1 |
Kent Fredric wrote: |
2 |
> > While services such as reCAPTCHA are (as said) massively intrusive, there |
3 |
> > are other, much less intrusive and even terminal-compatible ways to construct |
4 |
> > a CAPTCHA. Hello game developers, you have 80x23 "pixels" to render a puzzle |
5 |
> > for a human above the response input line - that's not so bad. |
6 |
> |
7 |
> Well, they kinda have to be, |
8 |
|
9 |
I disagree with that, especially for this service, that was the point I |
10 |
wanted to make. :) |
11 |
|
12 |
|
13 |
> the state of AI is increasing so much that current captcha systems |
14 |
> undoubtedly also develop their own adversarial AI to try beat their |
15 |
> own captcha. |
16 |
> |
17 |
> I don't think we have the sort of power to develop this. |
18 |
|
19 |
In any case I don't think that's required. |
20 |
|
21 |
|
22 |
> And the inherently low entropy of only having 80x23 with so few |
23 |
> (compared to full RGB) bits per pixel, |
24 |
|
25 |
A character doesn't compare too bad to RGB. See aalib, or if you |
26 |
will risk exclusion of color-vision-impaired humans libcaca. |
27 |
|
28 |
|
29 |
> this gives any would-be AI a substantial leg up. |
30 |
> |
31 |
> Using text distortion is amateur hour these days. |
32 |
> |
33 |
> (and there's always mechanical-turk anyway) |
34 |
|
35 |
Except this isn't for some web-scale disruptive startup, it's a |
36 |
statistics/reputation system for an advanced, super-nerdy Linux distribution. |
37 |
|
38 |
Please think more about the threat model, and remember the rate limit knob. |
39 |
|
40 |
The bar only needs to be raised high enough. |
41 |
|
42 |
|
43 |
//Peter |