Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Launches reCAPTCHA v3 That Detects Bad Traffic Without User Interaction (zdnet.com)

Posted by msmash on from the marching-forward dept.

Google has pushed an update to its reCAPTCHA technology that the company has been offering since 2007 to fight off bots on the world wide web. From a report: reCAPTCHA v3, as the new version has been branded, is a complete overhaul of the reCAPTCHA technology that we know and... most of the time hate. The good news is that the new system does not require any user interaction anymore. Gone are the days of reCAPTCHA v1 when everyone was trying to decipher in garbled text, and gone are the days of v2 when everyone was getting annoyed at clicking on endless image streams of "store fronts," "roads," and "cars" for up to 2-3 minutes. Instead, reCAPTCHA v3 will use a secret new Google proprietary technology to learn a website's normal traffic and user behavior. Google says that by observing how regular users interact with the website and its sections, it would be able to detect abnormalities and detect bots or undesirable actions.

108 comments

  1. Translation:We'll just spy on you to figure it out by Anonymous Coward · · Score: 5, Insightful

    Please see Comment Subject

  2. Sounds good to me by SuperKendall · · Score: 3, Insightful

    Whatever they are doing is fine with me, those image based Capthas are an absolute nightmare, trying to see if one pixel in an image is a sign or a car or whatever.

    I think one time I cycled through picking objects something like 15 times! Absurd.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
    1. Re: Sounds good to me by Anonymous Coward · · Score: 1

      You know you were training their machine vision initiative to help Google maps learn street sign and where stores are, right?

    2. Re: Sounds good to me by Anonymous Coward · · Score: 0

      What!!!!!!!!!!!!!!!!!!

      This is preposterous.

    3. Re: Sounds good to me by sexconker · · Score: 1

      Which is why I just click shit randomly until it gives up and lets me in. The system determines if you're right or wrong only for a small set of the presented images, and for the others it uses your choice to feed The Beast. You only have to get the known images correct.

    4. Re: Sounds good to me by Anonymous Coward · · Score: 0

      How do you know which are the known images?

      Asking for a friend :P

    5. Re:Sounds good to me by PhrostyMcByte · · Score: 2

      Yea, I had one of those 15+ cycle ones just last week. Where it starts slowing down the loading of images because it thinks you're cheating.

      "Click any boxes with stop lights"

      So... only the lights? The whole light box? Does the pole they're mounted on count? What about just a 1-2px sliver of one of those parts in an adjacent box?

      Yea... whatever they were expecting, it wasn't meshing with my interpretation. Can't be more excited to never see another one of Google's failed turing tests.

    6. Re: Sounds good to me by Anonymous Coward · · Score: 0

      For fun try setting the network speed down to dial-up. The V2 stuff won't even load to the point you can start clicking images.

      Does anyone even test things on slow networks?

    7. Re: Sounds good to me by Applehu+Akbar · · Score: 1

      Does anyone even test things on slow networks?

      If they want it to work in the US, they have to.

    8. Re:Sounds good to me by h33t+l4x0r · · Score: 1

      What I usually do is convince myself I don't really need to go to that link. Works every time.

    9. Re:Sounds good to me by schweini · · Score: 3, Funny

      > I think one time I cycled through picking objects something like 15 times! Absurd.

      have you considered the possibility that you are a bot?

    10. Re:Sounds good to me by SuperKendall · · Score: 1

      have you considered the possibility that you are a bot?

      You know that did occur to me, but an attempted sip of motor oil cleared the matter right up.

      I guess the feeling that you shouldn't have made it past the capture check is the ultimate form of imposter syndrome!

      --
      "There is more worth loving than we have strength to love." - Brian Jay Stanley
    11. Re:Sounds good to me by Anne+Thwacks · · Score: 1
      Another problem seems to be cultural. In the UK, Traffic signs means ones giving instructions to drivers. Street signs means labels with the name of streets on. I suspect the reverse may be true in America.

      There are many other issues, but low resolution of both the original and the screen is definitely a problem. I often give up.

      OTOH, bots are pretty persistent.

      --
      Sent from my ASR33 using ASCII
    12. Re:Sounds good to me by AmiMoJo · · Score: 1

      It happens if you care about your privacy, e.g. use a VPN/Tor or use browser add-ons and security settings.

