Hacker News new | past | comments | ask | show | jobs | submit login

The problem with CAPTCHA and the like are they seek to stop programmatic-browsing of websites, that both Firefox and Chrome support out of the box. If companies are concerned about non-human access they should make an official API instead of their website being a de-facto unofficial API. If they are concerned about fraud they will be woefully defended by CAPTCHA, it makes no judgement on the validity of transactions at all and doesn't prevent frauds signing in manually.

Ironically, Google has committed at least $75 million and likely hundreds more of fraud, via stolen refunds and stolen banned-account balances!

https://www.businessinsider.com/google-emails-adtrader-lawsu...

https://www.searchenginejournal.com/adsense-lawsuit/248135/




> If companies are concerned about non-human access they should make an official API instead of their website being a de-facto unofficial API

This is often impractical for several important use cases, like image rendering and PDF generation. Just hand waving away the cost of developing dedicated, pure APIs won't make companies more likely to do so.

> If they are concerned about fraud they will be woefully defended by CAPTCHA, it makes no judgement on the validity of transactions at all and doesn't prevent frauds signing in manually.

There are many different vectors of attack and fraud and CAPTCHA tackles one of them. It's silly to say it's unnecessary just because it doesn't cover all fraudulent activity




Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: