惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

TaoSecurity Blog
TaoSecurity Blog
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
F
Fortinet All Blogs
Cisco Talos Blog
Cisco Talos Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
S
Secure Thoughts
美团技术团队
雷峰网
雷峰网
Hugging Face - Blog
Hugging Face - Blog
博客园_首页
C
CXSECURITY Database RSS Feed - CXSecurity.com
Engineering at Meta
Engineering at Meta
人人都是产品经理
人人都是产品经理
月光博客
月光博客
T
Tor Project blog
P
Privacy & Cybersecurity Law Blog
Recorded Future
Recorded Future
I
Intezer
博客园 - 【当耐特】
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
GbyAI
GbyAI
罗磊的独立博客
V
V2EX
Google DeepMind News
Google DeepMind News
D
DataBreaches.Net
Last Week in AI
Last Week in AI
T
Tailwind CSS Blog
www.infosecurity-magazine.com
www.infosecurity-magazine.com
A
About on SuperTechFans
Scott Helme
Scott Helme
Vercel News
Vercel News
Spread Privacy
Spread Privacy
T
Threat Research - Cisco Blogs
Recent Announcements
Recent Announcements
Hacker News: Ask HN
Hacker News: Ask HN
C
CERT Recently Published Vulnerability Notes
G
Google Developers Blog
B
Blog
博客园 - 叶小钗
WordPress大学
WordPress大学
博客园 - 聂微东
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Jina AI
Jina AI
IT之家
IT之家
C
Cybersecurity and Infrastructure Security Agency CISA
P
Palo Alto Networks Blog
小众软件
小众软件
博客园 - Franky
Microsoft Azure Blog
Microsoft Azure Blog
AWS News Blog
AWS News Blog