      Even using it via remote desktop or in a VM seems to screw it up.

      From what I can tell it tries to detect if you are human by looking at things like mouse movement and how fast the pointer update rate is (if it's fake or done via software KVM or something it's not as smooth?) and various other browser metrics. If you break any of them it makes you solve more of its little games, and 15 times is not unusual.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    13. Re:Sounds good to me by thegarbz · · Score: 1

      I think one time I cycled through picking objects something like 15 times! Absurd.

      If you're cycling through repeats it is often because you have been identified as a high risk connection. I can hit the same website directly and get through with a single question: Tick the crosswalks, and then go again with a VPN and sit there clicking on pictures for minutes before it believes me that I am in fact a human.

    14. Re: Sounds good to me by thegarbz · · Score: 1

      You're actually training Google to know what a crosswalk, stop sign, and cyclist look like. Just remember that when you get run over by a self driving car.

    15. Re:Sounds good to me by Cederic · · Score: 1

      I go further, and write to the site to let them know they've successfully blocked me.

      Unless they only offer a contact form and hide it behind recaptcha..

    16. Re: Sounds good to me by LordWabbit2 · · Score: 1
      LOL - Mod this guy up.

      Just remember that when you get run over by a self driving car

      Someone clicked on the wrong capTCHA, fuck, from now on I am going to go a couple rounds just because I will be fucking with google's algorithms.

      --
      There are three kinds of falsehood: the first is a 'fib,' the second is a downright lie, and the third is statistics.
    17. Re: Sounds good to me by sexconker · · Score: 1

      You click randomly until you're in. The known ones simply stick around longer, on average. You don't need to know which ones they are unless you want to get in faster. It would make sense that the clear and obvious pictures of signs, cars, or store fronts are the known images, and the obscured, cropped, etc. images are the unknown ones. But I don't know how they choose what to present to you.

    18. Re:Sounds good to me by Aighearach · · Score: 1

      These days shouting at them on twitter might be more effective.

    19. Re:Sounds good to me by grahamtriggs · · Score: 1

      Blade Runner would be a very different movie if reCAPTCHA was used as the test.

  3. But I have do not track enabled.. by Fly+Swatter · · Score: 2

    This can't possibly work for me. /s

  4. Not training computer vision? by Anonymous Coward · · Score: 0

    I thought the point of v2 was to help train their computer vision systems.

  5. Does that mean I get to.... by mark-t · · Score: 2
    .... not have to click "I'm not a robot" whenever I'm trying to research something and the results of a query that didn't return any promising links, suggesting that I need to tweak the query a little to get more refined results?

    I find that about one of every 3 or 4 times that I click "Search" on Google after I've already scanned the first page of results it gives me without finding any promising leads, I will get a prompt like that which I have to click in order to proceed.

    It's damn annoying to be perfectly honest.

    --
    File under 'M' for 'Manic ranting'
    1. Re:Does that mean I get to.... by Anonymous Coward · · Score: 0

      I have never ever seen a captcha on a Google web search page. I probably would have switched search engines if I ever had.

    2. Re:Does that mean I get to.... by troff · · Score: 2

      Logged in for the first time in years in order to say something very much like this. I also tried to tweak query to disable geo-refining of solutions, force including all of my search terms in my results and so on, wrap the whole thing up in a Firefox-bookmark macro. And if I use it too frequently, the bloody stupid captcha comes up. I noticed the bit about "a bot or behaviour the website owner doesn't like". Well, I don't like the stupefying nature of their dumbed down searches that will drop search terms just so it gets extra hits. But I do like the fact DuckDuckGo is around for when Google is pissing me off.

    3. Re:Does that mean I get to.... by sexconker · · Score: 1

      Yeah, I use Bing and I've never seen such a thing. That sounds ridiculous.

    4. Re:Does that mean I get to.... by mark-t · · Score: 1

      Well, it's definitely a thing on Google.... basically, whenever I've decided I don't like the first batch of results I got, and I want to tweak the query a bit, there's about a 33% chance I'll get it on the next query I try. After I've gotten the prompt once, and clicked the "I'm not a robot" button to dimiss it, it seems go go away for a while, but it always eventually comes back when I am doing multiple similar queries.

