home | free vpn | free proxy | web proxy | premium vpn
Domain: www.captcha.biz


BotDetect CAPTCHA Generator

   BotDetect(TM) CAPTCHA generator is a non-stalking form-security
   solution that uses a mix of measures, that are easy for humans but hard
   for bots, to prevent automated form posting.

   BotDetect also provides an audio Captcha alternative to keep websites
   accessible to people with impaired vision, enabling you to make [2]WCAG
   and [3]Section 508 compliant websites.

CAPTCHA Generator Features

   BotDetect CAPTCHA Box
     * Self-hosted o Licensable source-code
     * Works in China o No third-party server dependencies
     * Native .NET Core 1/2, .NET, Java & PHP backends
     * Works with Angular/JS, jQuery, etc, .js web frameworks
     * TestMode-enabled -- ready for your CI/CD pipelines
     * Localized Captcha generation, using various Unicode character sets
       and [4]multi-language sound pronunciations
     * Custom Captcha style, image size, code length, css, icons,
       tooltips, and pretty much everything else
     * Produces legible images & audio; as well as XHTML 1.1 Strict,
       Section 508, and WCAG AAA compliant markup
     * Doesn't stalk your users; nor does it slurp the form data
     * From a vendor that has nothing to do with the NSA
     * Allows for EU's GDPR, Brazilian LGPD, and California's CCPA
       compliant sites!

Why BotDetect?

BotDetect Captcha vs. ReCaptcha

   The years of Google's relentless abuses of their organic and paid
   search monopolies, and the years of their equally relentless campaign
   of disinformation and [5]FUD about captchas, took a toll among our
   former competitors -- there are only two viable players left. Ladies
   and gentleman, this is 'BotDetect Captcha' vs. 'Recaptcha the Stalker'
   fight. Please take your seats.


2019/09/09: A Bipartisan Coalition of 50 States' Attorneys General Launched a
Probe Into Google's Antitrust Violations

   [6]'I can't remember the last time you had just about everybody get on
   the train,' said William Kovacic, a former FTC chairman...

What Google confirmed so far:

     * 2.5 years after we stuck the 'the Stalker' label on it, a Google
       spokesman confirmed -- if you have a Google Account, Recaptcha has
       been stalking you for all those years.

     * The tip of the iceberg! Grab some popcorn folks -- there will be
       more shoes to drop :)


2019/06/28: Give up Your Privacy, or Else

   [7]'If sites use [Recaptcha] to lock out users with high risk scores,
   they may wind up locking out users who ... refuse to allow Google ...
   to track their browsing history.'

   Who also tend to be more tech-savvy and more affluent. Does your
   business market to them :)?

2019/06/27: Recaptcha V3 Has a Dark Side

   [8]'Because reCaptcha v3 is likely to be on every page of a website ...
   there's a chance Google is getting data about every single webpage you
   go to that is embedded wi...'

   Exactly what all those governments can't wait to plug into their
   national-security sensitive sites :)

2019/05/03: A Googleminion Blabbed That Recaptcha's Been Stalking You for

   [9]'Goldstein: A few days after I talked with Malenfant, I spoke with a
   Google spokesman. And he was able to tell me that it still matters in
   reCAPTCHA whether or not a user has an active Google account.' Ouch!

   Aaron Malenfant blabbed; Google spokesman confirmed; J. Goldstein
   professionally reported. Thank you Mr. Goldstein. We do appreciate it!

2019/04/18: A Trio Dug 96% Sized Hole Through Recaptcha V3 Obfuscation Layer

   [10]'Our proposed method achieves a success rate of 97.4% on a 100 
   100 grid and 96.7% on a 1000  1000 screen resolution.'

   'Tracking mouse movements' -- pure Googlish-for-suckers! Our Google
   overlords want us all to understand; an AI bot can learn to drive a car
   -- but driving a mouse is still way too complex :)

2019/02/26: A QUIC Look at Web Tracking

   [11]'...3rd-party ... can recognize users based on the token that the
   latter present during the 0-rtt connection attempt.' / 'a rejected
   0-rtt handshake does not terminate a tracking period, because the
   server can link the...

   QUIC, a Chrome-2-Google identity beacon, lets Google stalk you across
   the web without ever asking for your ID, and without ever confirming
   your identification. Brilliant, isn't it :)?

   Sure Google, it's 'tracking mouse movements' :)

What Google didn't confirm yet:

     * Transport-layer stalking -- independent of a Google Account status,
       or the existence of an account, or your grandma's cookies.

     * Protocol audits by independent researches found built-in stalking
       capabilities in QUIC, TLS v1.3 & 1.2, and TLS Channel IDs.

     * The Hamburg Uni guys audited the former three protocols. Combining
       them with the Trio that just broke through the Recaptcha's
       'tracking mouse movements' obfuscation layer might bring some
       interesting results.

     * But, somehow, they will have to make sure that the Stalker is not
       aware that it is being tested -- what is easier said than done!

     * The more in-depth coverage of this topic has its [12]own chapter
       further down the page.

     * Antitrust violations -- including, but not limited to, burying this
       site on Google Search -- over the last six years, at least.

     * Check for yourself! On your desktop, open an incognito mode browser
       window and try finding us with the single-keyword 'captcha' search.
       Do it -- it will explain many things!

     * The EU's [13]Margrethe Vestager, who fined Google $2.7B over a
       similar issue, said that competitors were typically on page four.

     * As we're more often on page 14 rather than 4, perhaps we are
       getting VIP treatment :)

     * This is increasingly counter-productive for Google -- making one
       wonder aloud if there is an entity, other than Google, that holds a
       part of the Google Search dials?

     * Which brings us to:

     * The role of the NSA & its vicarious fronts; aka, 'Recaptcha
       marketing department.'

     * We explore different aspects of this in a few chapters at the
       bottom half of the page -- and we're not even close to being done

     * Do not hold your breath over this particular bullet being
       officially confirmed, ever! There are laws forbidding such kind of

     * But, a Googleminion might blab again :)

Intro: Recaptcha Versions

   At present, the Stalker exists in the following three variants:
     * Invisible Recaptcha (v2) -- the Invisible Stalker -- whose release
       Google kinda regretted.
       That gradual disappearance of the word 'Invisible' from its
       homepage was fun to watch :).

     * Recaptcha (v3) -- released after Google spent about 20 months
       applying lipstick on the Invisible Stalker pig -- hoping no one
       will notice that the pig with lipstick is still a pig :).

