Eli5: who are these robots that reCAPTCHA protects us from?

124 views

Who are they? How does it all work? What would happen if captchas weren’t there?

In: 18

9 Answers

Anonymous 0 Comments

They aren’t robots, but code that just spams websites with login combinations until it finds one that works. This is called a brute force attack. By adding a step where you have to identify pictures, it makes coding a way around it so difficult that is practically impossible.

Anonymous 0 Comments

The ones that automate clicking a browser window, as well as the ones that send web requests to navigate pages/log in and out of accounts. Both can’t function unless they can solve a captcha.

Anonymous 0 Comments

The robots are programs designed to crawl sites for various reasons. They are easy to create by programmers. Not having CAPTCHA can result in:

– content theft
– credentials theft via brute force attack
– being scanned for vulnerabilities
– increased server load (a script instance can load a server as much as thousands of users)

In many cases CAPTCHA as devolved into a due diligence checklist item that insipid security auditors with no technical knowledge insist upon for no real reason.

Anonymous 0 Comments

If you provide an online service – something that looks something up, or calculates something – you want to stop people from abusing/overloading the system. If the users need to proof they are human, automated scripts are at least slowed somewhat, so other people can get their turn.

For free online games you want to reduce the people who are able to create new accounts and play them automatically just to give themself help or farm random items.

CAPTCHAs aren’t terribly useful for stopping concentrated attacks, but they reduce the amount of spam that is sent via publicly accessible forms.

Anonymous 0 Comments

Think about Reddit itself, if it allows anyone to post anything at anytime, then nothing stops someone from writing a program to post a million ads / scam links / propaganda to every subreddit it can find.

Anonymous 0 Comments

An easy example are forums where people post replies to threads, or websites that allow comments from readers.

If there is no way to verify it is a real person, then the threads and comments quickly fill up with spam ads, links to porn, etc.

Moderators can clean them up by deleting them, but it makes their job a lot harder if the spammers can write programs to litter their ads on every page quickly.

Anonymous 0 Comments

I also read somewhere that Google created this to improve it’s AI/machine learning. If millions of people do this everyday it’s like a free workforce teaching your AI. It’s like Tesla collection all the data from their drivers for their AI self driving software.

Anonymous 0 Comments

Spam bots will create accounts anywhere they can and put spam in every form they can find, it becomes a major nuisance at best and can overload and crash servers at worst

Anonymous 0 Comments

Those evil natured robots, they’ve been sent here to destroy us. She’s got to be strong to fight them, so she’s taking lots of vitamins.