My friend wants to join the forum but the CAPTCHA is impossible

  • Thread starter Hyacinth
  • Start date
    • This site may earn a commission from merchant affiliate links like Ebay, Amazon, and others.
ArtDecade

ArtDecade

Barking Pumpkin
Joined
Feb 27, 2009
Messages
8,333
Reaction score
12,700
Location
m7b5
In an effort to chastise a fair and honest forum member like myself, @4x3 replied to my comment within a reply. This clearly demonstrates that we have set the far too low and I rest my case.

dismissed-youre-welcome.gif
 

This site may earn a commission from merchant links like Ebay, Amazon, and others.

cindarkness

cindarkness

SS.org Regular
Joined
Sep 7, 2021
Messages
353
Reaction score
498
Location
EU
ArtDecade said:
In an effort to chastise a fair and honest forum member like myself, @4x3 replied to my comment within a reply. This clearly demonstrates that we have set the far too low and I rest my case.

dismissed-youre-welcome.gif
Click to expand...
I know, right. I tried to reply to him but it just didn't show up in my comment text box. I thought the damn forum was broken again :D
 
K

kernelpickle

SS.org Regular
Joined
Mar 17, 2024
Messages
2
Reaction score
2
The sad thing is that you've not only annoyed every human who has tried to create an account, but you've successfully achieved the exact opposite of your intended purpose. Instead of creating a question that only humans could answer, you've actually come up with a question with and answer that humans are highly unlikely figure out and made beyond trivial to brute force.

Using a tool like Hashcat on literally anything would have cracked it instantly. To give you an idea of how fast we're talking about, anything above 23.762753 MH/s can be solved instantly. If you slowed it down to only 1 MH/s (1 Million attempts per second) it would still only take 23 seconds. We're not talking about crazy hardware to do this either, because even a mid-range GPU from 7 years ago is faster than 1,000 MH/s, which is 1 Billion attempts per second--and newer hardware is multiple times that speed. Realistically, I would've had to generate a list of all those potential options and scripted a bot to try them all out on the actual website, since I don't have access to a hashed file that I could run it against offline.

That however takes effort and far more time than I spent writing this comment, but you know what's even lower effort and doesn't waste more than a couple minutes of my day? Asking ChatGPT to just figure it out for me. Since it doesn't seem to like generating lists longer than 50, I just worked in batches, and whenever I saw repeats I just had it give shorter responses in the next batch until they couldn't get any shorter and it started giving me repeats. All totaled, I had it create 18 batches or 900 guesses (with lots of duplicates). So, I threw that into Excel, removed duplicates, and generated a new list with letters in upper and lower case, that came out to 610 (or less if not case sensitive) and then I sorted them alphabetically, and then by length and started copying and pasting them into the form and it ended up being the 3rd one on the list. Sure, that might've taken me 30 minutes to sort and clean up the data--but you can't argue with results. In hindsight, I would've been better off using Bing's GPT-4 based chatbot, because it could've just searched the forum and found the comment with the correct response.

I'm glad that there is a solution available, so that nobody else has to be annoyed by trying a number of far more reasonable and better answers to that question. However, if you actually care about keeping your forum bot free, then you're screwed becasue AI image recognition can defeat most CAPTCHA's now, and the one's used by Google are just their cheap/easy way to have real humans train the Machine Vision systems in self-driving cars, so that it can better recognize things that it should avoid hitting. The best solutions to that problem are randomized little games and puzzles that would be far more difficult to train an AI powered bot to defeat.

I wouldn't have even made an account if I could've found a larger version of a picture posted on here anywhere else. Apparently you block random lurkers from seeing full size images for some reason, and that's literally the only reason I signed up. Thanks for that...
 
jaxadam

jaxadam

Well-Known Member
Joined
Aug 14, 2006
Messages
6,479
Reaction score
9,208
Location
Jacksonville, FL
kernelpickle said:
The sad thing is that you've not only annoyed every human who has tried to create an account, but you've successfully achieved the exact opposite of your intended purpose. Instead of creating a question that only humans could answer, you've actually come up with a question with and answer that humans are highly unlikely figure out and made beyond trivial to brute force.

Using a tool like Hashcat on literally anything would have cracked it instantly. To give you an idea of how fast we're talking about, anything above 23.762753 MH/s can be solved instantly. If you slowed it down to only 1 MH/s (1 Million attempts per second) it would still only take 23 seconds. We're not talking about crazy hardware to do this either, because even a mid-range GPU from 7 years ago is faster than 1,000 MH/s, which is 1 Billion attempts per second--and newer hardware is multiple times that speed. Realistically, I would've had to generate a list of all those potential options and scripted a bot to try them all out on the actual website, since I don't have access to a hashed file that I could run it against offline.

That however takes effort and far more time than I spent writing this comment, but you know what's even lower effort and doesn't waste more than a couple minutes of my day? Asking ChatGPT to just figure it out for me. Since it doesn't seem to like generating lists longer than 50, I just worked in batches, and whenever I saw repeats I just had it give shorter responses in the next batch until they couldn't get any shorter and it started giving me repeats. All totaled, I had it create 18 batches or 900 guesses (with lots of duplicates). So, I threw that into Excel, removed duplicates, and generated a new list with letters in upper and lower case, that came out to 610 (or less if not case sensitive) and then I sorted them alphabetically, and then by length and started copying and pasting them into the form and it ended up being the 3rd one on the list. Sure, that might've taken me 30 minutes to sort and clean up the data--but you can't argue with results. In hindsight, I would've been better off using Bing's GPT-4 based chatbot, because it could've just searched the forum and found the comment with the correct response.

