Post inspired by the bot threat that people on Lemmy have been talking about. I’m not asking how an expert would design it, but how you would design it if you were tasked with it.

  • underisk@lemmy.ml
    link
    fedilink
    English
    arrow-up
    22
    ·
    edit-2
    1 year ago

    There will never be any kind of permanent solution to this. Botting is an arms race and as long as you are a large enough target someone is going to figure out the 11ft ladder for your 10ft wall.

    That said, generally when coming up with a captcha challenge you need to figure out a way to subvert the common approach just enough that people can’t just pull some off the shelf solution. For example instead of just typing out the letters in an image, ask the potential bot to give the results of a math problem stored in the image. This means the attacker needs more than just a drop in OCR to break it, and OCR is mostly trained on words so its likely going to struggle at math notation. It’s not that difficult to work around but it does require them to write a custom approach for your captcha which can deter most casual attempts for some time.