←back to thread

405 points blindgeek | 7 comments | | HN request time: 0.001s | source | bottom
Show context
RobMurray ◴[] No.42173434[source]
I am also blind. hCaptcha is the worst. Their stupid cookie expires so I have to go through their getting an email to set the cookie almost every time I encounter one. It's a horrendous UX, especially when using different devices and browsers. I imagine others just give up instead of dealing with the crap. They shouldn't use the word accessibility when their whole service is the exact opposite.

The bots can probably solve them easier than blind people anyway, or they can outsource them to third world workers for next to nothing. E.G. Anticaptcha [0]:

> Starting from 0.5USD per 1000 images, depending on your daily spending volume

[0] https://anti-captcha.com/

replies(4): >>42173518 #>>42175602 #>>42176473 #>>42179253 #
nmarinov ◴[] No.42175602[source]
What's the best captcha regarding accessibility?
replies(2): >>42175814 #>>42176132 #
1. Saris ◴[] No.42176132[source]
Brave PoW captcha maybe? Because it requires no input/interaction from the user.
replies(1): >>42177419 #
2. jknoepfler ◴[] No.42177419[source]
I don't understand why POW solutions aren't more popular.
replies(3): >>42177439 #>>42178212 #>>42178354 #
3. Saris ◴[] No.42177439[source]
I'd never heard of them before getting them while using Brave search sometimes, I'm not sure I entirely understand how they work and differentiate between a bot and human.
replies(1): >>42177538 #
4. xelamonster ◴[] No.42177538{3}[source]
They don't differentiate. They just make it too expensive to be worth paying for the resources required to carry out a spam attack at any meaningful scale.
replies(1): >>42177624 #
5. Saris ◴[] No.42177624{4}[source]
Oh that makes sense, neat way of doing it. Basically adds a delay while also costing CPU resources.
6. CodesInChaos ◴[] No.42178212[source]
I don't think there is any PoW that results in acceptable performance for the user (especially on mobile) while also making the cost for an attacker high enough to deter them.

Even renting the compute on AWS, it only costs $0.01 per minute for the equivalent of a decent desktop computer (c8g.4xlarge). While an attacker will likely either use a botnet, or hardware better suited for solving the PoW than the hardware the user is using.

Though CAPTCHAs don't really work well anymore either, since solving services are quite cheap. Recaptcha is nowadays primarily based on other factors, like IP reputation, susceptibility to google tracking, and behavioral scoring.

7. marginalia_nu ◴[] No.42178354[source]
Most people engage with web content on relatively low powered machines. If you tune them to be tolerable on a 4 year old mid-range android device, there isn't much cost incurred on a threadripper.