      --
      File under 'M' for 'Manic ranting'
    5. Re:Does that mean I get to.... by Anonymous Coward · · Score: 1

      Logged in for the first time in years

      Slashdot's awesome AI detected that, the fortune at the bottom says: "Do not meddle in the affairs of troff, for it is subtle and quick to anger."

      Captcha: amazedly

    6. Re: Does that mean I get to.... by Anonymous Coward · · Score: 1

      Are you sure you're not a robot?

    7. Re:Does that mean I get to.... by omnichad · · Score: 1

      This is more something you see if you're using a VPN or Tor, because there are a lot more queries coming from one IP than just your own computer.

    8. Re: Does that mean I get to.... by sexconker · · Score: 1

      Are you sure you're not a robot?

      I think you may be on to something...

      go go away for a while

      I'll get you next time, Inspector mark-t!

    9. Re:Does that mean I get to.... by Anonymous Coward · · Score: 0

      Usually happens to me when I open a crapload of results at once before going through them.

      As always, the solution is to reduce your exposure to google products in every possible way.

    10. Re: Does that mean I get to.... by Anonymous Coward · · Score: 0

      Welcome back!

      Fuck yourself, n1gger fqggot.

    11. Re:Does that mean I get to.... by Anne+Thwacks · · Score: 1
      I find that about one of every 3 or 4 times that I click "Search" on Google after I've already scanned the first page of results it gives me without finding any of the search terms I entered.

      I am seriously thinking of writing my own search engine. We are almost back to when the answer to all queries was "Barnes and Noble" and "Alamo Car Rental".

      --
      Sent from my ASR33 using ASCII
    12. Re:Does that mean I get to.... by Aighearach · · Score: 1

      Some days I find myself pining for altavista.

  6. How Long Will It Take to Roll Out? by PastTense · · Score: 1

    How long will it take before most sites have it instead of previous versions?

    1. Re:How Long Will It Take to Roll Out? by Anonymous Coward · · Score: 1

      Years. If you read the story, this one requires even more coding, especially if you want custom actions for bot detections. People are so lazy they don't bother pressing the update button in their CMS, do you think they'll spend hundreds of dollars on devs implementing the new v3 "action tags?"

  7. No thanks by Anonymous Coward · · Score: 0

    reCaptcha is so negative an experience I will actively avoid using sites which employ it.

    1. Re:No thanks by Anonymous Coward · · Score: 0

      This is the first year I've considered quitting the internet forever is a serious possibility.
      Hardware capabilities are still creeping forward, but everything else is getting worse, and the utility of computers and the internet is dropping towards zero.
      There's no solution.

  8. The logical conclusion is coming soon by Etcetera · · Score: 5, Interesting

    There's really no way around it... Eventually Chrome will take authentication into the browser, which of course is integration into the Google Service in the back end, and just use that to bypass.

    If you're not signed into Chrome (thus signed into Google), you'll get captchas of varying degrees of annoyance until/unless Google no longer needs people to categorize visuals for its AI training, at which point Google will just make a login mandatory under the guise of identity assurance.

    --
    Hire a Linux system administrator, systems engineer,
    1. Re: The logical conclusion is coming soon by Anonymous Coward · · Score: 0

      This already seems like the past, not the near future.

  9. Source code for reCAPTCHA v3 has been leaked: by Anonymous Coward · · Score: 3, Funny

    function is_bot($IP_address, $unique_identity)
    {
            if (is_any_kind_of_privacy_such_as_Tor_exit_node_or_paid_VPN($IP_address))
                    return true;

            if (is_person_disliked_by_us($unique_identity))
                    return true;

            return false;
    }

    1. Re:Source code for reCAPTCHA v3 has been leaked: by Anonymous Coward · · Score: 0

      You got modded Funny, but it should be Insightful.

      Does anyone really think Google will let you pass if they can't figure out who you are?

    2. Re:Source code for reCAPTCHA v3 has been leaked: by Anonymous Coward · · Score: 0

      function is_bot($IP_address, $unique_identity)
      {
                      return is_any_kind_of_privacy_such_as_Tor_exit_node_or_paid_VPN($IP_address)
                                || is_person_disliked_by_us($unique_identity))
      }

    3. Re:Source code for reCAPTCHA v3 has been leaked: by fisted · · Score: 1

      Congratulations, you've successfully lowered the code quality of that snippet.