Hacker News

Introducing Claude Opus 4.7 Qwen Studio The Future of Everything is Lies, I Guess: Where Do We Go From Here? GitHub - SeanFDZ/macmind: Single-layer transformer in HyperTalk for the classic Macintosh Show HN: Agent-cache – Multi-tier LLM/tool/session caching for Valkey and Redis Moving a large-scale metrics pipeline from StatsD to OpenTelemetry / Prometheus GitHub - Nightmare-Eclipse/RedSun: The Red Sun vulnerability repository GitHub - SethPyle376/hiraeth: Local AWS emulator focused on fast integration testing, with SQS support, SQLite-backed state, and a debug-friendly web UI. GitHub - macOS26/Agent: Any AI, replaces Claude Code, Cursor, OpenClaw. Over 18 LLM providers (Claude, OpenAI, Gemini, Ollama, Zai, HF, Qwen) wired into a native Mac app that writes code, builds Xcode projects, bumps versions, manages git, automates Safari, use AppleScript, JS or Accessibility, extend Agent! w/ MCP Servers, run tasks from your iPhone via Messages. YouTube now lets you turn off Shorts I Made a Terminal Pager Burgers | マクドナルド公式 Commands — HackerNews CLI documentation ChatGPT for Excel PiCore - Raspberry Pi Port of Tiny Core Linux Live Nation illegally monopolized ticketing market, jury finds Google Broke Its Promise to Me. Now ICE Has My Data. Founding Engineer at Adaptional | Y Combinator CRISPR takes important step toward silencing Down syndrome’s extra chromosome GitHub - saffron-health/libretto: The AI toolkit for building reliable browser automations US v. Heppner (S.D.N.Y. 2026) no attorney-client privilege for AI chats [pdf] Unexpected €54k billing spike in 13 hours: Firebase browser key without API restrictions used for Gemini requests Retrofitting JIT Compilers into C Interpreters IPv6 – Google The Accursèd Alphabetical Clock Cybersecurity Looks Like Proof of Work Now Fragments: April 14 Cal.com Goes Closed Source: Why AI Security Is Forcing Our Decision | Cal.com - Scheduling Software for Online Bookings Laravel raised money and now injects ads directly into your agent When moving fast, talking is the first thing to break Too much Discussion of the XOR swap trick – Heather Cafe Introduction to Spherical Harmonics for Graphics Programmers The Grand Line Building a Z-Machine in the worst possible language High-Level Rust: Getting 80% of the Benefits with 20% of the Pain GitHub - duguyue100/midnight-captain: Inspired by Midnight Commander, tailored to my taste. How to build a `git diff` driver · Jamie Tanna | Software Engineer Center for Responsible, Decentralized Intelligence at Berkeley The Local Universe’s Expansion Rate Is Clearer Than Ever, but Still Doesn’t Add Up - A new synthesis of astronomical measurements confirms a persistent mismatch that could point to physics beyond current models The air throughout our homes is infused with microplastics. But there are things you can do to breathe less of them The disturbing white paper Red Hat is trying to erase from the internet – OSnews The Future of Everything is Lies, I Guess: Annoyances ‘Abhorrent’: the inside story of the Polymarket gamblers betting millions on war Productive procrastination — Max van IJsselmuiden maps, territory and LMs 447 Terabytes per Square Centimetre at Zero Retention Energy: Non-Volatile Memory at the Atomic Scale on Fluorographane Show HN: Pardonned.com – A searchable database of US Pardons 20 Years on AWS and Never Not My Job The Seasons are Wrong Artemis II crew splashes down near San Diego after historic moon mission We gave an AI a 3 year retail lease in SF and asked it to make a profit | Andon Labs How a dancer with ALS used brainwaves to perform live On filing the corners off my MacBooks Installing every* Firefox extension OpenClaw’s memory is unreliable, and you don’t know when it will break Steve Blank Nowhere Is Safe Chimpanzees in Uganda locked in vicious 'civil war', say researchers watgo - a WebAssembly Toolkit for Go linux/Documentation/process/coding-assistants.rst at master · torvalds/linux GitHub - callumlocke/json-formatter: Makes JSON easy to read. Founding Product Engineer at Bild AI | Y Combinator A compelling title that is cryptic enough to get you to take action on it GitHub - Keychron/Keychron-Keyboards-Hardware-Design: Industrial design files for Keychron keyboards and mice. 100+ models with CAD assets in STEP, DXF, DWG, and PDF. Source-available, with commercial use allowed for original compatible accessories within the license terms. [ANNOUNCE] WireGuardNT v0.11 and WireGuard for Windows v0.6 Released 1D-Chess Helium Is Hard to Replace Cooperative Vectors Introduction | Evolve Keeping a Postgres queue healthy — PlanetScale Our response to the Axios developer tool compromise Do Americans read print books, e-books or audiobooks more? The Zettelkasten Method in Obsidian: A Practical Setup Guide Artemis II Is Competency Porn and We Are Starving For It WeakC4 Flight Viz — Cockpit View A Mexican surveillance giant you’ve never heard of is now watching the U.S. border Surelock: Deadlock-Free Mutexes for Rust RISC-V 101 – what is it and what does it mean for Canonical? | Ubuntu The Problem That Built an Industry How Much Linear Memory Access Is Enough? | Solidean Investigating Split Locks on x86-64 Simplest hash functions Sybilproof reputation mechanisms (2005) [pdf] What is a property? How Complex is my Code? Static code analysis in Kotlin — tools overview Toffoli gates are all you need PGLite evangelism dcmake: a new CMake debugger UI Clojure on Fennel part one: Persistent Data Structures Fragments: April 2 Python Release Python install manager 26.1 The Life and Death of the Book Review - Liberties Introducing Database Traffic Control — PlanetScale Bitcoin miners are losing $19,000 on every BTC produced as difficulty drops 7.8% God sleeps in the minerals Building slogbox Apple Silicon and Virtual Machines: Beating the 2 VM Limit Who was “Not Even Wrong” first? Pokemon Evolution Vs Darwinian Evolution The APL Programming Language Source Code
The CAPTCHA arms race: from distorted text to browser identity
2026-06-25 · via Hacker News

TL;DR: Every CAPTCHA generation (distorted text, harder text, image grids) was eventually beaten by machines. Now with everyone using agents to run real workflows, the game has changed from testing what a browser can do to verifying who it is. That's why Browserbase is building agent identity with Verified and Web Bot Auth, because the best CAPTCHA “solver” never sees a CAPTCHA at all.

If you've clicked every traffic light, bus, and crosswalk in a blurry image grid, you've taken part in one of the internet's longest-running security experiments. Those clicks were solving CAPTCHAs: tests of whether you're human.

As websites grew popular in the late 1990s, so did the incentives to abuse them. Spammers created thousands of fake accounts, bots scraped search engines, and scripts flooded forums with ads. Every popular site faced the same question: how do you tell a human from a machine?

CAPTCHA is a backronym for Completely Automated Public Turing test to tell Computers and Humans Apart, coined in a 2003 paper by Luis von Ahn, Manuel Blum, Nicholas Hopper, and John Langford at Carnegie Mellon.

It's a reverse Turing test. The original asks a human to spot a machine through conversation; a CAPTCHA flips it, so the machine asks the question and the test passes if the responder behaves like a human. The goal isn't to prove intelligence. It's to make automation cost more than the attack is worth.

For over 20 years, every CAPTCHA has eventually been fooled, and each generation follows the same cycle:

defenders build a new challenge → it works for a while → attackers learn to solve it → defenders build something new → repeat.

It’s an endless cat and mouse chase.

Let's hop into the arena: cat (computer) vs. mouse (CAPTCHA).

Level 1: can you read this?

The first answer was surprisingly simple: make computers read.

Early CAPTCHAs showed distorted text (warped letters, uneven spacing, random lines, noisy backgrounds). To a human it was usually trivial. Our brains are remarkably good at recognizing patterns through missing pixels and distortion.

Computers, however, were not.

Optical character recognition (OCR) at the time did well on clean printed text but struggled when characters were rotated, stretched, overlapped, or obscured. The key assumption was that perception was the hard part. If a computer couldn't tell where one character ended and the next began, it couldn't read the word.

For a while, it worked. A distorted word stopped automated scripts while barely slowing a human. AltaVista and Yahoo adopted early systems, and the approach worked well enough that the Carnegie Mellon researchers formally coined the term.

Then OCR got better. 🐈

Attackers realized they didn't need to solve the whole CAPTCHA at once. Most text CAPTCHAs were generated in stages: render text, apply distortion, add noise, draw obfuscating lines, output an image.

Well, if the CAPTCHA was created in stages, then it could be defeated in stages. Attackers built computer vision pipelines that removed background noise, thresholded images to black-and-white, segmented characters into individual regions, and fed those regions to OCR. What looked like an AI problem became an image-processing problem.

What appeared to be an AI problem became an image processing problem.

Once segmentation was reliable, recognition accuracy jumped. The same advances that digitized books and read street signs made computers capable CAPTCHA solvers.

The mouse had made its move, and the cat adapted. Time to repeat.

Level 2: make the text harder

The defenders figured that if attackers can segment characters, then make segmentation impossible. CAPTCHAs grew aggressive (overlapping letters, unnatural shapes, noisy backgrounds), some so distorted they looked more like abstract art than text.

Around this time, von Ahn noticed something. Millions of people were spending seconds a day solving CAPTCHAs, an enormous amount of visual recognition work that immediately disappeared. What if that effort could be useful?

This idea became reCAPTCHA.

Instead of random text, it showed scanned words from books and archives that OCR couldn't confidently read. Every solved challenge helped digitize printed material. For a while, everyone won when websites got protection, and libraries got digitized.

Then machine learning arrived. 🐈

Traditional OCR relied on hand-engineered rules (edge detectors, character templates, segmentation heuristics) that worked until designers changed the distortion. Machine learning removed the hard-coding. Instead of teaching a computer how to recognize a character, researchers trained models on millions of examples and let them learn the patterns. Neural networks recognized heavily distorted characters without perfect segmentation, because the noise that confused traditional OCR still carried enough signal to recover the answer.

The CAPTCHAs designed to stop machines eventually became harder for humans than for the models.

The mouse raised the stakes, but the cat learned faster.

Level 3: find the traffic lights

By the early 2010s, the founding assumption (computers can't read) was hard to defend. So designers abandoned text and asked users to identify objects instead.

Where text CAPTCHAs tested character recognition, image CAPTCHAs tested semantic understanding. Humans do this effortlessly when we recognize a bicycle from the side, half-hidden behind a car, at night, or cropped to a corner of the frame.