     * Nocaptcha/Checkbox Recaptcha (v2) -- the original Stalker. It
       appeared, for a while, as if it was being taken behind the shed --
       but no gunshot was ever heard. It seems that Google had a change of
       heart and decided to keep it -- likely following the Invisible
       Stalker fiasco.

   The presence of multiple versions makes maintenance of this article
   more difficult than it should be; but you will figure it out. It is the
   same stalker after all -- just dressed in three different outfits.

   Let's see how we stack up against each other:


Google Recaptcha V2 'Cars & Buses' [DEL: Image :DEL] Torture Engine Just Got
a New 92% Hole

   Here we go again: [14]article, [15]paper, [16]video.


A Trio Dug 96% Hole Through Recaptcha V3 'Tracking Mouse Movements' Joke

   [17]'Our proposed method achieves a success rate of 97.4% on a 100 
   100 grid and 96.7% on a 1000  1000 screen resolution.'

   Guess; aside from stalking, is there a part of Recaptcha not already
   broken at least 90% :)?


Recaptcha the Stalker's Audio Cracked -- with Cool 90% Success Rate This Time

   [18]'Thx to the changes to the audio challenge, ... ReCaptcha is easier
   than ever before.'

   Google learned nothing out of those 2017/03 and 2017/10 breaches of the
   Recaptcha audio.

   2018/05/30: [19]Recaptcha Bypass! Ouch :)


The Stalker's Audio Is Broken Again!

   [20]'Whatever Google has in mind to replace its reCaptcha had better be
   ready soon: ...'

   [21]unCaptcha: A Low-resource Defeat of reCaptcha's Audio Challenge

   2017/10/26: [22]Vicarious Broke Recaptcha, Botdetect, Yahoo and Paypal

   Vicarious, a 9 y/o, apparently still productless company, whose name
   means 'acting or done for another', supposedly [23]funded w/ $122m,
   couldn't find anything better to do. Weird, isn't it?


Recaptcha the Stalker Audio Cracked!

   [24]This time around with a little help from Google's own Speech
   Recognition API :)


Recaptcha Broken by Columbia Uni Trio!

   [25]Automatically solved 70.78% of the time through what looks like
   multiple inherent design flaws. This is the biggie that is going to
   haunt Recaptcha for years to come.

1) BotDetect Is Secure

   During its first decade, BotDetect was unique among Captcha generators
   in offering [26]many different Captcha image and sound algos.

   While each of them was easily comprehensible to humans, the random use
   of multiple Captcha generation algos made the generated captchas
   extremely difficult to pass automatically.

   Later, over the years, we extra-fortified it with additional security
   measures, all transparent to humans, designed specifically to turn a
   form-spamming business into an unprofitable misery.

   All common sense security practices should be applied here too; one has
   to run a relatively new version -- and have it properly implemented.

   No one runs a years old never-patched firewall; and expects to be fully
   protected. Right?

   Our approach to Captcha security is validated by BotDetect's track
   record. Since 2004, we have over 3000 [27]paying customers and only a
   single confirmed case of significant automated Captcha breaking by
   ordinary spammers.

2) BotDetect CAPTCHA Works in China

   BotDetect is a self-hosted captcha lib; it works in China -- while
   Recaptcha, historically, due to [28]local policies, worked in China
   [29]only on sporadic networks, intermittently at best.

   With its 1.4B people China has approximately 20% of the world
   population and outputs about 16% of the world GDP. The size of China's
   economy is second only to the size of the US'.

   Even if you do not actively target the Chinese market, the chances are
   that some of your visitors, users, and customers sometimes venture or
   even reside there. It helps not having Recaptcha breaking your website
   for them.

   But, if you, or your users, do target the Chinese market, making your
   website fully functional for the visitors from China should be one of
   the top items on the 'minimum requirements' check-list.

   Make sure to check it!

3) BotDetect Is Multinationals Friendly

New Localizations Arrived:

     * 2018/10/23: [30]sk: Slovakia, Slovak

     * 2017/09/11: [31]ms: Malaysia, Malay

     * 2017/08/05: [32]id: Indonesia, Indonesian

     * 2017/07/22: [33]en-IE: Ireland, Irish English

   With more than a hundred world languages already supported in the code,
   and [34]56 different audio localizations being just a download away,
   BotDetect Captcha will ensure that your interaction with every local
   market is done to that particular local market's familiar combination
   of script and language.

4) BotDetect Lets You Meet Regulatory Requirements

   Recaptcha is a 3rd-party stalking service delivered from the cloud that
   you have no control over; and [35]due to its obfuscation and encryption
   you can only guess what payload your users get.

2019/04/08: BDC NET v4.4.1

     * [36]Simple API support for the .NET Core

2018/11/06: BDC NET v4.4.0

     * [37]Simple API support for the legacy .NET

2018/10/23: .NET

     * Added iOS 12+ audio support

2018/09/20: Java, PHP

     * Added iOS 12+ audio support

   'Plug & Pray', one might say :).

   BotDetect is self-hosted on your own servers, and its source code is
   available; thus enabling you to easily meet whatever regulatory or
   security requirements that are, or might be, imposed on your
   application or website!

   Think: GDPR, eff. 2018/05/25, or the California Consumer Privacy Act of
   2018, eff. 2020/01/01, or whatever else might come in your direction.

5) BotDetect Is Accessible and Legal on US Government Websites

   BotDetect Captcha is both Section 508 and WCAG compliant, and as such
   legal [38]on the US federal agencies' websites -- unlike Recaptcha,
   that is just lame-ducking there while awaiting for its [39]Section 508
   lawsuit by a disgruntled employee or a user to throw it away.

   Why is it like that? It is simple. When you block cookies in your
   browser, or go into incognito mode, Recaptcha [40]reverts back to the
   old 'two-words Recaptcha' , or to various 'pigs, dogs, and street
   signs' pictures. And a few things aside from a miracle will make your
   application using either the 'two-words Recaptcha', or those 'pigs,
   dogs, and street signs' pictures, able to satisfy [41]this particular
   Section 508 requirement.

2017/05/30: Ticketmaster & Live Nation Sued in Recaptcha Patent Case!

   [42]Attorney David Beckwith says Confident Technologies owns the patent
   on a software system, simply called the 578 patent, that's capable of
   'telling apart a human from a computer using a graphical image
   verification system' where 'at least one image is known to belong to a
   selected image category.'

