396
What about clicking a checkbox means I'm human? How does Cloudflare determine I'm human from that?
(lemmy.dbzer0.com)
The simplicity of it is logic defying. It used to be that you had to find crosswalks or move puzzle pieces or type blurred letters and numbers, but NOW all the sudden I can just click a box and HEY!, I'm human?
That's hardly the Turing Test I'd expected.
It tests whether your mouse movement looks human--we're really bad at things like moving in straight lines, so it's pretty evident from a mouse movement log whether you're a human or a simple bot. It also takes a bunch of auxiliary browser/environment data into account. It's not perfect, but it's complicated enough to defeat to provide fine protection against cheap spam.
My question is how is it not trivial to add a noise wave or some shit to the bot path? Obviously, I have zero technical knowledge of how bots, pathing, or anti-bot analysis works
It uses other signals too, like what other sites you've visited with that checkbox on it, what CloudFlare has seen your IP address doing in the past, etc.
The google one is able to see if you're logged into a google account and take that into account.
There's even a new variant of the Google captcha that is invisible and doesn't even bother to show a checkbox.