Why Are Bots Unable to Check "I Am Not a Robot" Checkboxes?

iStock.com/Oleksandr Hruts
iStock.com/Oleksandr Hruts

Oliver Emberton:

How complicated can one little checkbox be? You can't even imagine!

For starters, Google invented an entire virtual machine—essentially a simulated computer inside a computer—just to run that checkbox.

That virtual machine uses Google's own language, which they then encrypt. Twice.

But this is no simple encryption. Normally, when you password protect something, you might use a key to decode it. Google’s invented language is decoded with a key that is changed by the process of reading the language, and the language also changes as it is read.

Google combines (or hashes) that key with the web address you’re visiting, so you can’t use a CAPTCHA from one website to bypass another. It further combines that with “fingerprints” from your browser, catching microscopic variations in your computer that a bot would struggle to replicate (such as CSS rules).

All of this is done just to make it hard for you to understand what Google is even doing. You need to write tools just to analyze it. (Fortunately people did just that).

It turns out that these checkboxes record and analyze a lot of data, including: Your computer’s timezone and time; your IP address and rough location; your screen size and resolution; the browser you’re using; the plugins you’re using; how long the page took to display; how many key presses, mouse clicks, and tap/scrolls were made; and ... some other stuff we don’t quite understand.

We also know that these boxes ask your browser to draw an invisible image [PDF] and send it to Google for verification. The image contains things like a nonsense font, which (depending on your computer) will fall back to a system font and be drawn very differently. They then add to this a 3D image with a special texture, which is drawn in such a way that the result varies between computers.

Finally, these seemingly simple little checkboxes combine all of this data with their knowledge of the person using the computer. Almost everyone on the Internet uses something owned by Google—search, mail, ads, maps—and as you know, Google Tracks All Of Your Things™️. When you click that checkbox, Google reviews your browser history to see if it looks convincingly human.

This is easy for them, because they’re constantly observing the behavior of billions of real people.

How exactly they check all this information is impossible to know, but they’re almost certainly using machine learning (or AI) on their private servers, which is impossible for an outsider to replicate. I wouldn’t be surprised if they also built an adversarial AI to try to beat their own AI, and have both learn from each other.

So why is all this hard for a bot to beat? Because now you’ve got a ridiculous amount of messy human behaviors to simulate, and they’re almost unknowable, and they keep changing, and you can’t tell when. Your bot might have to sign up for a Google service and use it convincingly on a single computer, which should look different from the computers of other bots, in ways you don’t understand. It might need convincing delays and stumbles between key presses, scrolling and mouse movements. This is all incredibly difficult to crack and teach a computer, and complexity comes at a financial cost for the spammer. They might break it for a while, but if it costs them (say) $1 per successful attempt, it’s usually not worth them bothering.

Still, people do break Google’s protection [PDF]. CAPTCHAs are an ongoing arms race that neither side will ever win. The AI technology that makes Google’s approach so hard to fool is the same technology that is adapted to fool it.

Just wait until that AI is convincing enough to fool you.

Sweet dreams, human.

This post originally appeared on Quora. Click here to view.

Where Did the Phrase 'Red Herring' Come From?

iStock.com/Mathias Darmell
iStock.com/Mathias Darmell

You may have seen a red herring in a recent book or movie, but you probably only realized it after the fact. These misleading clues are designed to trick you into drawing an incorrect conclusion, and they're a popular ploy among storytellers of all stripes.

If you've seen or read the Harry Potter series—and really, who hasn’t?—then you may recall some of the many instances where J.K. Rowling employed this literary device. That endearing plot twist about the nature of Snape's character, for example, is likely one of the longest-running red herrings ever written.

Sometimes they aren't even subtle. Agatha Christie's murder mystery And Then There Were None directly mentions red herring in reference to a character's death, and a statue of a red herring appears in Lemony Snicket's A Series of Unfortunate Events. Perhaps most blatantly, a character in the cartoon A Pup Named Scooby-Doo who was constantly being blamed for myriad crimes was named—you guessed it—Red Herring.

