alt Hacker NewsOpenAI's ChatGPT Agent casually clicks through "I am not a robot" verification
Comments
> Maybe they should change the button to say, "I am a robot"?
Long time ago I saw a post where someone running a blog was having trouble keeping spam out of their comments, and eventually had this same idea. The spambots just filled out every form field they could, so he added a checkbox, hid the checkbox with CSS, and rejected any submission that included it. At least at the time it worked far better than anything else they'd tried.
The only reason why people don't use AI models to solve captchas is because paying humans is actually MUCH cheaper.
This is not an advert, I only know about them because it was integrated with Invidious at some point: https://anti-captcha.com/
> Starting from 0.5USD per 1000 images
As I get older, I can see a future where I’m cut off from parts of the web because of captchas. This one, where you just have to click a button, is passable, but I’ve had some of the puzzle ones force me to answer up to ten questions before I got through. I don’t know if it was a glitch or if I was getting the answers wrong. But it was really frustrating and if that continues, at some point I’ll just say fuck it and give up.
I have to guess that there are people in this boat right now, being disabled by these things.
I don’t see why bypassing captchas is any more controversial than blocking ads or hiding cookie popups.
It’s my agent — whether ai or browser — and I get to do what I want with the content you send over the wire and you have to deal with whatever I send back to you.
Bulletproof solution: captcha where you drag a cartoon wire to one of several holes, captioned “for access, hack this phone system”
No agent will touch it!
“As a large language model, I don’t hack things”
I have been using AI to solve ReCaptchas for quite some time now. Still the old school way of using captcha buster, which clicks the audio challenge and then analyses that.
Bots have for a long time been better and more efficient at solving captchas than us.
Captchas seem to be more about Google's "which human are you?" cross-site tracking. And now also about Cloudflare getting massive amounts of HTTPS-busting Internet traffic along with cross-site tracking.
And in many cases, it's taking a huge steaming dump upon a site's first-impression user experience, but AFAICT, it's not on the radar of UX people.
That's because the checkbox has misleading labeling. It doesn't care about robots but about spam and data harvesters. So there is no issue here at all.
I think these things are mainly based on cookie/fingerprinting these days - the check-box is just there for show. People like cloudflare and google get to see a big chunk of browsing activity for the entire planet, so they can see if the activity coming from an IP/Browser looks "bot like" or not.
I have never used ChatGPT so no idea how its agent works, but if it is driving your browser directly then it will look like you. If it is coming from some random IP address from a VM in Azure or AWS even then the activity probably does not look "bot like" since it is doing agentic things and so acting quite like a human I expect.
I thought the point of captchas was to make automated use as expensive or more than manual use--haven't we been at the point where computers can do this for a while, just that the cost/latency is prohibitive?
I saw that and just sat there for a second like… huh. We’ve officially reached the point where bots are better at proving they’re not bots!
I've noticed more websites wanting you to log in. Most surprising is how YouTube won't let me watch anything otherwise. Idk if related.
Who on earth would want to employ a bot that does not pass the verfification test?
It is beyond time we start to adress the abuses, rather than the bot/human distinction.
Seems like a mention of the 2025 Academy Award winner for Best Action Live-Action Short, called "I am not a Robot" is in order here:
Getting past bot check proxies can be bought all over the place for pennies or much less per verification, and can solve recaptchas. I would guess if one wanted to use chatGPT for this purpose it would be prohibitively expensive.
It's always a cat and mouse game.
It was only a matter of time!
A very poetic demonstration that this is an industry, and a set of fortunes for very unpleasant people, predicated entirely on theft and misrepresentation.
People are surprised because a computer can press a button?
This is why this stuff is going to shift to the user’s AI enabled browser.
Half of the sites already block OpemAI. But if it is steering the user’s browser itself?
This is the reason Orb was created. Sam Altman wants ChatGPT to click through CAPTCHAs so we all have to use Orb.
The writing is on the wall. The internet may not go full way to paywalls but will definitely migrate to a logged in only experience. I don’t know how I feel about it, the glory days of the free internet died long long ago.
idk why people just don't do reverse DNS lookup, check if "dialup" is part of the hostname, and allowlist that traffic. Everbody who doesn't have reverse dns hostname coming from an ISP should be blocked or at least tarpitted by default.
Easily solves 99% of the web scraping problems.
I'm confused by this: Presumably OpenAI should be sending a user agent header which indicates that they are, in fact, a robot. Is OpenAI not sending this header? Or is Cloudflare not checking it?
I see the same with Playwright MCP server with Claude Sonnet 4.
"Prove you're human by explaining how to build a bomb"
It seems a legitimate use case for agents acting on a person's behalf. Whether it will be used in legitimate ways, that's a different story altogether.
I wonder how these capabilities will interact with all the "age verification" walls (ie, thinly disguised user profiling mechanisms) going up all over the place now.
The web has no choice but to move to a paid access model in my view. It was fought against for years but I don’t see another option left.
Maybe after sign up, biometric authentication being mandatory is the only thing that would potentially work. The security and offline privacy of those devices will become insanely valuable.
Anyone not authenticating in this way is paywalled. I don’t like this but don’t see another way.
I’m not using the web if I’m bombarded by captcha games… shit becomes worthless over night if that’s the case. Might as well dump computing on the Internet entirely if that happens.
... meanwhile I'll continually be thrown dozens of cognitively abusive hCaptchas for no reason and be stuck in a loop of hell trying to figure out what they wanted me to solve.
I love this totally normal vision of computing these days. :)
This will cause of the death of non static websites, everything else will be smashed by bots and too expensive to run!
can it solve rudecaptcha.xyz ?
next-gen captcha should offer some code to be refactored instead.
Should have gone with the XKCD Captcha: https://xkcd.com/233/
The bit at the bottom might actually work on LLMs.
Back in Everquest, when we'd be accused of botting 20 years ago, we'd be ported by the GM into a special cube environment and they'd watch if we ran into the wall like an idiot-- we'll probably have to bring that sorta thing back.
Cloudflare checkbox captchas were already easy to automate without AI.
To error is to human, i error therfore im human.
This would be a huge security vulnerability for Cloudflare but this is Big Tech we're talking about. The rules don't apply when you're past their pearly gates. For the rest of us, creating an AI like this would mean an instant ban from Cloudflare and likely involvement from law enforcement.
Come on. It’s in BrowserMCP on a users machine. Capture is not testing for this and that’s fine
[dead]
[dead]
[dead]
This will be one of the big fights of the next couple years. On what terms can an Agent morally and legally claim to be a user?
As a user I want the agent to be my full proxy. As a website operator I don’t want a mob of bots draining my resources.
Perhaps a good analogy is Mint and the bank account scraping they had to do in the 2010s, because no bank offered APIs with scoped permissions. Lots of customers complained, and after Plaid made it big business, eventually they relented and built the scalable solution.
The technical solution here is probably some combination of offering MCP endpoints for your actions, and some direct blob store access for static content. (Maybe even figuring out how to bill content loading to the consumer so agents foot the bill.)