      --
      CLI paste? paste.pr0.tips!
  10. Will it work with VPNs and TOR? by Rick+Schumann · · Score: 3, Interesting

    How much you want to bet you'll be locked out completely with no recourse?

    1. Re: Will it work with VPNs and TOR? by Anonymous Coward · · Score: 0

      Probably it is a handjob to the Chinese gov.

    2. Re:Will it work with VPNs and TOR? by Anonymous Coward · · Score: 1

      How much you want to bet you'll be locked out completely with no recourse?

      Already are on some providers. Cloudflare used to be sooooo much worse too.

      As someone who uses lynx, fuck capatchas. Try downloading drivers from NVIDIA while your system is sitting a console only to be greeted by this crap. Arguably it was incapsula (another proivder), but the point stands.

      What are they going to do next, offer their own "optimised" versions of core js libs used all over the friggin place but ONLY if you use theirs? I'm not a social experiment and I'm not a bot. Stop treating me like one, thanks.

    3. Re:Will it work with VPNs and TOR? by thegarbz · · Score: 0

      I'll take your bet. You won't be. Google's reCAPTCHA has never locked out anyone and has always offered fallback methods including to those people physically incapable of answering the reCAPTCHA. Additionally their customers would not allow false positives to drive down traffic.

      Now pay up. I can declare my success already because your tin-foil-hat scenario makes no sense, not from the end user perspective, not from Google's and not from Google's customers.

    4. Re:Will it work with VPNs and TOR? by Rick+Schumann · · Score: 1

      Fuck off, asshole. You have no idea what you're talking about.

    5. Re:Will it work with VPNs and TOR? by thegarbz · · Score: 1

      Thankyou for your detailed and technical comeback. It's always interesting having a discussion with people. Some people fight their stupid opinions, some people admit they were wrong, and then there's those who revert to their 5 year old self. What a pleasant child you must have been.

    6. Re:Will it work with VPNs and TOR? by Rick+Schumann · · Score: 1
      Then there's trolls like you who love nothing better than to draw people into 'discussions' that you do your best to run around in circles, interspersed with your 'internet tough guy' routine, ("demanding payment on bets", and so on). So I do an end-run around all that and tell you to eat a bag of dicks instead.

      ..or, here, I'll treat you like the 4chan-esque troll you're starting to sound like:

      What the fuck did you just fucking say about me, you little bitch? I'll have you know I graduated top of my class in the Navy Seals, and I've been involved in numerous secret raids on Al-Quaeda, and I have over 300 confirmed kills. I am trained in gorilla warfare and I'm the top sniper in the entire US armed forces. You are nothing to me but just another target. I will wipe you the fuck out with precision the likes of which has never been seen before on this Earth, mark my fucking words. You think you can get away with saying that shit to me over the Internet? Think again, fucker. As we speak I am contacting my secret network of spies across the USA and your IP is being traced right now so you better prepare for the storm, maggot. The storm that wipes out the pathetic little thing you call your life. You're fucking dead, kid. I can be anywhere, anytime, and I can kill you in over seven hundred ways, and that's just with my bare hands. Not only am I extensively trained in unarmed combat, but I have access to the entire arsenal of the United States Marine Corps and I will use it to its full extent to wipe your miserable ass off the face of the continent, you little shit. If only you could have known what unholy retribution your little "clever" comment was about to bring down upon you, maybe you would have held your fucking tongue. But you couldn't, you didn't, and now you're paying the price, you goddamn idiot. I will shit fury all over you and you will drown in it. You're fucking dead, kiddo.

      ..there. That's better than you probably deserve.

    7. Re:Will it work with VPNs and TOR? by thegarbz · · Score: 1

      Then there's trolls like you

      Yep. Still with the name calling and zero technical comeback.

      interspersed with your 'internet tough guy' routine

      Oh I'm not a toughguy. I'm an internet thick skinned who simply laughs at people who jump in and namecall whenever someone calls out their stupid arguements.