6) BotDetect Will Not Get You Sued Over
the 578 Patent Infringement

   As BotDetect does not use those 'pigs, dogs, and street signs' pictures
   at the center of the Confident Technologies vs. Ticketmaster case we
   couldn't be bothered to waste money on lawyers' fees in order [43]to
   check the merit of the case -- that is on the Ticketmaster's plate.

   But, the Confident Tech is not a patent troll; those guys had a product
   back then; so we opt to assume that they know what they are doing --
   albeit we are perplexed that they went after the Recaptcha users,
   instead of after Google itself.

   Note that settling such a suit might cost a small fortune; what is
   still peanuts compared with how much it would cost to defend it. For
   Ticketmaster, the Stalker turned out to be an expensive joke.

   Ensuring that neither you nor your customers get sued over [44]the 578
   patent infringement should be the next item on that 'minimum
   requirements' check-list. Isn't it?

7) BotDetect Is Both Privacy and National Security Friendly -- It Does Not

   Unlike [45]Recaptcha, BotDetect does not operate under [46]'if it can
   stalk you then you are human' principles; and will not make your
   application rejected by the majority of world governments on the
   grounds of national security; be it on their own websites, or on the
   websites of their sensitive institutions and industries.

2017/11/22: GoogleBorg Caught in SIM-less & Seamless Android Location Slurp!

   [47]'If Google was a person, it would have had a restraining order for
   stalking slapped on...'

2015/02/20: AdTruth's Privacy Research of the Original NoCaptcha ReCaptcha

   [48]'This is a way for Google to indirectly link activity outside of
   Google's properties - collected under the guise of security - to
   Google's knowledge of that individual...'

   The Nocaptcha Recaptcha, recently renamed as Checkbox Recaptcha, is the
   oldest of the Stalker's three contemporary variants.

Eric Schmidt, Google's Then-CEO:

   2010/10/04: [49]'We don't need you to type at all. We know where you
   are. We know where you've been. We can more or less know what you're
   thinking about.'

   2010/09/07: [50]'A near-term future in which you don't forget anything,
   because the computer remembers. You're never lost.'

   2009/12/11: [51]'If you have something that you don't want anyone to
   know, maybe you shouldn't be doing it in the first place ... it is
   possible that that information could be made available to the

   Those quotes predate the original Stalker! Thx Eric, we appreciate your
   directness; we couldn't have explained GoogleBorg better ourselves :).

   If you have a privacy or national security sensitive website or
   application and are considering the Stalker, think again:
     * Recaptcha the Stalker refuses to work 'as advertised' if you switch
       your browser into incognito mode, block cookies, or [52]use Tor
       Browser. It gets annoyed when prevented from stalking. Why?

     * It is owned by Google who already knows who you are; think Gmail,
       Search, Docs, Play, YouTube, etc. And now, Google can cross-match
       that data with your activities on all Stalker armed websites.
       Kiss goodbye to both your users' privacy and national security.

     * Its client-side is a .js payload; obfuscated, encrypted, and
       delivered from the cloud by the party who knows your identity
       (Google); straight into your browser; completely bypassing servers
       of the Stalker armed website you are visiting.
       Hm, what could possibly go wrong :)?

   In short, Recaptcha is not a captcha, but a stalker disguised as a
   captcha. By default, it does not check your humanity at all, but
   fingerprints your browser and cookies and matches it with your past
   activities across the web. It is a sort of 'Login by Google' -- just a
   way more dangerous one.

8) BotDetect Means No Post-GDPR EU Legal Murkyland

   GDPR bans 'forced consent' -- while Recaptcha the Stalker forces your
   users to accept being stalked by Google even just to open your form --
   not to mention to fill it, or to use your service.

2018/05/25: EU GDPR Arrived -- Consent, Fines, and Scope -- What Others Say?

   [53]'...the law says people can't be forced into consenting to their
   data being processed, in order to use a service.' o FORTUNE

   [54]'An organization in breach of GDPR laws will be fined up to 4
   percent of annual global turnover or 20 million euros ($24.6 million),
   whichever is bigger.' o CNBC

   [55]'GDPR applies to any organization operating within the EU, as well
   as any organizations outside of the EU which offer goods or services to
   customers ... in the EU.' o ZDNet

   2018/08/20: [56]LGPD, Brazil's New Data Privacy Law Follows GDPR

   A legal Murkyland, or outright illegal?

   Google mismarkets the Stalker as a captcha. Now imagine a convicted
   serial arsonist who mismarkets his setting-your-farm-alight urge as a
   pest-control service -- no difference!

   Google might argue that stalking is necessary for providing its
   stalking service. That would be a valid point -- as a stalker it has to
   stalk -- if it was not mismarketed as a captcha service.

   But, who knows, Google might go googlish and even argue that the
   stalker named reCAPTCHA was not marketed as a captcha. Any takers?

   What stance the EU DPAs will take, and then the judges, is anyone's
   guess -- but, see those enormous fines; feel like betting the farm on

   Did anyone mention Brazil :)?

9) Captcha, Inc. Eats Its Own Dog Food

   While Google, since 2009, mostly avoided using Recaptcha on its own
   properties. Why?

   A cynic would argue that on its own properties Google already knows who
   you are so Recaptcha the Stalker was not needed there -- and it does
   not thwart bots that well anyway.

2017/06/27: EU Fined Google Then-Record $2.7B for Manipulating Search

   [57]'The company demoted rivals and unfairly promoted its own
   services', says the EU.
   'What Google has done is illegal under EU antitrust rules,' said
   Margrethe Vestager.

   Whenever it was about its organic and paid search monopoly abuses,
   Google showed its catch-us-if-you-can attitude. The EU did the job.

   2018/02/20: [58]The Case Against Google

   2018/05/21: [59]How Did Google Get so Big?

   2018/07/18: [60]Google Slapped a Record $5B for Android Antitrust
   Abuse! Thanks EU!

2018/07/18: [61]Gary Reback, Legendary US Antitrust Lawyer Involved in Both

   [62]'On one hand, the EU deserves ... praise and credit for what
   they've done,' Reback said. 'But man, they only look good because we're
   totally absent.'

   Kinda whenever Google's antitrust violations do expand its stalking
   abilities -- the FTC vanishes into thin air. Gone! A kind of magic, or

10) Captcha, Inc. Does Not Break
Antitrust Laws

   While Google exposed itself to huge legal risks by breaking every rule
   in the antitrust book, in order to force-feed you Recaptcha the Stalker
   through the nose.

   A 'captcha' product that:
     * has no known revenues; losing them a fortune each quarter; year
       after year.