I'm glad that there is a solution available, so that nobody else has to be annoyed by trying a number of far more reasonable and better answers to that question. However, if you actually care about keeping your forum bot free, then you're screwed becasue AI image recognition can defeat most CAPTCHA's now, and the one's used by Google are just their cheap/easy way to have real humans train the Machine Vision systems in self-driving cars, so that it can better recognize things that it should avoid hitting. The best solutions to that problem are randomized little games and puzzles that would be far more difficult to train an AI powered bot to defeat.

I wouldn't have even made an account if I could've found a larger version of a picture posted on here anywhere else. Apparently you block random lurkers from seeing full size images for some reason, and that's literally the only reason I signed up. Thanks for that...
Click to expand...

6bb2f1b0b7a4cbdcc74af3a48315924a.jpg
 
SalsaWood

SalsaWood

Scares the 'choes.
Joined
May 15, 2017
Messages
1,171
Reaction score
1,860
Location
NoVA
kernelpickle said:
If you slowed it down to only 1 MH/s (1 Million attempts per second) it would still only take 23 seconds. We're not talking about crazy hardware to do this either, because even a mid-range GPU from 7 years ago is faster than 1,000 MH/s, which is 1 Billion attempts per second
Click to expand...

When did we move the site to quantum servers?

But seriously, the captcha is properly fucked.
 
cindarkness

cindarkness

SS.org Regular
Joined
Sep 7, 2021
Messages
353
Reaction score
498
Location
EU
kernelpickle said:
The sad thing is that you've not only annoyed every human who has tried to create an account, but you've successfully achieved the exact opposite of your intended purpose. Instead of creating a question that only humans could answer, you've actually come up with a question with and answer that humans are highly unlikely figure out and made beyond trivial to brute force.

Using a tool like Hashcat on literally anything would have cracked it instantly. To give you an idea of how fast we're talking about, anything above 23.762753 MH/s can be solved instantly. If you slowed it down to only 1 MH/s (1 Million attempts per second) it would still only take 23 seconds. We're not talking about crazy hardware to do this either, because even a mid-range GPU from 7 years ago is faster than 1,000 MH/s, which is 1 Billion attempts per second--and newer hardware is multiple times that speed. Realistically, I would've had to generate a list of all those potential options and scripted a bot to try them all out on the actual website, since I don't have access to a hashed file that I could run it against offline.

That however takes effort and far more time than I spent writing this comment, but you know what's even lower effort and doesn't waste more than a couple minutes of my day? Asking ChatGPT to just figure it out for me. Since it doesn't seem to like generating lists longer than 50, I just worked in batches, and whenever I saw repeats I just had it give shorter responses in the next batch until they couldn't get any shorter and it started giving me repeats. All totaled, I had it create 18 batches or 900 guesses (with lots of duplicates). So, I threw that into Excel, removed duplicates, and generated a new list with letters in upper and lower case, that came out to 610 (or less if not case sensitive) and then I sorted them alphabetically, and then by length and started copying and pasting them into the form and it ended up being the 3rd one on the list. Sure, that might've taken me 30 minutes to sort and clean up the data--but you can't argue with results. In hindsight, I would've been better off using Bing's GPT-4 based chatbot, because it could've just searched the forum and found the comment with the correct response.

I'm glad that there is a solution available, so that nobody else has to be annoyed by trying a number of far more reasonable and better answers to that question. However, if you actually care about keeping your forum bot free, then you're screwed becasue AI image recognition can defeat most CAPTCHA's now, and the one's used by Google are just their cheap/easy way to have real humans train the Machine Vision systems in self-driving cars, so that it can better recognize things that it should avoid hitting. The best solutions to that problem are randomized little games and puzzles that would be far more difficult to train an AI powered bot to defeat.

I wouldn't have even made an account if I could've found a larger version of a picture posted on here anywhere else. Apparently you block random lurkers from seeing full size images for some reason, and that's literally the only reason I signed up. Thanks for that...
Click to expand...
TL;DR anyone?
 
TedEH

TedEH

Cromulent
Joined
Jun 8, 2007
Messages
12,658
Reaction score
12,508
Location
Gatineau, Quebec
cindarkness said:
TL;DR anyone?
Click to expand...
If I'm reading this right, pickle only made an account because he wanted a larger version of an uploaded photo, but didn't have any intention of actually joining the community. Even though we figured out the answer, and it's in this very thread a few pages back, he instead went to weird lengths to get ChatGPT to brute-force it for him, and is now ranting to us about it.

Is that basically it?
 
SalsaWood

SalsaWood

Scares the 'choes.
Joined
May 15, 2017
Messages
1,171
Reaction score
1,860
Location
NoVA
@kernelpickle
Show me you did a million captcha queries a second to SSO and you can have all my guitars. All of them.

You could sell them to get better acting lessons at the very least.

Also, don't use hertz for anything that isn't a cycle. Or keep doing it, whatever. Just dance to your own clown tune for our further enjoyment in any case.
 
jaxadam

jaxadam

Well-Known Member
Joined
Aug 14, 2006
Messages
6,479
Reaction score
9,208
Location
Jacksonville, FL
Everyone knows the only way to join is by baking a cake with what we tune our guitars to written on the top in red frosting then posting a picture of it.
 
SalsaWood

SalsaWood

Scares the 'choes.
Joined
May 15, 2017
Messages
1,171
Reaction score
1,860
Location
NoVA
Obviously the captcha answer to what our guitars are tuned in is "a Chevy Chase style comedic commotion resulting in multiple objects colliding as they fall to the floor loudly".
 
You must log in or register to reply here.


Latest posts

Top