- cross-posted to:
- atheism
- cross-posted to:
- atheism
Edit: I accidentally refreshed the page and it offered alternative questions for ID validation, such as high school of graduation and SSN. But it’s still absurd to expect someone to even humor the premise of the prompt.
This is a CAPTCHA that is using security by obscurity. Honestly, it seems a lot better than a lot of alternatives around at the moment designed to combat the smarter CAPTCHA solvers.
What we need is a privacy preserving identity system that isn’t tied to one service or entity.
Why are captchas getting complex.
“AI” captcha solvers have a 90% plus success rate for old style ones…
ohh okay
Because automated captcha solvers are getting complex
This isn’t a CAPTCHA, It’s identify verification. Similar to those ID verifications when they ask you where you had a previous address, who you opened a loan with, how much the loan was for, etc.
CAPTCHA is intended to ensure that a human is logging in, not a bot. Identity verification is to make sure that the person creating the account is actually that person. Completely different use cases.
how is it security through obscurity?
Someone looking to specifically break this website’s captcha wouldn’t have a hard time.
But bots using off-the-shelf captcha solvers will be screened out en masse, because how many of them are equipped to correctly answer this stupidly specific question? That’s the obscurity.
It could be solved with a simple if statement
But you’d have to purposefully code it, you cant just have it automatically done using a library