Comment by jeroenhd
20 hours ago
I saw this coming from miles away. Computers are better at solving CAPTCHAs than people are and people can be bribed or convinced to join botnets so IP whitelisting doesn't work either. Now we have tons of fingerprinting and behaviour analysis but governments are cracking down on that. Plus, YouTube had a massive ad fraud problem with ads being played back in the background in embedded videos, so their detection clearly wasn't good enough.
There aren't many good ways to prove you're not a bot and there are even fewer that don't involve things like ID verification.
Their opt-in approach helps shift the blame to individual web stores for a while, so who knows if this will take off. But either way, in the long term, the open, human internet is either going away or getting locked behind proofs of attestation like this.
Apple built remote attestation into Safari years ago together with Cloudflare and Google is now going one step further, as Apple's approach doesn't work well against bots that can drive browsers rather than scripted automation tools.
Luckily, their current approach can be worked around because it's only targeting things like stores now and you can buy things from other stores. Once stores find out that click farms have hundreds of phones just tapping at remotely served content, uptake will probably be limited.
It'll be a few years before this is everywhere, but unless AI suddenly isn't widely available anymore, it's going to be inevitable.
> saw this coming from miles away. Computers are better at solving CAPTCHAs than people are
good point... it's interesting how Captcha was initially popularized as a reverse Turing test, but it's just variants of Proof of Work today.
And it seemed clever at the time for Google to leverage this for improvement of their OCR models (it was!), and makes you wonder what utility is derived from the proven "work" today.
CAPTCHAs were designed as a type of Turing Test, not a reverse Turing Test. It’s not surprising that the effectiveness of these weaker variants has collapsed, given that AI can now pass the real Turing Test.
LLM’s can still only pass limited Touring Tests. The longer the interaction the worse they do. Which of course means you can easily create an experiment they successfully pass, but just as easily you can create an experiment where they fail.
CAPTCHAs are nearly useless because of how little you need to pay humans to solve them.
2 replies →
I'm not sure if LLMs are solving most of these captchas. There are services that employ humans to solve them for pennies per captcha.
Oh, right, "reverse" was wrong here. I thought of "computer classifies user as computer or human" versus the inverse, while the word is about who classifies, not who's being classified.
(?)
I guess so
With the crosswalk, bike, motorcycle, stairs type of things, wasn't that just improving their training data?
Yes, for Waymo, AFAIK (I don't know for sure).
The OCR thing was earlier and used for Google Books, I think. Which is also is fitting for training data, or the motto "organize all knowledge".
At that time, this goal seemed really cool!
> people can be bribed or convinced to join botnets so IP whitelisting doesn't work either
Do you think this won’t also be bypassed, by bribing people to scan QR codes and spoofing location etc.?
The person who scanned to QR code is knowable. They have their IMEI encoded in the response.
Allegedly can be spoofed.
But regardless, I imagine scammers will circumvent this to buy products, login to bank accounts, etc. of the exact users they’re targeting. The user will be presented with “Scan this QR code for $100” as the scammer is logging into their account with spoofed metadata.
1 reply →
> people can be bribed or convinced to join botnets so IP whitelisting doesn't work either
what does that bribe look like, as in, how much can one get? what all does that entail? is that a little box i connect to my network and forget about? does that mean if i unplug it unless another payment is received that will work out? i'm asking for a friend that's looking to avoid selling plasma to make ends meet.
https://www.fbi.gov/investigate/cyber/alerts/2026/evading-re...
> The following methods can be used to acquire residential IP addresses for a residential proxy network:
> Software development kit (SDK) partnerships: Proxy services convince mobile application developers to include their SDK in applications in exchange for payment for each person who downloads the application. Individuals download the application and accept the terms and conditions, allowing the SDKs to run in the background and route proxy traffic through users' devices.
> Virtual private network (VPNs) with hidden terms of service: Free VPN services may enroll users' devices in a residential proxy network, without obtaining their consent. The details are often hidden in the terms of service, which most users do not read prior to download, or the language is difficult for the user to understand.
> [malware and compromised IoT devices]
> Passive income schemes: Proxy services convince people to download applications on their device that promise to pay them for their internet bandwidth. People often do not realize that criminals use their internet connection to commit cyber attacks
One reddit post says bandwidth sharing passive income schemes paid them $1 to $9 per month.
I used to know some Americans who were on the poorer end of the spectrum, and apps that paid you for performing fitness activity and such weren't uncommon in that demographic. Not as much of a thing in Europe for some reason.
I believe the cheap Chinese pirate TV boxes that are somewhat popular in the US these days are also in botnets, which is likely how the vendors make them so cheap.
What are these Chinese pirate devices? This sounds fascinating.
1 reply →
Oh it's better than that now, if you can afford the up-front costs. You can set up a phone farm with cheap Google-certified devices, and the control software manages the Google accounts and botnet connection (through multiple residential proxies, of course). All of these attestation games are DOA.
I'm afraid it's far less enticing. The usual offer is "To continue playing, pay $0.99 or hit AGREE to share your internet connection with Legit Services Inc."
And that's assuming they're nice enough to ask at all.
I'm pretty sure it's one of the revenue models for those free tv/movie boxes. You can even see them at best buy. Absurd.
Can you use one of these boxes connected to a firewall blocking the connections to the botnet?
I personally think its easier to detect llm controlled browser sessions, the people deploying them are far more naive and inexperienced than traditional scrapers/crawlers.
insert You wouldn't bring a 40 Petabyte Zip Bomb to School, would you? meme
Part of the problem is also that Google wants to permit crawlers to do some things but jot others.
Their announcement is full of buzzwords about "agentic" things. Detecting LLMs is one thing, but imagine the power of being able to pick which LLM browsers are permitted and which aren't!
I think Google is being too early to the party with this. Cloudflare still has CAPTCHAs to throw at the wall. There are ways other than attestation to verify that someone is a real human, but they're getting more and more annoying to real users and harder and harder to implement on a small website.
Despite the massive implications, this is a simple system that just works for the 99% of people who use Chrome or Safari or at least have access to an Android phone or iPhone somewhere. It's quick, doesn't require installing apps or creating accounts, and it just works from both the website perspective and the user perspective.
Of course when you start thinking about people with disabilities things become problematic, but when have tech companies ever really cared about that sort of thing? Inclusiveness was fun and all for a while, but the clowns the American people elected banned that sort of thing for any company considering government contracts, and big tech licked that boot like it was made of honey.
The world becomes a lot easier if you just decide to ignore all edge cases and assume customers who disagree with you didn't matter anyway. And infuriating as it may be, for companies like Google, that business model works.
I mean depending on the cost, Google is guaranteed to lose the battle, like gaming anticheat: there are tools that do parsing of the image on screen and send input as a usb device, there is absolutely nothing to detect.
Doing that for a webpage seems way easier than s videogame