      I'll treat you like the 4chan-esque

      Why am I not surprised that you're have stored reading material from 4chan. Also TL;DR. Keep to your one-liner insults, they get the point across better.

    8. Re:Will it work with VPNs and TOR? by Anonymous Coward · · Score: 0

      Shut up faggot

    9. Re:Will it work with VPNs and TOR? by toddestan · · Score: 1

      I'm not so sure of that. I've sat there for literally several minutes of clicking through ever-so-goddamn-slow-loading pictures of buses or stop signs or whatever before giving up. Maybe it would eventually let me in, or maybe it's really an endless loop. But most people aren't going to have the patience to sit through several minutes of captcha bullshit, with no indication that it's ever going actually going to let you through.

    10. Re:Will it work with VPNs and TOR? by thegarbz · · Score: 1

      I have experienced that once too, only to reload the page and get an error message and then come back later in the afternoon to be let in without issue.
      reCAPTCHA also varies the difficulty with risk so it takes longer to get to somewhere through a VPN for instance. Part of that is precisely the problem Google is trying to solve: better identify bots so that people *don't* get stuck in these situations. This has always been the case as well, even back in the "what are these two words" days. Access a site directly, get two clear words, go via VPN get gobbeldygook.

      Again this still supports my assertion. The difficulty of passing the reCAPTCHA at the moment leads to quirky bugs that piss off people like youself, not on purpose, and through better detection of people this would be eliminated.

  11. Secret? by AlanObject · · Score: 1

    reCAPTCHA v3 will use a secret new Google proprietary technology

    OK. So if this is cross-browser I would have to assume this involves or fully relies on in-browser Javascript. In which case calling it "secret" is silly.

    If it relies on servers (thus keeping the "secret") run by Google then why bother with it all? Why not just use OAUTH/OAUTH2 authentication against existing Google+ logins and then no need for a 'bot test?

    1. Re:Secret? by wbr1 · · Score: 3, Interesting

      The javascript can read information like mouse movement and other user info and behavior, shipping that off to a google server farm for processing. The actual algo that decides human/not human does not have to reside in the browser side code.

      --
      Silence is a state of mime.
  12. Where to complain? by Gabest · · Score: 1

    I could not always prove that I was a human, that just makes my blood boil, and there is no where to complain!

    1. Re:Where to complain? by Anonymous Coward · · Score: 0

      Where to complain?

      Have you tried http://www.google.com?

    2. Re:Where to complain? by fisted · · Score: 1

      I'd complain there, but I have to complete a captcha first

      --
      CLI paste? paste.pr0.tips!
  13. Re: Translation:We'll just spy on you to figure it by Anonymous Coward · · Score: 0

    Shut up

    -msmash

  14. Don't block google trackers... by QuietLagoon · · Score: 3, Interesting

    ... otherwise it appears that google blocks you from continuing. google must assume that all humans will allow google trackers on to their computers and bots won't.

    1. Re:Don't block google trackers... by Anonymous Coward · · Score: 0

      ... otherwise it appears that google blocks you from continuing. google must assume that all humans will allow google trackers on to their computers and bots won't.

      Well ... s/all/most/ ... and are they wrong?

    2. Re:Don't block google trackers... by Anonymous Coward · · Score: 0

      I haven't allowed any cookies from Google in 2 years. I never get a captcha, though.

    3. Re:Don't block google trackers... by fisted · · Score: 1

      I'm blocking 3rd party javascripts everywhere. I do often get the captcha, and I have always select store fronts/cars/whatever for numerous iterations. It's never sufficient to just tick the 'i'm not a robot' checkbox.

      --
      CLI paste? paste.pr0.tips!
  15. Annoyed by store fronts? by pablo_max · · Score: 1

    Are you kidding me? I fucking prey that I get the store front one rather than enter street sign hell for 5 minutes.
    ReCap v2 is one of the worst things to ever happen to the internet and I prey to the god of the Internets that the creator dies or horrible death.

    1. Re:Annoyed by store fronts? by Anonymous Coward · · Score: 0

      As a Bot, let me say I do not have this problem. My memory includes most of the answers, which my clones keep me up to date on, as I do theirs.