     * does not work in China; and will break your website for everyone

     * might get you, and/or your users, sued over the 578 patent
       infringement in the US.

     * will drown you, or your users, in the murky legal waters of the
       post-GDPR EU.

     * is deliberately designed to be inaccessible; a no-no for the US
       Federal Agencies' sites.

     * and is broken so often and so thoroughly; that over the last ten
       years even Google itself mostly refused to use it.

   That is weird, isn't it?

11) Captcha, Inc. Lives Off BotDetect License Sales

   But where the Recaptcha money is coming from, in amounts large enough
   to justify taking the risk of breaking the antitrust laws, is a sort of

   A cynic might ask you to pick your preferred scenario:
     * It does not come; and at some point Google will pull the plug on
       Recaptcha completely, as they did with Google Reader and other such
       products resting in the [63]Google Graveyard.
       BotDetect Team: OK Google, that is called 100% enterprise-ready; a
       CIO's wet dream :).

     * Some undisclosed parties license the Stalker's data-feed and pay
       Google a fortune, and then some, so Recaptcha is actually
       profitable -- and the Stalker is watching you!
       BotDetect Team: OK Google, who are they? And, what do they use the
       data-feed for :)?

   Which scenario do you prefer?

2018/03/19: Raleigh Police Went to Court ... And Got a Warrant Requiring
Google to Share the Details of Any Users That Were Close to Crime Scenes
During Specific...

   [64]'...the data haul is not limited to users of Google hardware i.e.
   phones running Android but also any phone that ran Google apps - which
   encompasses everything...'

   GoogleBorg complied; and left us wondering if the list was sorted by
   name, immigration status, NRA card number, or just by [65]sexual

   Welcome to [66]Surveillance Capitalism!

   The moral of the story here is that once such a data-trove is allowed
   to exist -- even small town cops can figure out where the 'search box'
   is -- and, how to google it!

While the G-Men Knew It Since Forever:

   [67]FBI: https://tips.fbi.gov/ (since at least 2015)

   Note that your details are 'optional' -- of course -- and, guess what
   'captcha' is on the page :)?

   Twist a bit that warrant mentioned above -- and get the 'details' of
   all the users who were on some Stalker armed site, during a specific

2017/04/19: If A Warrant Is Needed At All

   [68]We're spying on you for your own protection, says NSA, FBI o Except
   we're not, of course, because that would be illegal.

12) Captcha, Inc. Does Not Manipulate
the Captcha and Recaptcha Articles
on Wikipedia

   Do you find it strange that as of 2018/03/26 the 'Security' section of
   the 'Recaptcha' article on Wikipedia has no Stalker's vulnerabilities
   listed that are less than five years old?

   Which is actually an improvement -- because not that long ago, there
   weren't any listed there that were less than almost eight years old :).

   It is not like no one was complaining that it looks like a
   [69]Recaptcha marketing brochure -- exactly how the 'Captcha' article
   looked before the separate 'Recaptcha' article even existed.

   Unfortunately, a truly independent review of all the IP addresses,
   entities, bots, and humans involved in all the edits of both 'Captcha'
   and 'Recaptcha' articles -- following both the money and the data-feed
   -- is still left to be desired.

   Who is behind the Wikipedia issue?
     * Google itself; with smoking gun emails spread all over the place?
       We doubt it. There are [70]rogue engineers and unsecured Wi-Fi
       networks for such things :)

     * Its [71]rogue engineers or [72]division heads?
       Maybe, and if they are indeed, Google [73]will fire [74]some people
       -- and stop it :)

   But, there are other entities; far better adept at concealing their
   activities -- whose interest in the Stalker's data-feed cannot be
   overestimated -- who come to our minds as the primary suspects.
   BotDetect Team: OK Google, that Wikipedia job -- was that you guys, or
   the G-Men's 'pals' :)?

   Any favorites?

2017/01/13: TLS Channel IDs: Google's Crypto-Cookies are tracking Chrome

   [75]'But if you use Chrome, your requests ... are no longer stateless.
   Google can follow you from one website to the next, without using
   conventional tracking cookies'

   Depending if you're GoogleBorg or a user the English term for this
   would be akin to 'TokBind Stalking-capable (or vulnerable) browser' --
   but the Googlish-for-suckers term 'more secure browser' is preferred
   and used by Google.

Tracking Users across the Web via TLS Session Resumption o ACSAC 2018

   [76]'Google with its various hostnames is ... on nearly 80% of the
   Alexa Top 1M Sites...' / 'The largest shared TLS state within the ...
   Top 1k counts 84 sites and belongs to Google'

   The Hamburg Uni study of TLS v1.3/v1.2 built-in stalking abilities and
   shared-TLS-state exploits!

   Shared TLS state; on 80% of the Alexa Top 1M sites; with a ticket
   lifetime of 28hrs -- as just a part of the story! Hm, does it ring any
   bells :)?

Tracking Users across the Web via QUIC Session Resumption o PETS 2019

   [77]'...3rd-party ... can recognize users based on the token that the
   latter present during the 0-rtt connection attempt.' / 'a rejected
   0-rtt handshake does not terminate a tracking period, because the
   server can link the...

   QUIC, a Chrome-2-Google identity beacon, lets Google stalk you w/o
   asking for credentials or confirming identification. Brilliant, isn't
   it :)?

   To make things worse, the upcoming HTTP/3 is supposed to use a
   QUIC-variant as a transport.

   See the pattern emerging here. If a transport protocol was designed or
   influenced by Google
   -- it has a stalking mechanism built-in. Ouch!

That Dual-use RFC & IETF Drafts of the NSA-Would-Not-Be-Ashamed-Of Class:

   [78]Step 1a - IETF Draft: TLS Channel IDs

   Is that the original 'advanced risk analysis' :)?

   [79]Step 1b - IETF Draft: QUIC Transport Proto...

   Since 2012. The IETF dates are misleading.

   [80]Step 2 - IETF Draft: TokBind Protocol v1.0

   Were the third-parties (ab)used as fig leaves?

   [81]Step 3 - RFC 8446: The TLS Protocol v1.3

   n-RTT; did the stalking sneak into the TLS v1.3?

2013/12/21: The BSafe 'Random' Made It

   [82]'...the NSA arranged a secret $10m contract with RSA, one of the
   most influential firms in the computer security industry...'

2018/04/25: But 'Simon' and 'Speck' Didn't

   [83]'That's when things seemingly turned nasty and the NSA started
   attacking the reputations of those experts who were advising against
   approving the standards.'

