What problem is that addressing? It doesn't solve the problem that `__add__` is a valid identifier -- so is `add` -- and it also doesn't solve the problem that there is no connection between the symbol `+` and the name `add`.
I wrote it in about an hour and a half. It seems to work in Python 3.6 and 3.12. Now you never need to write another double-underscore magic method again.
hCaptcha.com has a "privacy pass", where if you create a user at hCaptcha.com, you can get passes to bypass the captcha itself (because you've already verified through other methods). This is not often used, because guess what? Not many people were bothered by captchas enough to create a user, because no one wants to create another user and be tracked (via privacy pass, across captcha-protected sites) through their user. This was mostly used by disabled users who couldn't pass hCaptcha's offerings.
Personally, I'm not interested in "logging in" or passing my "realness" via API from my device(s), as that's just another token to track an individual and their behaviors. Which is also why I haven't created any user for privacy pass myself, and would generally recommend that you not do so in any Apple, Google, etc., related system (not even hCaptcha, unless you're disabled and can't do the captcha itself).
I don't know what hCaptcha is doing nowadays.
But unless you're disabled, I wouldn't sign up or agree to pass this information from Apple, Google, etc.
Hi! I work at hCaptcha (we handle the CF captchas), and to respond specifically: audio is inaccessible for those with visual and auditory processing issues, as well as being broken by ML techniques. Not to project, but we suspect this is why Google turns it off if your browser looks at all suspicious.
While Privacy Pass is not perfect, we are working towards getting better. I'm not in the product flow for accessibility, but if you have ideas outside of audio that you believe would be able to distinguish between yourself and a robot, I'd be happy to discuss via email to ensure that we can get a solution for you and anyone who can reasonably interact with a computer.
eta: you can email me directly at work via: josiah@intuitionmachines.com
Audio captchas are considered broken completely (search for various papers over the past decade, including one from CMU), so it has limited usefulness only in a very narrow context in practice. I suspect this is a harbinger of things to come - as we close the gap on passing the Turing test, captchas are likely to get less effective, and we will need to transition to a very different solution for bot detection.
often it's easier to just use a website as api instead of using some broken xml nightmare that requires knowledge of the database tables.
If the concern is rate limiting then just rate limit the website. And if you don't like people operating websites with bots then I don't know, maybe stop making websites.
Easy proxying means rate limiting doesn’t really help all that much to defeat bots. And then if you do something like blocking or severely restricting something like Tor (the world's largest open proxy and hence, primary abusive traffic source; something which it would make sense to throw extra bot walls in front of), privacy and accessibility advocates jump down your throat.
This is a no-win situation. I’m not convinced it’s possible to have ones cake and eat it too, here. Someone upthread said “security, privacy, accessibility, pick any two”, and I have yet to see any evidence of a third option.
I think you do not understand why website owners use captcha. Website owners use captcha services, because doing so saves money for them.
Captcha will stop saving money, if the captcha becomes so ineffective that the short-term and the long-term downside (annoying users who are subjected to captcha) exceeds the cost saving ("cost" here is potentially many different things - it could be quality of service for normal users, it could be opportunity cost, it could be the cost of serving the traffic like network bandwidth or cpu or database capacity).
Yes there are subset of people with visual problems who also have auditory problems, that does not mean you should not support the ones with vision only problems.
Are there not "ML techniques" for visual captchas too ?
With more and more powerful models like GPT-3 coming along every few months, Even if the accuracy levels are less for visual over audio today how long do you think that is going to last ?
I believe they meant that audio captchas have become inaccessible to humans in general. Bots have gotten so good at audio captchas that the difficulty level has to be high enough that humans are also unable to complete them.
Visual captchas too can be quite very hard these days for the same reasons, there are many other ways to verify bot or human, many of them may not allow you to remain anonymous while doing so, pretty much any 2FA method could work for example.
I would say given the choice for a number of people the accessibility is more important than loss of privacy. At least it is choice they should have instead of shutting them off the internet.
Hi HCaptcha-er here. You don't lose all your privacy with our accessibility option. Also we always abide by DNT style protections even for accessibility. That being said our privacy pass solution is totally private and safe.
> Are there not "ML techniques" for visual captchas too?
There are.
> how long do you think that is going to last?
I don't know. So far it hasn't been difficult to recognize the garbage traffic when we take the time to look. And attackers always make it easier by releasing github source and / or announcing their results on Twitter.
Ugh. That accessibility login solution sounds awful, but at least it's available. I can definitely understand why you don't want to have an audio option, given that by all accounts they're next to useless.
ETA: two different people have tested on Chrome and Safari on iPhone 6S locally, and can't reproduce. Please take a screenshot and provide more information to: https://www.hcaptcha.com/reporting-bugs if you want to get this fixed.
I work at hCaptcha, we run CF's captcha. If you're having problems in the future, popping open a debugger and capturing the results can help us figure out what's going on. But also: browser, OS, site, ...?
Right now: there is an issue with Safari users on the most recent iOS and OS X, where 3rd party cookies have now been disabled by default. We're working on a solution.
If that's your issue, you can fix on your side in the short-term by not using Safari, or by enabling 3rd party cookies.
I cannot believe apple decided to roll that out in the middle of COVID. I got hit pretty hard with it and am finally rolling out a fix for my own stuff.
I don't know how you can conclude that. To stop it they would need to challenge it in court and they're up against a potential profit here that can afford any number of big-gun law firms. I don't know the law here, but that's what will determine if this scheme succeeds, and hard proof that this sale violates such applicable laws.
I mean, you're in the territory of a non-profit entity being used to generate profit for a few individuals through corruption. The AG has a lot of pull here.
Take a deep breath.