Most active commenters
  • Saris(3)

←back to thread

I was banned from the hCaptcha accessibility account for not being blind (2023)

(michaels.world)
405 points blindgeek | 11 comments | 18 Nov 24 10:13 UTC | HN request time: 1.31s | source | bottom
Show context
RobMurray ◴[18 Nov 24 15:43 UTC] No.42173434[source]
I am also blind. hCaptcha is the worst. Their stupid cookie expires so I have to go through their getting an email to set the cookie almost every time I encounter one. It's a horrendous UX, especially when using different devices and browsers. I imagine others just give up instead of dealing with the crap. They shouldn't use the word accessibility when their whole service is the exact opposite.

The bots can probably solve them easier than blind people anyway, or they can outsource them to third world workers for next to nothing. E.G. Anticaptcha [0]:

> Starting from 0.5USD per 1000 images, depending on your daily spending volume

[0] https://anti-captcha.com/

replies(4): >>42173518 #>>42175602 #>>42176473 #>>42179253 #
1. nmarinov ◴[18 Nov 24 18:51 UTC] No.42175602[source]
What's the best captcha regarding accessibility?
replies(2): >>42175814 #>>42176132 #
2. burningChrome ◴[18 Nov 24 19:12 UTC] No.42175814[source]
None.

There are no "best" version of captcha. I've worked on several large scale projects where captcha was floated and then quickly abandoned in favor of other methods like Honeypot or using other methods to weed out bots and other 3rd party agents.

If you have to use captcha the least worst are probably reCaptcha V2 and hCaptcha for accessibility.

replies(2): >>42179318 #>>42180232 #
3. Saris ◴[18 Nov 24 19:44 UTC] No.42176132[source]
Brave PoW captcha maybe? Because it requires no input/interaction from the user.
replies(1): >>42177419 #
4. jknoepfler ◴[18 Nov 24 21:42 UTC] No.42177419[source]
I don't understand why POW solutions aren't more popular.
replies(3): >>42177439 #>>42178212 #>>42178354 #
5. Saris ◴[18 Nov 24 21:44 UTC] No.42177439{3}[source]
I'd never heard of them before getting them while using Brave search sometimes, I'm not sure I entirely understand how they work and differentiate between a bot and human.
replies(1): >>42177538 #
6. xelamonster ◴[18 Nov 24 21:56 UTC] No.42177538{4}[source]
They don't differentiate. They just make it too expensive to be worth paying for the resources required to carry out a spam attack at any meaningful scale.
replies(1): >>42177624 #
7. Saris ◴[18 Nov 24 22:05 UTC] No.42177624{5}[source]
Oh that makes sense, neat way of doing it. Basically adds a delay while also costing CPU resources.
8. CodesInChaos ◴[18 Nov 24 23:14 UTC] No.42178212{3}[source]
I don't think there is any PoW that results in acceptable performance for the user (especially on mobile) while also making the cost for an attacker high enough to deter them.

Even renting the compute on AWS, it only costs $0.01 per minute for the equivalent of a decent desktop computer (c8g.4xlarge). While an attacker will likely either use a botnet, or hardware better suited for solving the PoW than the hardware the user is using.

Though CAPTCHAs don't really work well anymore either, since solving services are quite cheap. Recaptcha is nowadays primarily based on other factors, like IP reputation, susceptibility to google tracking, and behavioral scoring.

9. marginalia_nu ◴[18 Nov 24 23:27 UTC] No.42178354{3}[source]
Most people engage with web content on relatively low powered machines. If you tune them to be tolerable on a 4 year old mid-range android device, there isn't much cost incurred on a threadripper.
10. webspinner ◴[19 Nov 24 01:38 UTC] No.42179318[source]
I'm OK with reCAPTCHA, but uh... Just not a fan of Google!! I'm an expert reCAPTCHA solver.
11. Gud ◴[19 Nov 24 05:05 UTC] No.42180232[source]
What were the chosen choices? Curious to know