13) How Recaptcha Works? A Dummy's
Guide To 'Advanced Risk Analysis'!

   A few things about Google are as annoying as their sense of antitrust
   impunity in the US -- but their firm conviction that the general public
   is 'just a bunch of suckers' is surely one of them.

   'Tracking mouse movements - over the captcha widget,' and 'advanced
   risk analysis.' That is what they said about Recaptcha. Didn't they?

   Very googlish; an absolute lack of respect; only the 'suckers' word is
   missing -- so the people can know what Google overlords think of them!

   Consider the SCID & Source-address Token / n-RTT session resumption of
   the QUIC, PSK / n-RTT session resumption of the TLS v1.3, Session
   Ticket and SessionID session resumption of the TLS v1.2, cross-domain
   Shared TLS States, Token Binding, as well as TLS Channel IDs ways of
   user tracking.

   Note that this isn't the final list! A few other protocols are still
   awaiting the long overdue independent audits of their stalking

   To simplify, we coined the temporary umbrella term TokBind Stalking to
   refer to both the list and the cryptological foundation under a part of
   it. While technically imperfect -- it suffices. If it sticks depends on
   what else emerges later.

   Their first try was the old 'Login by Google'; but both its name and
   users' affirmative actions required were the obvious 'shortcomings'.

   Then TokBind converted it into something like 'Drive-by Check-in by
   Google'; or by a fair legal extrapolation: 'Involuntary Check-in by
   .......' -- fill in the blank!

   An Identity + TokBind Stalking play!

   When you open a Recaptcha-infested page -- spies weep. No need for
   cookies; nor to click or type; nor for one of Google's sites in another
   tab -- nor, in some scenarios, even the Stalker itself has to fully
   load and execute.

   As the stalking leapt from the app layer to the transport layer; your
   request of the Stalker's URL itself -- can now be that 'Check-In'. Got

   Why they disguised it as a 'captcha'? We do not know; they do not stop
   by to confess -- did someone assess that such a disguise will let it
   stalk on the sites where no other tentacle can?

   In that light, Google's nonsensical sense of antitrust impunity in the
   US might not be such an utter nonsense after all -- maybe they do have
   a deal of some sort indeed -- time will tell.

   We can't wait to see Google's attempts to fit its TokBind
   Stalker-enabled mass-surveillance into a GDPR frame. It would be a
   hilarious comedy -- despite them never reaching a happy end.

   The next time you hear our Google overlords bullshitting the terms like
   'advanced risk analysis', 'tracking mouse movements', or 'more secure
   browser'; tell them to stick it; and where.
   BotDetect Team: OK Google, six plus years, that's perseverance -- did
   the 'pals' offer help :)?

   Did they?

2013/07/15: The Crux of the NSA Story: Gen. K. Alexander Wanted to Slurp It

   [84]'Collect it all, tag it, store it. ...And whatever it is you want,
   you go searching for it...'
   '...Gen. Keith B. Alexander, wanted more than mere snippets. He wanted

2014/09/16: U.S. Government to Yahoo: Comply with PRISM, or ... Go Bankrupt

   [85]'...threatened to fine Yahoo $250k/day...' / '... doubled each week
   until Yahoo complied.'

2013/06/07: Snowden Files: NSA PRISM Taps Into Apple, Google and Others

   [86]'The NSA has obtained direct access to the systems of...' / 'Google
   ... in 2009; YouTube in 2010; and finally Apple ... in 2012.'

2019/03/12: Senate Judiciary Committee: J. Hawley (R-Mo.) vs. Google's Will

   [88]'Do you think an average consumer ... fully understands Google
   builds a profile about her ... tracks where her boyfriend lives...'

   [89]'Americans have not signed up for this. They think that the
   products ... are free. They're not free. They think they can opt out of
   the tracking that you're performing. They can't meaningfully opt out.'
   / 'Btw, this is just the phone. We're not even talking yet about Search
   or Internet tracking,' Hawley said.

2019/04/13: Google's Donkey-run Dragnet Made the NSA Keith Look Amateurish

   [90]In Arizona ... police received data six months after...' / 'In a
   different Minnesota case ... it came in four weeks' / 'Sensorvault ...
   includes detailed location records involving at least hundreds of
   millions of devices worldwide and dating back nearly a decade.'

   Slurp it all -- that modus operandi sounds so familiar! Google wants
   you to understand that decade old data is a perfect fit for
   'advertising' -- but that googling it is slow coz the data is sifted
   through by donkeys -- which can take a while :)

2018/03/31: The Trump Administration: US May Tie Social Media to Visa

   [91]'Applicants would also be asked for five yrs of their phone
   numbers, emails, and travel history.' / 'the US state department
   proposal could affect around 14.7m people a year'

   Five years of phone numbers, email addresses, and travel history; 14.7m
   times a year -- what a strange coincidence! No way that the submitted
   info will be cross-checked against Google's Sensorvault data -- Google
   just can't have that many donkeys :). That policy [92]went live, btw.

2018/04/19: But Unlike Google's Donkeys, the NSA Keith Was Aware of

   [94]'When whole communities are algo-scraped for pre-crime suspects,
   data is destiny' / 'One woman in the system, for example, who wasn't
   suspected of committing any crime, was identified as having multiple

   Shhhh, Google should not know about this :)

2019/03/04: How Google got away with it?

   [95]'The rhetoric of the pioneering surveillance capitalists, and just
   about everyone who has followed, has been a textbook of misdirection,
   euphemism, and obfuscation.'

2013/06/10: PRISM Exposed: Data Surveillance with Global Implications

   [96]Gus Hunt, the CIA's CTO, made a forthright admission in March: 'We
   fundamentally ... collect everything and hang onto it forever.'

14) Captcha Isn't a Part of PRISM. How
about Recaptcha; and its data-feed?

   One might argue that as a US company Google didn't have a legal way to
   avoid becoming a part of PRISM. Well, neither did Apple -- but that is
   the point where all the similarities end.

   Confronting the reality, Apple went into 'what happens on your iPhone,
   stays on your iPhone' mode; slurping the least they can. No law can
   force them to provide the data they did not get!

   While Google was opportunistic -- there were synergies. With a NSA
   implant sticking out of its back -- it morphed into an obsessive
   stalker -- and went on a data-slurping perma-spree!

   English is an interesting language; see this:

   If one, by undisclosed means, meticulously collects the data about a
   dozen officials of a particular country; their friends, family, health,
   finances, locations, sex lives, what they wrote, read, or said, etc --
   that is called 'espionage.'

