is annoying.

I'll also answer them wrong if I think it's a mistake that enough other people will make. "Yes... that RV over there is a bus..."

They are also overly US centric.

One of the questions asks you to click on only the school buses. I had to Google how you tell the difference between a school bus and not a school bus.

Also is it a crosswalk if it's at an intersection or is it only a crosswalk if it's in the middle of a road somewhere?

The questions either need to be not cultural or they need to be adapted for where they detect the user is coming from, the first option seems easier.

Interesting. Do you not have school buses, or are school buses not distinctly marked? How do kids get to school when it’s beyond walking distance?

They are just buses.

I guess the British government just assume that school children are smart enough to get on the right bus without them being individually distinct.

I knew school buses are yellow but I did not realize that they are always yellow. I did not realize that the yellow color meant school. I just assumed that the yellow color was a color busses could be.

The size of the UK verses the exponentially larger size of the US probably has a lot to do with it.

And if you knew school busses where yellow... Where's the problem?

Maybe it’s lack of transit in the us, I don’t know. Almost every public school district I’m familiar with, uses standard yellow school buses to bring kids to and from school. However Boston city schools give the kids an MBTA pass - I don’t know if that differed by age - and I imagine that’s true of other downtown schools where there’s transit

School busses and regular busses look completely different. What do those look like in your country?

Well here in, not the United States of America land, we just have busses. I was not aware that busses required a special magic paint job.

I suppose the paint job prevents school shooters wasting their time.

So if your regular bus is shown next to a bus that's not "just a bus", and you're asked which one is a school bus... What would you answer?

Same as any bus

So if you see a picture that obviously a regular bus, alongside a different bus, what would you infer from that when asked which bus is not the same as "any bus"?

How would you know what is a regular bus and what is not a regular bus for a given country?

Does the backside of a traffic light even count? What about these strange traffic lights that have more boarder than light?

That tip of a handle bar that makes you wonder if that square counts or not.

Or the square with the driver in it: does it classify the driver as part of the motorcycle?

Does it count when the AI driving the car clips it?

I had one with one of those Motorcycles with the long handles, apparently they aren't part of the bike, but the dudes foot holding it up is.

I think the reason AI are better than humans is that the AI is just as stupid as the image classifier.

Worse is when its asking for crosswalks and its clearly a rumblestrip.

Buster is awesome to get past recaptcha. I use it with my own Speech to Text API key since its free from Google. Using Google to beat Google.

https://github.com/dessant/buster

It's so funny that this exists. I'm going to check it out!!

If you're using a personal api from google, is that a way that google can track you? Part of using a VPN, noscript and adblock for me is to prevent that kind of tracking.

Nothing is truly free with Google. So ya, most likely they are tracking. If you dont want to use Google, there are other options on their wiki

https://github.com/dessant/buster/wiki

If not, you can use a dummy account just for this.

Wait, so if a visitor fails the v3 Captcha, v2 is used as a fallback?
That makes absolutely no sense.

V3 isn't necessarily more effective than V2, it's just less obtrusive.

Not quite: it'll drop a v2 captcha for you to solve when a v3 one can't clearly classify you one way or another.

So if v3 isn't entirely sure you're human, it'll make you do a v2.

But, I cannot pass those 50% of the time... what does that mean?

It means Rick Deckard won't be coming for you any time soon.

You're walking in the desert and you see a tortoise

I can see a future where the Internet is completely run by bots and AI to the point where no human actually uses the Internet anymore.

It's like an island that gets overrun with rats - there are just too many to deal with so you leave.

Some believe this happened years ago. Check out Dead Internet Theory.

I'm already doing that now. If Lemmy starts showing signs of fuckery I'm out. I'll switch back to magazines.

I already did... There's some subscription stuff where you can read pretty much all available magazines and papers, it's been a long time since I've been reading that much "news" and reports

I work in a place with no phones. I bring books and magazines into the shitter.

Basically Cyberpunk, people only interact with the night city intranet because the global internet has been taken over by AIs.

Yeah, I predict that in the future, you can't expect that content on the internet is written by humans. If you go to the internet, then it will probably not be to connect to other humans. Maybe you want to know something that a bot can tell you or you have some administrative task to fulfill, like filing a form.

I fail more of those checks then these AI bots do. Surreal.

It seems like every other captcha I get has a picture of a moped and asks to click for a motorcycle. When I don't click on the moped it says I'm wrong. Pisses me off.

Just be very general, don't get stuck in the details.

It goes against my human nature to not overanalyze.

leaves plastic banana under your bed

You'll find that, months from now, and you won't know where it came from, or why it's there.

Greetings fellow human!

01001000 01101111 01110111 00100000 01100100 01101111 00100000 01111001 01101111 01110101 00100000 01100100 01101111 00111111

I mean, we literally train them by completing the CAPTCHAs. Why do you think you were picking things like bikes, traffic lights, cars, and busses? The only question now is what's next...

they embed dark souls into the browser

In order to pay your utility bill, you have to beat the Undertale Sans fight in Genocide mode

I never get the first one and rarely the second one. If it says to click all the squares with motorcycles and it’s just the one big picture, am I supposed to click stuff like the tire and mirrors? I always do and never get it right. Then most of the time they ask me to identify motorcycles, they show me motor scooters and what am I supposed to do then? I think I just need to get one of these bots to do it for me.

Fwiw they aren't really asking about the motorcycle. I mean they are but they are washing your mouse movements and how fast you click through the images. It's okay to get a few images wrong.

Not quite.

It's mostly wisdom of the crowd, as it always has been.

As long as you mostly click the same squares most other people click, you pass.

You often at random get 2-3 images because 2 of them are actual checks, but the third is a new image that you auto pass and they're using it to gather data on what the average clicks are on it.

A motor scooter is a motorcycle in the eyes of the law.

Not everywhere.

Where I am, you need a special license to drive a motorcycle, classified as having an engine of 51ccs or more, whereas a scooter is any motorcycle with a less than 51ccs and doesn't require a special license.

That's a moped, a motor scooter is just a style of bike.

Mopeds are similar but have pedals and can be used as a bicycle. The name itself, Mo-Ped" is a portmanteau for motor and pedal.

Motor scooters are different in that they have a cut out for the rider's legs/ feet so they don't have to straddle it the same way they would with a motorcycle. Both mopeds and motor scooters do not require a license endorsement here, while motorcycles, as defined in my original comment, do.

https://en.m.wikipedia.org/wiki/Moped

The definition in most countries is less than 50cc and a maximum power output, they do not need to have pedals. Anything over 50cc is a motorbike.

So a moped with a 49cc engine, astep-through design, and no pedals is a moped but a scooter with a step-through design and 49cc engine is a motorcycle?

That's confusing as fuck lol

Not really, both your examples are a moped. The definition of a moped in most places has nothing to do with the style of bike.

I bet you use the word "actually" in conversions regularly.

I bet you make incorrect assumptions about people you don’t know regularly.

I just close the page usually if I see one of these ones, I don't have the patience to click all the boxes and then it just sends you a different one.

Unfortunately they're on pages that I absolutely need to get into because my money is stored behind them. I cannot stand them, and I generally agree with you, if some random site has me doing a captcha in leaving.

Meanwhile I sometimes fail those. I have been locked out of applications because I missed a square of a bus, or perhaps because I like to be efficient in my mouse cursor movements. I ducking hate CAPTCHAs.

Thank God this means i can stop wondering if i should click on the... the 13 pixels from the fucking bike in that one corner square or wondering if i should count the scooter as a motorcycle fuck i am so tired of that shit

Complete the obligatory "is this a staircase or street crossing" round only to be roundhouse kicked back to the beginning.

CAPTCHA doesn't stop bots, and let us be honest, it never really did. It frustrated the hell out of people though, and caused people to waste time doing these challenges. Meanwhile even before AI bad actors and bots could get past it simply by using captcha solver services run by exploited humans solving captchas for the service.

It's a display of security theater meant to make normies feel safe but in reality doesn't stop most bad actors.

Technically the "correct" answer is set by the highest percentage of people choosing it. EG: 19 people select Box A and 1 selects Box B, then the machine decides Box A is in fact correct.

That means these AI could be selecting the wrong answers for all anybody knows, if enough of them are answering the prompts, and still passing.

Great, so now can I get an add-on to my browser that skips these?

As someone who can not decide if 3 pixels of a motorcycle counts as a correct square, I need this add on.

In use an add-on that does 90% of these for me already on Firefox. I would tell you what it's called but I'm not at my PC.

Which (on a side note) I'd totally go downstairs and check for you, but I just sprained my ankle real bad, and am dreading stairs. Sorry :(

Sorry to hear about your ankle. When you're able to, I'd also like to know what the add-on is

That’s suspicious - I can’t pass 100%. here’s a new captcha for you: make the user do 100 in a row

  • 100% is ai
  • <50% is dumb “ai”
  • in between is a person

Pro-tip for webscrapers: using AI to solve captchas is a massive waste of effort and resources. Aim to not be presented with a captcha in the first place.

I think thats much more difficult than it seems, because usually only residential IPs are the ones that don't get those. And if you start to use a residential proxy too much then that IP can also get flagged.

Depends on the case, sometimes its unavoidable.

So...if CAPTCHA are already beaten by bots what's the point if it still exists ? to mock our weakness ?
In the old days CAPTCHA could do its job, but nowadays nah....even crawler/scrapper/meta bots can bypass it easily.
The real question is why do we as real humans still often fail to beat CHAPTCHA? Are we less human? Are we really robots in CHAPTCHA perspective ?

To train Google/Cloudflare's AI tools, and to double check against DDOS. That's it.

Unless this was something people could use i dont rly see it becoming much of a problem. Most people dont even use adblockers

There is a Russian captcha solver bot called xevil that costs under $100 (I think, last time I looked) that has been able to solve nearly all captchas for years. You just have to supply it with relatively expensive proxy IP addresses because Google rate limits solve attempts.

So the title of this article has been true for a long long time. Capatchas are absolutely useless except against poor or uninformed script kiddies.