Slashdot Mirror
CAPTCHA Using Ad-Based Verification
mk1004 writes "Yahoo news has an article explaining how the text-based CAPTCHA is giving way to ad-based challenge/response. It's claimed that users are faster at responding to familiar logos, shortening the amount of time they spend proving that they are human. From the article: 'Rather than taking just a mere glance to figure out, recent studies show that a typical CAPTCHA takes, on average, 14 seconds to solve, with some taking much, much longer. Multiply that by the millions and millions of verifications per day, and Web users as a whole are wasting years and years of their lives just trying to prove they're not actually computers. This has led many companies to abandon the age-old system in favor of something not only more secure, but also easier to use for your average Webgoer: Ad-based verification, which can actually cut the time it takes to complete the task in half.'"
It's only because some company will pay to use their logo or watch their mini movie for the answer.
Heh, This is a desperate attempt to stop people like me from adblocking so we can actually use the service.
_ _ _ Go for the eyes Boo! GO FOR THE EYES!
It would be better to simply prove that the computer is used reasonably and then stop presenting the captcha's after the initial few tests. If the computer starts being detected as a spammer then it must prove again, harder this time, that it is a valid user to become reaccepted. This would save time and processing power.
A fancy rationalization of a money making scam. Nobody's wasting years of their lives doing captchas. And what about those of us who have very low exposure to advertising - how are we supposed to recognize logos?
I've examined a few of these "services". They keep track of who is using these things. Some of them even provide you with some of their data, such as a weekly or monthly report on how many people solved their question and how many failed. And some of them use cookies, allowing anybody to track your users.
They are only trying this bullshit because of Adblock. If an advertisement is required to be used to solve a question, that renders Adblock completely useless, and will force people to view crap ads they have been able to block for ages now. If the internet becomes the ad-infested crap fest that I remember from the days before Adblock Plus, and Privox, I'll disconnect from it permanently. I'm not willing to endure a deluge of ads to enjoy a service that I'm already paying a pretty penny to receive,.
Get your free Dropbox account with 2 GB Free storage!
I get the idea behind advertising but don't ads lose their effectiveness when they're so pervasive?
Captcha's don't take all that long to solve if they are halfway readable. Seamless web uses a method I find interesting - image recognition and classification. "Identify which items are food! Go!". I find it hard to believe speed is the issue. It seems far more likely the companies realized the combination of captive traffic in front of a desired activity was too good of an opportunity to pass up. "Our users will see an ad every time they go to rate a restaurant they recently ordered from" is a hell of a pitch.
I dunno why he's getting down modded. I'd rather be told click on the coke ad than type something I can hardly read. Then again I have trouble seeing so I might not represent the majority.
"Ubuntu" -- an African word, meaning "Slackware is too hard for me". - stolen from Dan C alt.os.linux.slackware
Well... isn't placing well-known logos, which can be easily image-matched by computers, kind of defeating the purpose of a CAPTCHA?
(And this CAPTCHA I just had to solve took me MUCH less than the fourteen seconds they claim as an average.)
This is a waste of time, and another vector for ad-servers to throw malicious javascript and flash attacks at you.
You are being MICROattacked, from various angles, in a SOFT manner.
If a person hears or reads something that they don't like (e.g. an ad) their brain will often discard it immediately. But if you can make them say it, or in this case type it, they're more likely to remember it, and even start to believe it.
This is, essentially, low-grade mind control.
Time to dump Yahoo, I only still use it for the spam filter which it has been good at but if it expects me to look at ads I will stop using it.
The news was by Yahoo, not about Yahoo. The company could still be among those planning to adopt the technology, but this isn't mentioned in the news story.
In addition to all the other posters qualms about this, I really wonder how this would work on the internet. How many brands are generally recognized around the world? Fine, you can do some localization, but still.
It seems that this will be either choosing between the logos of Coca Cola, Apple and Nike, or presenting me with an ad of the biggest, most famous mattress company in the whole US.
Adblock and Hosts Files
People once told me 68K ram was all we needed,
Multiply that by the millions and millions of verifications per day, and Web users as a whole are wasting years and years of their lives just trying to prove they're not actually computers.
Web users as a whole are wasting years and years of their lives just trying to look at cute cat pictures. Does this mean we should embark upon the CATcha?
Just another attempt to make viewing ads compulsory...
Howdy howdy howdy
I had an experience with one of these... Yikes, I hate companies that support annoying adds it was loud and had no volume control on the app >. Whatever un-named body of dark stagnant water the people that throw up the "Buy my terrible anti-virus program that will tell you when naughty cookies are downloaded, no no we don't fix it that's this other product we sell" captach. Your being paged back to you cesspool, please don't touch the white telephone.
Good leaders run toward problems, bad leaders hide from them.