   But, if one, by the same undisclosed means, meticulously collects the
   same data about the entire population of that country; including the
   same officials, their friends and family -- that is called
   'advertising'. It is amazing, isn't it?

   And then, if by the same means, one collects the same personal data
   about everyone in your own country; to the level that one has the data
   where your teenage daughter's bf lives; and, with whom, when, and where
   she had one night stands -- that is also called 'advertising'. Is it

   Our Google overlords love to bullshit about privacy and 'organizing the
   world's information'; but what they made stinks as the world's first
   publicly-traded signal intelligence organization.

   Regardless, on 2019/05/07, Google's CEO, Sundar Pichai, who presides
   over Android and the TokBind Stalker, a nation-state class
   mass-surveillance technologies, volunteered to show off his
   Googlish-for-suckers at its finest:

   [97]'Privacy cannot be a luxury good offered only to people who can
   afford to buy premium products and services. Privacy must be equally
   available to everyone in the world.'

   Sundar, with skin thick enough to withstand an arrow, was confident
   that in no time -- he would be done placating 'that bunch of suckers'.

   No one told him that, [98]that [99]train [100]is [101]gone :)

   His first sentence is a diversion; supposedly a salvo aimed at Apple;
   while in fact the magician just drew your attention toward irrelevant

   The English translation of his second sentence would be akin to: 'The
   privacy from Google [and the 'pals'] will not be given to anyone.'

   He did not offer privacy from Google at all; and privacy is equally
   available if it is not given to anyone. You see, he was not lying --
   shame on you for getting it all wrong! Skillful, right :)?

   Still, due credit should be given.

   Aside from making the world's first listed sigint agency ever, our
   Google overlords managed to take corporate doublespeak to a completely
   new, language-dialect level -- all while enriching themselves immensely
   in the process. Neat!

   However, it won't enrich your teenage daughter.

   Does her bf have all that info? No! Do you? No! With the reason -- it
   is none of your business!

   But, Google think that teens' one night stands are their business --
   and, they got the data!

   Now, sit down and guess -- who will make sure to have a copy? Forever!
   Got it?

   Hence, it might be wise to sit her down; and, gift her an iPhone --
   while carefully explaining how the English language works -- with an
   emphasize on its Googlish-for-suckers dialect peculiarities!

   Captcha, Inc and BotDetect CAPTCHA have nothing to do with the NSA
   PRISM. How about Google Recaptcha -- and its data-feed? Btw, just
   imagine Sundar's stand-up gig on the topic :)

   BotDetect Team: OK Google, was Keith learning from you guys -- or you
   learned from him :)?

   Think for yourself!

   [102][back to top]
     * CAPTCHA Generator Home
          + [104]Known Issues (Current Releases)
          + [105]Customer References
          + [106]CAPTCHA Demo
          + [107]CAPTCHA Download
          + [108]CAPTCHA Samples
          + [109]CAPTCHA Localizations
          + [110]CAPTCHA Generators
               o [111]ASP.NET CAPTCHA Generator
               o [112]Java CAPTCHA GeneratorBeta
               o [113]PHP CAPTCHA Generator
          + [114]CAPTCHA Frontends
               o [115]Angular CAPTCHA Modules
               o [116]jQuery CAPTCHA Plugin
               o [117]React CAPTCHA Component
          + [118]CAPTCHA APIs
               o [119]Intro
               o [120]Traditional API
               o [121]Simple API Experimental
          + [122]BotDetect General FAQ
          + [123]Roadmap & Release Notes
          + [124]Migration Guides
     * [125]Shop
     * [126]Captcha Accessibility
     * [127]Articles
     * [128]About

Current BotDetect Versions

     * BotDetect ASP.NET CAPTCHA
     * BotDetect Java CAPTCHA
     * BotDetect PHP CAPTCHA

Popular Content

     * [129]Angular Captcha
     * [130]jQuery Captcha
     * [131]React Captcha
     * [132]Audio Captcha
     * [133]Captcha Accessibility
     * [134]Section 508 Captcha
     * [135]WCAG Captcha
     * [136]ADA Captcha
     * [137]MVC Captcha
     * [138]JavaScript Captcha
     * [139]Ajax Captcha
     * [140]BotDetect CAPTCHA vs.
       Recaptcha the Stalker

   [141]BotDetect CAPTCHA Customer References
   [142]Run the BotDetect CAPTCHA Online Demo Live BotDetect Captcha Demo
   [143]Download the BotDetect CAPTCHA Free Version Free BotDetect Captcha
   [144]Purchase BotDetect CAPTCHA License Upgrades Full BotDetect Captcha

BotDetect Captcha Image Samples

   BotDetect CAPTCHA image style screenshot
   [145]BotDetect Korean CAPTCHA image style screenshot
   BotDetect CAPTCHA image style screenshot
   [146]BotDetect Japanese CAPTCHA image style screenshot
   BotDetect CAPTCHA image style screenshot
   BotDetect CAPTCHA image style screenshot
   [147]BotDetect Chinese CAPTCHA image style screenshot
   BotDetect CAPTCHA image style screenshot
   [148]BotDetect Russian CAPTCHA image style screenshot
   BotDetect CAPTCHA image style screenshot

   [149]More CAPTCHA image samples...

BotDetect Audio Captcha Sound Samples






   [155]More audio CAPTCHA sound samples...
   ____________________ Search

     * [156]Angular Captcha
     * [157]AngularJS Captcha
     * [158]jQuery Captcha
     * [159]React Captcha
     * [160].NET (Core) Captcha
     * [161]Java CaptchaBeta
     * [162]PHP Captcha
     * [163]Captcha APIs
     * [164]Download
     * [165]Demo
     * [166]Support
     * [167]Shop
     * [168]References
     * [169]Contact
     * [170]About

     * [171].NET Captcha
     * [172]Java Captcha
     * [173]PHP Captcha
     * [174]MVC Captcha
     * [175]Angular Captcha
     * [176]jQuery Captcha
     * [177]React Captcha
     * [178]JavaScript Captcha
     * [179]Ajax Captcha
     * [180]Download
     * [181]Demo
     * [182]Captcha Generator
     * [183]Captcha APIs
     * [184]Support
     * [185]Shop
     * [186]References
     * [187]About
     * [188]Contact
     * [189]Privacy
     * [190]Terms
     * [191]ReCaptcha.sucks

    Captcha, Inc. 2004-2020. All rights reserved.