For computers, this was the same hand-engineered problem as before, now in two dimensions. Traditional vision systems detected edges, corners, gradients, and textures, then tried to assemble them into objects:

# Traditional computer vision
features = combine(detect_edges(image), detect_corners(image), compute_gradients(image))
if matches_bicycle_template(features):
    return "bicycle"

The real world doesn't follow templates. A bicycle appears from thousands of angles, partly obscured, under shifting light. The edge cases are endless.

Then ImageNet happened. 🐈

The 2009 dataset gave researchers millions of labeled images across thousands of categories, enough to tackle object recognition at scale. In 2012, a deep neural network called AlexNet dramatically outperformed traditional vision systems on the ImageNet benchmark. Once again the question shifted from “can a computer recognize a bicycle?” to “how much labeled data can we give the model?” Convolutional neural networks directly learned visual features like edges and textures in early layers, shapes and parts in the middle, and whole objects deep down. No template required.

The timing was pretty unfortunate for designers. Traffic lights, buses, crosswalks, and storefronts were common CAPTCHA categories, and also among the most common categories in large vision datasets. The challenges meant to prove computers couldn't see appeared exactly as computers learned to.

The mouse found a new hiding place, but the cat learned how to see.

Level 4: the browser becomes the CAPTCHA

The pattern was now impossible to ignore.

Every generation assumed some capability humans had and computers lacked. Defenders built a challenge around it. Attackers automated it. Repeat.

Any challenge with a correct answer became a target for optimization. You can't build a test of human intelligence while developers are actively building to replicate it.

So modern anti-bot systems stopped asking whether a browser could solve a challenge and started asking whether it should be challenged at all.

They became probabilistic. Rather than one challenge, they collect signals across a session and combine them into a risk score. These signals ranged across browser fingerprints, installed fonts, canvas and WebGL rendering, TLS fingerprints, cookie history, network reputation, request timing, and interaction patterns. Individually weak, but together they form a detailed picture. A real Chrome browser on a real laptop behaves differently than a freshly spawned browser in a datacenter.

This is the philosophy behind reCAPTCHA v3 and Cloudflare Turnstile. When the system is confident, no CAPTCHA appears. When uncertain, it asks for more.

Then attackers realized solving CAPTCHAs was no longer the objective. If challenges only appear when a browser looks suspicious, the goal is to not look suspicious. Challenge solving became browser fingerprinting. Instead of better OCR or classifiers, attackers studied fingerprints, reputation, and network signals to pass as legitimate.

The mouse stopped asking questions, and the cat started learning how to blend in.

It’s a tie: proving who you are

Historically, websites treated every browser as an anonymous stranger. To gain confidence, they issued a challenge. Modern detection works in reverse. Instead of asking browsers to prove themselves repeatedly, sites try to determine whether they already recognize the browser.

Through that lens, the trends make sense. A browser with a consistent history is more trustworthy than one that appeared thirty seconds ago. One whose fingerprints, network, and behaviour all align is more trustworthy than one whose signals contradict each other. One tied to a known identity is more trustworthy than one that's anonymous.

The web that produced CAPTCHAs was dominated by anonymous traffic, where most automation existed to scrape, spam, or abuse. Treating every bot as suspicious was usually correct.

Today's web is different. Browser agents are booking travel, filing compliance reports, monitoring infrastructure, and completing workflows for real users. Websites still struggle to tell an agent acting for a user from a bot exploiting a system, and historically the safest option was to treat them the same.

Can this browser solve a CAPTCHA?Should this browser see a CAPTCHA at all?

If the browser is the CAPTCHA, the open question is no longer what a browser can do but whether it can establish trust. That has produced a new model, where browsers and agents that explicitly prove who they are instead of repeatedly proving what they can do.

One emerging standard is Web Bot Auth, which lets browser agents cryptographically identify themselves as they navigate the web. Sites can then distinguish anonymous automation from agents operating through trusted providers, and make the call based on identity rather than inference. This is the direction we're building toward at Browserbase, in partnership with Cloudflare.

It's a different premise than the previous two decades: legitimate automation shouldn't have to pretend to be human. If the last twenty years taught computers to pass human tests, the next decade may be about giving them a way to introduce themselves instead. The most successful CAPTCHA “solver” is the one that never sees a CAPTCHA.

Give your agents identity and evolve from the cat vs. mouse chase here: browserbase.com/contact-web-bot-auth