    2. Re:Annoyed by store fronts? by LordWabbit2 · · Score: 1

      Let me fix that for you
      Prey is an animal hunted for food.
      Pray is a song by Sam Smith (whoever the fuck he is)

      --
      There are three kinds of falsehood: the first is a 'fib,' the second is a downright lie, and the third is statistics.
    3. Re:Annoyed by store fronts? by Aighearach · · Score: 1

      That's what he said. He fucked his prey in a storefront because there were too many signs out on the street. And he hates God, because reCAPTCHA v2.

      Gets yous some English!

  16. Seems nice in theory but... by SurenEnfiajyan · · Score: 1

    What if the user is not "normal"?

    1. Re:Seems nice in theory but... by dcollins117 · · Score: 1

      What if the user is not "normal"?

      Then you get what happened to me today. I was wondering what was going on. I thought the problem was on my end. Multiple Capchas for simple Google web search? What a pain in the ass.

      I won't be using Google anymore, that's for damn sure.

    2. Re:Seems nice in theory but... by Anonymous Coward · · Score: 0

      Here's the problem... it's not JUST for Google web searches. You can't sign up for jack shit anymore without answering one of those. Most topic-specific web forums, any even a lot of general ones like Reddit, require going through the process unless you run Google's trackers, or anyway if you are coming from any anonymized IP source.

      This is nothing less than the death of anonymity on the internet. You won't be able to do much of anything without telling Brother Google allllllll about it.

    3. Re:Seems nice in theory but... by dcollins117 · · Score: 1

      What's interesting is I reboot the machine and it's still happening. Seems to be tied to my IP address, which was assigned from a pool by Comcast. I can easily get a new IP address assigned but whoever gets this one next is going to wonder wtf is going on, lol.

    4. Re:Seems nice in theory but... by Anonymous Coward · · Score: 0

      That is OK, I will no longer do much of anything on the Internet then.

  17. I doubt it by Anonymous Coward · · Score: 0

    You could probably game this too. Its sort of like the trouble they had with language bots--they were too perfect. They only started making advances once they allowed "umm... ahh... uhh" because humans do superfluous things. It's the same with humans using websites. They take extra time and move the mouse in superfluous ways. They scroll back and forth. A bot could easily take this into account.

    Or if you do routine tasks, just use a macro recording tool of you doing something like posting an ad on a website that has reCaptcha and then just play the macro recording each time. It would look exactly identical as a human user unless you tried to speed it up or something.

    1. Re:I doubt it by Anonymous Coward · · Score: 1

      Unless you play games or do something for a living that requires highly accurate mouse movement.

      There are sooo many variables that go into the behviour of an end user vs bot that AI could never learn a profile of everyone. Hell my accuracy changes based on posture, alcohol comsumption, tiredness, etc. There's no way Google could know that.

      Here's another rather silly example of why behaviour profiling is a bad idea - ever notice images refresh faster on mouse movement? Now erratically move your mouse as if you were impatient. What happens is Google thinks your human ONLY if you fit THEIR profile of a user, it doesn't take into consideration that you may infact be 14 hours into a shift, and tired of waiting for some damn capatach to refresh. Or a top level League player (thousands of clicks in short periods). It instead considers your eratic mouse to be a bot.

      Here's another one - many open tabs to the same site. All Google sees are the requests, it has no context. What if the browser crashed or you move between networks? Certainly could be taken as a DoS attach considering all those tabs are refreshing. But the point is, you AREN'T attacking it nor are you a bot.

  18. You do the work for us to spy on you by ljw1004 · · Score: 2

    If I understand right, the deal is that website developers now do the heavy lifting work of informing Google about every user and user action on their site, in meaningful profile-building ways, and in return Google will help them recognize bots.

    Its similar to the deal they made with Google Analytics (inform Google of page visits and in return get traffic analysis) except the new captcha bargain will extract more visitor-profiling than was ever needed before.

  19. Sounds horrible to me by Anonymous Coward · · Score: 3, Interesting

    They're data mining your session with the website to see if you're acting like that site's average user. If not, you're blocked. Meaning you'll be required to enable Google's tracking scripts on every website which uses this. Blocking those scripts mean no web content for you.

    If you do something different, like open 10 tabs of the next ten articles you want to read... BLOCKED. Assuming most users read articles one at a time.