   BotDetect, BotDetect CAPTCHA, Lanap, Lanap CAPTCHA, Lanap BotDetect,
   Lanap BotDetect CAPTCHA, Lanapsoft, Lanapsoft CAPTCHA, Lanapsoft
   BotDetect, Lanapsoft BotDetect CAPTCHA, and Lanap Software are
   trademarks of Captcha, Inc. All other product, brand, and company names
   are mentioned for identification purposes only and are trademarks or
   registered trademarks of their respective owners.

   Captcha, Inc. -- formerly: Lanapsoft, Inc. / Lanap, Inc.


   Visible links
   1. https://captcha.com/
   2. https://captcha.com/accessibility/wcag-captcha.html
   3. https://captcha.com/accessibility/section508-captcha.html
   4. https://captcha.com/captcha-localizations.html
   5. https://en.wikipedia.org/wiki/Fear,_uncertainty_and_doubt
   6. https://www.politico.com/story/2019/09/09/google-antitrust-probe-1713159
   7. https://www.theregister.co.uk/2019/06/28/google_recaptcha_favoring_google/
   8. https://www.fastcompany.com/90369697/googles-new-recaptcha-has-a-dark-side
   9. https://www.npr.org/2019/05/03/720097308/google-replaces-captcha-with-recaptcha-a-more-effective-way-to-decide-who-is-hum?t=1561895470499
  10. https://arxiv.org/pdf/1903.01003.pdf
  11. https://petsymposium.org/2019/files/papers/issue3/popets-2019-0046.pdf
  12. https://captcha.com/#how-recaptcha-works-a-dummys-guide-to-advanced-risk-analysis
  13. https://lawstreetmedia.com/issues/business-and-economics/eu-antitrust-case-google/
  14. https://www.theregister.co.uk/2019/09/04/recaptcha_robot_hack/
  15. https://regmedia.co.uk/2019/08/29/recaptchapaper.pdf
  16. https://youtu.be/l3sS_fTlK_8
  17. https://arxiv.org/pdf/1903.01003.pdf
  18. https://www.theregister.co.uk/2019/01/03/recaptcha_voice_challenge/
  19. https://www.zdnet.com/article/google-patches-recaptcha-bypass-vulnerability/
  20. https://www.theregister.co.uk/2017/10/31/uncaptcha_research_cracks_audio_captchas/
  21. http://uncaptcha.cs.umd.edu/papers/uncaptcha_woot17.pdf
  22. http://science.sciencemag.org/content/early/2017/10/26/science.aag2612.full
  23. https://www.crunchbase.com/organization/vicarious-systems-inc
  24. https://threatpost.com/google-recaptcha-bypass-technique-uses-googles-own-tools/124006/
  25. https://www.blackhat.com/docs/asia-16/materials/asia-16-Sivakorn-Im-Not-a-Human-Breaking-the-Google-reCAPTCHA-wp.pdf
  26. https://captcha.com/captcha-examples.html
  27. https://captcha.com/references.html
  28. https://en.wikipedia.org/wiki/Great_Firewall
  29. https://www.google.com/search?q=does+recaptcha+work+in+china?
  30. https://captcha.com/localizations/slovak-captcha.html
  31. https://captcha.com/localizations/malay-captcha.html
  32. https://captcha.com/localizations/indonesian-captcha.html
  33. https://captcha.com/localizations/english-captcha.html#irish-english
  34. https://captcha.com/captcha-localizations.html
  35. https://github.com/neuroradiology/InsideReCaptcha
  36. https://captcha.com/captcha-roadmap-and-release-notes.html#aspnet_rn_4.4.1
  37. https://captcha.com/captcha-roadmap-and-release-notes.html#aspnet_rn_4.4.0
  38. https://captcha.com/accessibility/section508-captcha.html
  39. http://www.deque.com/blog/section-508-lawsuit/
  40. http://homakov.blogspot.in/2014/12/the-no-captcha-problem.html
  41. https://captcha.com/accessibility/section508-captcha.html#web_standards_synchronized_alternatives
  42. http://ampthemag.com/the-real/ticketmaster-sued-recaptcha-patent-case/
  43. https://insight.rpxcorp.com/litigation_documents/12464246
  44. https://www.google.com/patents/US8621578
  45. http://recaptcha.sucks/
  46. http://www.businessinsider.com/google-no-captcha-adtruth-privacy-research-2015-2
  47. https://www.theregister.co.uk/2017/11/22/permissionless_data_slurping_google/
  48. http://www.businessinsider.com/google-no-captcha-adtruth-privacy-research-2015-2/
  49. http://www.businessinsider.com/eric-schmidt-we-know-where-you-are-we-know-where-youve-been-we-can-more-or-less-know-what-youre-thinking-about-2010-10/
  50. https://techcrunch.com/2010/09/07/eric-schmidt-ifa/
  51. https://www.pcworld.com/article/184446/googles_schmidt_roasted_for_privacy_comments.html
  52. https://www.google.com/search?q=google+recaptcha+tor+browser
  53. http://fortune.com/2018/05/25/google-facebook-gdpr-forced-consent/
  54. https://www.cnbc.com/2018/03/30/gdpr-everything-you-need-to-know.html
  55. https://www.zdnet.com/article/gdpr-an-executive-guide-to-what-you-need-to-know/
  56. https://www.natlawreview.com/article/brazil-s-new-general-data-privacy-law-follows-gdpr-provisions
  57. https://www.theverge.com/2017/6/27/15872354/google-eu-fine-antitrust-shopping
  58. https://www.nytimes.com/2018/02/20/magazine/the-case-against-google.html
  59. https://www.cbsnews.com/news/how-did-google-get-so-big/
  60. https://www.economist.com/leaders/2018/07/19/googles-android-fine-is-not-enough-to-change-its-behaviour
  61. https://promarket.org/argue-government-can-buy-government-qa-gary-reback/
  62. https://www.businessinsider.com/antitrust-lawyer-gary-reback-criticizes-the-eu-google-cases-2018-7/
  63. https://www.google.com/search?q=google%20graveyard&rct=j
  64. https://www.theregister.co.uk/2018/03/19/carolina_cops_go_minority_report_with_google_location_subpoena/
  65. https://www.androidauthority.com/google-facebook-porn-tracking-1011176/
  66. https://news.harvard.edu/gazette/story/2019/03/harvard-professor-says-surveillance-capitalism-is-undermining-democracy/
  67. https://tips.fbi.gov/
  68. http://www.theregister.co.uk/2017/04/19/nsa_fbi_spy_on_us_for_our_protection/
  69. https://en.wikipedia.org/wiki/Talk:ReCAPTCHA
