Kent Fredric wrote: > > While services such as reCAPTCHA are (as said) massively intrusive, there > > are other, much less intrusive and even terminal-compatible ways to > > construct > > a CAPTCHA. Hello game developers, you have 80x23 "pixels" to render a puzzle > > for a human above the response input line - that's not so bad. > > Well, they kinda have to be,
I disagree with that, especially for this service, that was the point I wanted to make. :) > the state of AI is increasing so much that current captcha systems > undoubtedly also develop their own adversarial AI to try beat their > own captcha. > > I don't think we have the sort of power to develop this. In any case I don't think that's required. > And the inherently low entropy of only having 80x23 with so few > (compared to full RGB) bits per pixel, A character doesn't compare too bad to RGB. See aalib, or if you will risk exclusion of color-vision-impaired humans libcaca. > this gives any would-be AI a substantial leg up. > > Using text distortion is amateur hour these days. > > (and there's always mechanical-turk anyway) Except this isn't for some web-scale disruptive startup, it's a statistics/reputation system for an advanced, super-nerdy Linux distribution. Please think more about the threat model, and remember the rate limit knob. The bar only needs to be raised high enough. //Peter
