Comment on CAPTCHAs are 'a tracking cookie farm for profit that made us spend 819 billion hours clicking to generate nearly $1 trillion for Google

<- View Parent
cherrykraken@lemmy.ca ⁨1⁩ ⁨day⁩ ago

The code basically tracks mouse movements, or the lack thereof. If a bot is using a cursor, it might move in a straight line at constant speed to the “I’m not a robot” checkbox. Most bots though just check the HTML and jump directly to the checkbox. There are other checks it might do as well, e.g. the user-agent of the browser, whether the user came from a search engine, etc.

That being said it’s that not difficult to break, e.g. Puppeteer has a plugin specifically for getting around Captchas and Cloudflare’s offerings.

All this is to say: automatic captchas are better at allowing legitimate users than they are at blocking bots entirely.

source
Sort:hotnewtop