Mmmm it tastes just like butter, really??? Slashdot do you really need to place advertisments in this manner? Check the approval process for this piece of crap and you'll find someone taking kickbacks. If it wasn't deliberate ie a corporate decision then you have someone in the ranks getting kickbacks.
If I have to use ads to view a service, that service can fuck right off.
Complete bullshit. And you know for a fact that in no time we'd be having to answer questions about crap like "One weird secret for losing weight/Mom is 54 and looks 27". Then we'd have to watch a flash animation. And listen to a jingle....
Putting the money making aside (which if they do it well is an acceptable and novel idea), is it not a good thing to have clients stalled for quarter of a minute? An average of 14 seconds per thousands or millions of connections a day surely results in a GIANT saving in terms of CPU time. Right?
Another issue is that most people don't "see" adverts, and will skip over these.
Video and audio adverts are the worst - one of the things that annoys me about Spotify is the adverts, which are so annoying they make me less likely to even pay for the service and just stick to playing my own music. Every three songs I get some guy quack-quack-quacking away in a foreign language, which surely makes no commercial sense.
"It's claimed that users are faster at responding to familiar logos..."
I have no TV (but a 55" monitor to watch torrented stuff without ads), use adblockers everywhere, refuse ads in my mailbox, I wouldn't recognize a logo that I don't know from childhood and most of those have changed.
" shortening the amount of time they spend proving that they are human."
I wouldn't qualify ad-watchers as 'human'.
I don't care how good your information is I won't interact with an add that you have forced upon me. I'd even give up slashdot if tomorrow I went to log in and an ad-captcha popped up. This is exactly the sort of MBA type crap that is ruining so many companies. Some douche does a spreadsheet showing how they will make x cents per user logging in with the ad-captcha. First the spreadsheet doesn't show how many customers will soon flee and second you suddenly have a new incentive to start ad-captcha'ing all over the place. First you just log people out more (a great way to lose customers because they can't be bothered to retrieve their login) and then you start putting ad-captchas between the user and just about everything. At first this will look great on the bottom line as you will probably triple your ad revenue overnight but 2 years later you are laying off 90% of your staff because you only have 10% of your readers.
The equivalent logic would apply to a grocery store putting all their prices up 20%. In the first week they would be rolling in profits due to customer inertia but by week 52 they are closed as there are so many other stores roughly 20% less.
But the worst logic is that an ad-capcha takes less time. Again MBA logic; the user is taking less time but seething the for that time and for a while after. Also keep in mind that most people (we aren't most people) don't have a clue what captchas are about but it must be something technical. But an ad everybody can understand.
So my prediction is that the best that ad-captcha sites can hope for will be that their growth will slow down; but my thinking is that most ad-captcha implementing sites will be taking it down and publicly saying that it was one of the worst decisions in the site's history.
So it is actually a negative Turing test. You must be as insensitive as a machine to be able to sit through the entire "captcha". Great!
Nae king! Nae laird! Nae yurrupiean pressedent! We willna be fooled again!
This will not work for the same reason that image-based captchas, riddles and maths questions do not work: There is only a small number of logo/slogan combinations. It is trivial to construct a database (1:1 mapping) of these.
The problem with captchas is to find a mapping which is easy for a computer to do one way, and difficult the other way. Initially, the ad-based captchas are a good idea, because it is impossible for a computer to derive the correct answer from the question. The problem is that computers are better at remembering things than humans, and they are more "patient"
You claim that there will always be an alternative to providers that adopt the practice. I don't see how that'll be the case if major players totaling 90 percent of usage share decide to adopt the practice. Case in point: When video game consoles went closed in 1985, what was the alternative to video game consoles for gaming on a TV? Gamers sucked it up and accepted less choice. When home ISPs went capped, what was the alternative to cable and DSL? Home ISP customers sucked it up and accepted caps. So what'll happen when the major sites in certain categories will adopt these CAPTCHAs?
Either A. they'd show you an ad for a different product sold in your country, or B. they'd block your IP the same way videos with music in them are blocked by GEMA on YouTube.
The only problem here is that as I identify ad servers, I add them to my hosts file and block all connections with them. This is due to many of them being hacked and serving malware and viruses. All that is happening is that I'll soon have no reason to use any of the services I've been paying for - Cable TV ( already don't use due to ads), Internet (becoming less useful due to ad/malware servers), Phone (scammers and robo-callers: Political Parties are the worst offenders).
On the utility front, I'm already planning a solar powered home with a well so I don't have to contribute to the inefficient distribution of energy. For transportation, I'll use a bike or what little public transport we have.
Mod me up/Mod me down: I wont frown as I've no crown
http://tech.slashdot.org/story/12/03/29/2055228/google-using-recaptcha-to-decode-street-addresses
I haven't once seen us fork slashdot to only include (fewer?) high quality stories.
