Cloudflare, a DNS service provider company said it wants to replace the "madness" of CAPTCHA across the web with a completely new system.
CAPTCHAs are these tests that you must do when trying to connect to a service, which ask you to click on images of things like buses or crossings or bicycles to prove that you are human.
(The name CAPTCHA, αν δεν το γνωρίζατε, βγαίνει από τα αρχικά του “Completely Automated Public Turing test to tell Computers and Humans Apart.”) Το πρόβλημα είναι ότι προσθέτουν επιπλέον χρόνο στη χρήση του ιστού και μερικές φορές μπορεί να είναι δύσκολο να επιλυθούν – Είμαι βέβαιος ότι δεν είμαι ο μόνος που απέτυχε σε ένα CAPTCHA επειδή δεν είδα τη γωνία μιας διάβασης πεζών σε μία εικόνα.
In a blog post, Cloudflare says it plans to "get rid of CAPTCHAs entirely" by replacing them with a new way to prove you're human by touching or looking at a device using a system he calls “Cryptographic Attestation of Personality”. Currently, it only supports a limited number of USB security keys like YubiKeys, but you can try the Cloudflare system (without USB) on the company's website.
https://cloudflarechallenge.com/
I tried it and it worked great. All I had to do was click the "I am human (beta)" button and then follow a few instructions to select my security key. Next, I had to allow the site to access the key.
The whole process took a few seconds and I have to admit it was very nice not to look for pictures of buses and objects that look like buses. And in addition to everyone's speed, this new method could have a significant accessibility benefit, as visually impaired people may not be able to complete the CAPTCHAs currently available.
What happens behind the scenes with the new method?
In short, your device has a built-in secure drive that contains a unique key that is sealed by your manufacturer. The security unit is able to prove that it holds such a key without disclosing it. Cloudflare asks you for proof and verifies that your manufacturer is legitimate.
You can read a much more extensive explanation at company blog.
Although it's a very interesting idea, it's probably not the end of CAPTCHAs as we know them. For starters, Cloudflare says this is an experiment, and right now, it is available “σε περιορισμένες σε αγγλόφωνες περιοχές”. Στην τρέχουσα κατάσταση, λειτουργεί μόνο με ένα περιορισμένο σύνολο hardware: YubiKeys, HyperFIDO keys, and Thetis FIDO U2F keys
Η Cloudflare promises to "consider adding more verifiers as soon as possible." This could be extended to your phone: Cloudflare recommends using a phone on your computer to pass a wireless signature using NFC.
Google can treat both iPhones and Android as natural security keys. If Google and Apple were to use the Cloudflare method, they could significantly reduce the barrier by using USB, as smartphones are much more common than USB security.