But where does this literary device come from, and why is it named after a fish? For a bit of background: herring are naturally a silvery hue, but they turn reddish-brown when they're smoked. Long before refrigerators were invented, this was done to preserve the fish for months at a time. They can also be pretty smelly. As Gizmodo's io9 blog points out, it was believed that red herring were dragged against the ground to help train hounds to sniff out prey in the 17th century. Another theory was that escaped prisoners used the fish to cover their tracks and confuse the dogs that tailed them.

However, io9 notes that red herring were actually used to train horses rather than dogs, and only if the preferred choice—a dead cat—wasn't available. The idea was that the horses would get used to following the scent trail, which in turn would make them less likely to get spooked while "following the hounds amid the noise and bustle of a fox hunt," notes British etymologist and writer Michael Quinion, who researched the origin of the phrase red herring.

The actual origin of the figurative sense of the phrase can be traced back to the early 1800s. Around this time, English journalist William Cobbett wrote a presumably fictional story about how he had used red herring as a boy to throw hounds off the scent of a hare. He elaborated on this anecdote and used it to criticize some of his fellow journalists. "He used the story as a metaphor to decry the press, which had allowed itself to be misled by false information about a supposed defeat of Napoleon," Quinion writes in a blog. "This caused them to take their attention off important domestic matters."

According to Quinion, an extended version of this story was printed in 1833, and the idiom spread from there. Although many people are more familiar with red herrings in pop culture, they also crop up in political spheres and debates of all kinds. Robert J. Gula, the author of Nonsense: Red Herrings, Straw Men and Sacred Cows: How We Abuse Logic in Our Everyday Language, defines a red herring as "a detail or remark inserted into a discussion, either intentionally or unintentionally, that sidetracks the discussion."

The goal is to distract the listener or opponent from the original topic, and it's considered a type of flawed reasoning—or, more fancifully, a logical fallacy. This application of red herring seems to be more in line with its original usage, but as Quinion notes: "This does nothing to change the sense of red herring, of course: it's been for too long a fixed part of our vocabulary for it to change. But at least we now know its origin. Another obscure etymology has been nailed down."

What Is the Shelf Life of Donated Eyes?

iStock.com/Pedro_Turrini
iStock.com/Pedro_Turrini

Zoe-Anne Barcellos:

I can only answer for cornea and eye donation.

The FDA does all oversight (no pun intended) of organ disposition.

The main organs—heart, liver, pancreas, lungs, etc.—are transplanted within hours. They are just not viable if they are not being perfused constantly.

The other tissues—like bone, skin, tendons, etc.—do not need to be transplanted immediately. But I am not sure on the regulations of when they need to be transplanted.

With the eyes, there are four tissues that can be recovered.

We recover whole eyes for research and education purposes. These usually go much faster, but we can hold them up to a year.

Conjunctiva can also be recovered; conjunctiva is a clear covering over most of the eye (it is what gets irritated when you have pink eye). I have been working as a recovery tech for five years, and our office has not had a request for "conj" in all that time. I believe it is mostly used for research, but I could be wrong.

Sclera is the white area of your eye. It is fairly thick and flexible. If you have ever touched a reptile egg, that is what it reminds me of. We recover sclera for transplant. They use it for several things, but mainly to patch punctures. Similar to if you pop the inner tube of your bike and repair it. Sclera can also be used to repair ear drums. We can hold on to this for up to a year.

The main thing we recover is corneas. In the U.S., we must transplant these within seven days of recovery. (Recovery is usually within hours of death, but we can push it up to 20 hours after if needed.) Sometimes we have more corneas than we need, and then they are shipped overseas and transplanted up to 14 days after recovery. There is no real different outcome with the later transplant time, but the FDA in the U.S. made the rules. (You can sign up to be an organ, tissue, and eye donor here.)

This post originally appeared on Quora. Click here to view.

SECTIONS

arrow
LIVE SMARTER