Kuro5hin originally ran the SLASH software that powers Slashdot before Rusty rewrote it from the ground up to create Scoop.
Not only are they still almost completely untargeted
That's the fault of people using "do not track" and other similar privacy measures. I leave tracking on so that the ads I see are more likely to interest me. But it appears that a lot of advertisers don't care, as they continue to serve SWF ads that neither my laptop (which runs SWF in click-to-play) nor my tablet (which doesn't support SWF at all) can play.
why not tell me the name of the product at the start of the video?
For the same reason infomercials don't show you the price in minute one: the brand name might turn some people off. They want to show you the attributes to make you want the product, and then they tell you what product has those attributes.
Why can't I click a "I want to see more"?
That's called clicking the ad.
Maybe there is some reason for ads sucking so much, maybe that's what makes them stick in my mind.
Apart from the Super Bowl, ads that are actually well-produced entertainment would probably result in viewers being distracted by the production and remembering what happens in the ad rather than what product it was selling. Quick: Without using a search engine, which restaurant's commercial introduced the phrase "Where's the beef?"
CAPCHAs fail to load over slower dialup connections
That's called targeting. Dial-up tends to be popular among poor people and people living in rural areas where DSL and cable are not available. I'd guess a lot of advertisers prefer to target people with more disposable income in densely populated, easy-to-serve areas, not the dial-up demographic.
Identify which items are food: [Culturally dependent question]
That's called targeting. Advertisers want to target people living in the country where they sell their products, not people halfway across the globe who have no reasonable chance of even encountering the product. Or a publisher might not have the license under copyright to display a given work in a given territory.
Although you may be right when it comes to very big sites.
Or very big providers of works that a lot of providers reprint. Consider what would happen if all sites that syndicated stories from Reuters, Associated Press, or Agence France-Presse were to adopt a particular method of access control.
Back in 2000 I got so fed up with all the advertising on TV and radio and print, coupled with the poor quality of content and product placement, that I ceased listening to broadcast TV/radio and cancelled magazine subscriptions that are heavy in ads. I actively avoid ads and will not patronize chains that advertise movies (I'm talking to YOU, Burger King and Pizza Hut). Today I don't know the latest movie or TV show or any Lady GaGa songs, and I DON'T CARE. My personal life is so much better not being bombarded with ads.
I really despised TV news broadcasts using movie advertisements disguised as "news", and this is an advertising gimmick disguised as "security". I won't recognize most brands today, will not waste my time researching them, and will move to another web resource without flinching. Ad-based CAPTCHAs is a big fail.
Eternity: will that be smoking, or non-smoking? I Corinthians 6:9-10
I dont know If I can pass all this LOGO test any more. I am not good at remembering these LOGOS and associated Brand Name. This is sucky Idea and just helps ad based companies to earn money.
That's what we do with the CAPTCHAS in our security system - you only have to do the CAPTCHA once, then never again for most people.
In our case, we use the CAPTCHA to reduce brute force on a login-in system. Once you enter the CAPTCHA correctly once, you don't have to enter again as long as you enter your user name and password correctly. If you start entering incorrect user names and passwords, that could be a brute force attack, so you have to enter CAPTCHAS again.
Even the "google goggles" app on my phone can recognise logos
We do identify computers pretty reliably. You mentioned five factors that can be used. You pointed out none of those five factors BY ITSELF is sufficient. But the COMBINATION of all five factors you mentioned plus a few you didn't mention works pretty darn well. I can't identify you by the first digit of your phone number, nor by the second digit, nor by the tenth. But if I look at all the digits together I can have pretty good idea of who it is.
Add to that we're confirming that you are indeed who you claim to be, so we just need a yes/no answer, we don't have to figure out who you are. Lastly, in most practical scenarios, saying "it is probably the same person" or "it is probably not the same person" is sufficient - we don't have to 100% prove it. Credit / debit card fraud detection is a great example. I use my debit card daily. Out of thousands of transactions, I've received only about three calls from the fraud detection department to verify something - once when I was 1,000 miles from home and hadn't used my card on the way there, once 100 miles from home while buying expensive electronics, and one other time. The fraud detection works well by considering the strong combination of weak factors - location, type of store, amount of purchase, etc. are each weak in themselves. However, if my card is beng used in Florida, 1,000 miles from were I live AND it's the first time it's ever been used at a nail salon AND that comes 30 minutes after I used it in Texas AND that's the fifth transaction in the last 30 minutes, there may be something funny going on.
CAPTCHAS and identifying computers are just like that, if done correctly. A system like Strongbox examines ALL available information and thereby does a good job of flagging something suspicious.