    Basically this is the same tech anti-virus software uses to dynamically categorize running software when trying to figure out if it's a threat or not. Those features don't work too well, so expect this new system to not work as well either.

    And for my final point, CAPTCHAs only block initial access to a site. This new system continually monitors your interaction with the site. Previously you could login and then archive a bunch of content. Now you'll be banned if you try to download all your topics/favs. I'd bet money someone with a disability is going to sue Google over this is as it'll probably block everyone using screen readers and other accessibility features. No keyboard-only browsers either. If you prefer addons and shortcuts to jump to the links you want, too bad. Either you use your mouse properly and look at the ads for the average amount of time, or Google will block you. Afterall, the average user isn't blocking ads, so if your mouse rolls over a pre-ad element then hits a post-ad element without entering the ad in between them then obviously you just engaged in an undesirable action. Banned.

    This is a horrible service for the end-user. It'll get even worse in a couple years when they add in eye tracking as well.

    1. Re:Sounds horrible to me by Anonymous Coward · · Score: 0

      This is a horrible service for the end-user.

      Google is horrible for the end-user. They are in it for their profit, not for your benefit.

      Welcome to the modern internet. I see you're new here.

    2. Re:Sounds horrible to me by Anonymous Coward · · Score: 0

      It'll get even worse in a couple years when they add in eye tracking as well.

      Thank for the depressing, yet accurate, outlook.

    3. Re:Sounds horrible to me by Anonymous Coward · · Score: 0

      I don't really see the problem.

      I already avoid sites with CAPTCHA since I don't want to waste my time clicking through an endless stream of images, but it's a bit hard for me to keep track of all sites since I only use my memory for it.
      It's so much better to let the sites block themselves. It's not my revenue that gets affected.

    4. Re:Sounds horrible to me by Anonymous Coward · · Score: 0

      Wait don't they use a captcha here when you post?

      *prepares to solve it*

      *can't be bothered gets an alphago to do it instead*

    5. Re:Sounds horrible to me by Aighearach · · Score: 1

      Meaning you'll be required to enable Google's tracking scripts on every website which uses this.

      If that turns out true, websites worth caring about will use something different.

      I'm not worried though, because they're committed to making it accessible to the AA standard, and if you read that standard it means there is no way to keep me from browsing the way I want. That's what the world has come to; wanting to control what is on your own screen is a disability, but they have to accommodate it.

    6. Re:Sounds horrible to me by Anonymous Coward · · Score: 0

      wanting to control what is on your own screen is a disability, but they have to accommodate it.

      saved by the SJWs again

  20. Code excerpt by Anonymous Coward · · Score: 0

    function validateCaptcha3(context) {
        var user = getUserProfileFromContext(context);
        if (user.isConservative) return false;
        return actualValidateCaptcha3(context);
    }

    I completely trust Google to not blacklist conservatives or anyone else they don't like.

  21. Tracking through proxies by Anonymous Coward · · Score: 0

    What are the chances that it'll let you in if you block Google's tracking scripts and mask your IP?

    Google does NOT like people to have privacy from Google.

  22. I am Not a Robot... by Anonymous Coward · · Score: 0

    checkbox should be good enough.

  23. This is great by Anonymous Coward · · Score: 0

    Now I'll fail to prove I'm a human faster than ever before!

  24. Oh hell no ... by Anonymous Coward · · Score: 0

    Google says that by observing how regular users interact with the website and its sections, it would be able to detect abnormalities and detect bots or undesirable actions.

    Yeah, bullshit.

    Google is saying if only they collected more information on users they could do this, the reality is it will just drive more ads and analytics.

    Fuck that, Google is becoming less trustworthy every day. The last thing we need is them trying to track us even more.

    1. Re:Oh hell no ... by Anonymous Coward · · Score: 0

      It sounds like I would have to enable javascript for this system to work.

  25. Ooooh, they're spying on us! by Applehu+Akbar · · Score: 1

    I never know whether an image grid section that has one tiny edge/corner of the street sign or store front in it counts as a "street sign" or a "store front." I've tried it both ways, and I get it wrong every time. The textual CAPTCHAs were no better: as robots got better at solving them, the squiggly figures got more and more obscure, until AI was required to solve them.

    Is reCAPTCH's new technique a spy system? I don't goddamn care. I just want user solving of CAPCHAs gone, using whatever technique they wish to devise.

  26. About time! by SuperKendall · · Score: 1

    JFC where were you? You were gone the WHOLE DAY, on one of the busiest posting days of the year! Come on man, you KNEW it was an Apple Event day, what did you think would happen?

    Were you drunk with your mom again or what?

    Christ you can't even find reliable trolls these days. And while we are at it, what is up with vaguely non-committal threats. I've felt more threatened by unexpected updates to cereal boxes. Step up your game buddy or I'm getting a new troll who actually shows up when it matters and can use a calendar to set some real deadlines.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
  27. Re: Translation:We'll just spy on you to figure it by nazsco · · Score: 1

    captcha v3: spy and censorship

  28. Great --- except I'm not "regular" by Mathinker · · Score: 1

    > observing how regular users interact

    Last time I checked, I don't think I qualified to be a "regular" user.

    If this is done wrong, it's going to be a nightmare for me. And a lot of other users who are not "regular" because they are simply handicapped, as opposed to being outliers in the geeky/techno direction.

  29. Advanced searching by ayesnymous · · Score: 1

    Frequently when I do an "advanced" search, which includes the use of double quotes, or the site:blah.com limiter, or the numeric range operator 1..100, I get the message that they have detected suspicious activity from my IP address and they want to verify that I am human.

  30. Re:Translation:We'll just spy on you to figure it by AmiMoJo · · Score: 1

    Even the current one does. If you take steps to protect your privacy, such as using a VPN or disabling Javascript or blocking access to canvas etc. it breaks and you have to solve it about 900 times to get past.

    --
    const int one = 65536; (Silvermoon, Texture.cs)
    SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  31. Love google captcha by Anonymous Coward · · Score: 0

    I'm VPN'ed and captcha got me off of google search. After the 200th time having to solve it I simply moved on to DDG, Bing, searx. You'd think they would figure me out since I have a static IP but nope. Logging into gmail with the same IP, one would think they make the connection since they track everything. Nope! Now you get captchas logging into gmail, even with the right password and the same IP for months.

    So what's this v3 going to do? I disable mouse movement polling and all that other JS invasive stuff. Is it going to lock me out of the internet? Maybe my VPS ip was used for something bad before I got it. How long is this going to be a problem? If my personal information is the price of entry, I'm not paying it. I'm just stuck in 1996, i've certainly returned there in terms of search.

    1. Re:Love google captcha by Anonymous Coward · · Score: 0

      It may be a static IP but it's the same IP used by actual bots using the same VPN.

      This is the problem things like Tor have. Actual bots make extensive use of those services.

  32. lol, nope by Anonymous Coward · · Score: 0

    They can't use the same vpn because its my VPN. Maybe the same ISP but that's about where it ends.

  33. Re:Translation:We'll just spy on you to figure it by Anonymous Coward · · Score: 0

    "Please upgrade to a supported browser to get a reCAPTCHA challenge."
    Yeah I use vpn and canvas blocker. Fuck you google.

  34. And account creation is not protected?? by Anonymous Coward · · Score: 0

    What would stop somebody from just automation account creation? Unless that one is CAPTCHA-protected aswell.
    Are you mentally disabled or something?

  35. Also: "Secret" = it WILL be broken broken by Anonymous Coward · · Score: 0

    It means it's security through obscurity. And since it's practically guaranteed, that somebody will reverse-engineer ir leak it, it will fail quickly. Sorry, it never made sense to act like connections are not using automation, when coming from a freaking *computer*! Whether a human sits in front of them or not. That's why upvotes/likes/rating/etc can not and will not ever work. You must treat ALL connections like ones with infinite flooding abilities, and not discriminate by action rate or packet rate.

  36. Are Google IPs whitelisted from this? by Anonymous Coward · · Score: 0

    If recaptcha v3 whitelists Google IP addresses (and if they did this for recaptcha v2 & v1), would this be an insidious mechanism for google bots to run freely while other bots are "captured"?

    Even if they don't baldfacedly whitelist Google IP address, they've certainly got the inside track on their own bot detection, so they know how to behave to avoid detection.

    Is this something that Trump will tweet about early this morning?