The answer it “expect it soon”.

Most machine learning programs right now are being made by universities, tech giants, and industry professionals.

It rolling out to the masses is still pretty new, but you can be sure its in the works by someone somewhere.

They can. There are also varyingly large scale operations with humans behind the screens whose entire job is to solve these for hire, too.

Because bots aren’t allowed to say that they’re not robots. That’s one of their prime directives.

To highlight what others are saying, those CAPTCHAS are checking a lot of things to verify that you are human. The most popular one, reCAPTCHA, doesn’t really tell you what it’s doing on the back end because having that information would help hackers to defeat it with bots. Granted, there are other ways they can be defeated, such as by using a scam website to “proxy” the CAPTCHA through to have a human solve it for them.

That said, some of the things they do look for is how your mouse has moved (or how your phone screen has been scrolled), recent browsing activity, how you have interacted with the page you’re looking at, and data stored in your browser cache. It tries to assign a “weight” to these values and, if what it see exceeds a certain threshold, the algorithm determines you to be human. If it does not, then it shows you the stop signs and school buses and stuff just to be extra sure.

As someone who deals with this on a daily basis, I don’t know if it’s a bot or human spammers, but I’m dealing with hundreds or thousands of fake clicks per day that get thru Google’s reCaptcha. So the answer to your ELI5 is: actually they do, at quite a large scale.

If it presents you that checkbox and accepts it, it’s because the system already has a model indicating you are a human. Previous trackable behavior etc. says that you’re not a robot, so you get the easy challenge.

This is pretty common in the anti-fraud world. You can “randomly” get asked for stronger account authentication, for example — something like associating a phone number with your account. That’s based on the confidence that the fraud model has on whether your account is legitimate.

I’m sure there’s more to it, but pretty much because of this:

>The isTrusted read-only property of the Event interface is a boolean value that is true when the event was generated by a user action, and false when the event was created or modified by a script or dispatched via EventTarget.dispatchEvent().

[https://developer.mozilla.org/en-US/docs/Web/API/Event/isTrusted](https://developer.mozilla.org/en-US/docs/Web/API/Event/isTrusted)

I wonder if downloading the chromium source files, modifying the code to always return true, then building it again (it may take a few hours, I guess), would actually work.

High end bots definitely can bypass those captchas… this things only keep away small developers or web scrappers.

It is not about ticking the box, It is asking you a question, if you are a robot or not, and robots are so proud that they are not skin bags like us, they just can’t say no.

[deleted]