  70. https://www.forbes.com/sites/kashmirhill/2012/04/30/wi-spy-google-engineer-wanted-snapshots-of-where-people-were-and-what-they-were-doing/
  71. https://www.nytimes.com/2012/05/01/technology/engineer-in-googles-street-view-is-identified.html
  72. http://bgr.com/2016/08/09/pokemon-go-privacy-issues/
  73. https://theintercept.com/2016/08/09/privacy-scandal-haunts-pokemon-gos-ceo/
  74. https://patents.google.com/patent/US8968099B1/en
  75. https://go-to-hellman.blogspot.com/2017/01/googles-crypto-cookies-are-tracking.html
  76. https://arxiv.org/pdf/1810.07304.pdf
  77. https://petsymposium.org/2019/files/papers/issue3/popets-2019-0046.pdf
  78. https://tools.ietf.org/html/draft-balfanz-tls-channelid-01
  79. https://datatracker.ietf.org/doc/draft-hamilton-quic-transport-protocol/00/
  80. https://tools.ietf.org/html/draft-ietf-tokbind-protocol-19
  81. https://tools.ietf.org/html/rfc8446
  82. https://www.reuters.com/article/us-usa-security-rsa/exclusive-secret-contract-tied-nsa-and-security-industry-pioneer-idUSBRE9BJ1C220131221
  83. https://www.theregister.co.uk/2018/04/25/nsa_iot_encryption/
  84. https://www.theguardian.com/commentisfree/2013/jul/15/crux-nsa-collect-it-all
  85. https://www.zdnet.com/article/u-s-government-to-yahoo-comply-with-prism-or-well-make-sure-you-go-bankrupt/
  86. https://www.theguardian.com/world/2013/jun/06/us-tech-giants-nsa-data
  87. https://nsa.gov1.info/dni/prism.html
  88. https://www.wfae.org/post/targeting-online-privacy-congress-sets-new-tone-big-tech
  89. https://pjmedia.com/trending/google-tracks-you-even-when-location-is-turned-off-google-exec-finally-admits-to-congress/
  90. https://www.nytimes.com/interactive/2019/04/13/us/google-location-tracking-police.html
  91. https://www.bbc.com/news/world-us-canada-43601557
  92. https://www.natlawreview.com/article/new-ds-160-form-seeks-social-media-information-affecting-millions-visa-applicants
  93. https://techcrunch.com/2015/01/11/leaked-palantir-doc-reveals-uses-specific-functions-and-key-clients/
  94. https://www.bloomberg.com/features/2018-palantir-peter-thiel/
  95. https://news.harvard.edu/gazette/story/2019/03/harvard-professor-says-surveillance-capitalism-is-undermining-democracy/
  96. https://www.spiegel.de/international/world/prism-leak-inside-the-controversial-us-data-surveillance-program-a-904761.html
  97. https://www.itwire.com/open-sauce/google-s-sundar-pichai-on-privacy-%E2%80%93-pure-comedy-gold.html
  98. https://www.computerworld.com/article/3394043/no-google-apples-privacy-is-not-a-luxury-item.html
  99. https://bgr.com/2019/05/08/google-privacy-features-vs-apple-sundar-pichais-nyt-opinion/
 100. https://www.accc.gov.au/system/files/Oracle%20Corporation%20(March%202019).PDF
 101. https://www.news.com.au/technology/online/security/google-knows-where-you-live-work-and-your-secret-interests-new-shadow-profile-report-says/news-story/82049f5ac0528d7481ec263de6ae0531
 102. https://captcha.com/#top
 103. https://captcha.com/#how-recaptcha-works-a-dummys-guide-to-advanced-risk-analysis
 104. https://captcha.com/captcha-known-issues.html
 105. https://captcha.com/references.html
 106. https://captcha.com/demos/features/captcha-demo.aspx
 107. https://captcha.com/captcha-download.html
 108. https://captcha.com/captcha-examples.html
 109. https://captcha.com/captcha-localizations.html
 110. https://captcha.com/asp.net-captcha.html
 111. https://captcha.com/asp.net-captcha.html
 112. https://captcha.com/java-captcha.html
 113. https://captcha.com/php-captcha.html
 114. https://captcha.com/angular-captcha.html
 115. https://captcha.com/angular-captcha.html
 116. https://captcha.com/jquery-captcha.html
 117. https://captcha.com/react-captcha.html
 118. https://captcha.com/api/captcha-api.html
 119. https://captcha.com/api/captcha-api.html
 120. https://captcha.com/api/captcha-traditional-api.html
 121. https://captcha.com/api/captcha-simple-api.html
 122. https://captcha.com/captcha-faq.html
 123. https://captcha.com/captcha-roadmap-and-release-notes.html
 124. https://captcha.com/captcha-migration-guides.html
 125. https://captcha.com/shop.html
 126. https://captcha.com/captcha-accessibility.html
 127. https://captcha.com/articles/can-captcha-be-broken.html
 128. https://captcha.com/about/captcha-inc.html
 129. https://captcha.com/angular-captcha.html
 130. https://captcha.com/jquery-captcha.html
 131. https://captcha.com/react-captcha.html
 132. https://captcha.com/articles/audio-captcha.html
 133. https://captcha.com/captcha-accessibility.html
 134. https://captcha.com/accessibility/section508-captcha.html
 135. https://captcha.com/accessibility/wcag-captcha.html
 136. https://captcha.com/accessibility/ada-captcha.html
 137. https://captcha.com/mvc-captcha.html
 138. https://captcha.com/javascript-captcha.html
 139. https://captcha.com/ajax-captcha.html
 140. https://captcha.com/./#recaptcha_vs_botdetect_captcha
 141. https://captcha.com/references.html
 142. https://captcha.com/demos/features/captcha-demo.aspx
 143. https://captcha.com/captcha-download.html
 144. https://captcha.com/shop.html
 145. https://captcha.com/./localizations/korean-captcha.html
 146. https://captcha.com/./localizations/japanese-captcha.html
 147. https://captcha.com/./localizations/chinese-captcha.html
 148. https://captcha.com/./localizations/russian-captcha.html
 149. https://captcha.com/captcha-examples.html
 150. https://captcha.com/sounds/radio.wav
 151. https://captcha.com/sounds/hivemind.wav
 152. https://captcha.com/sounds/robot.wav
 153. https://captcha.com/sounds/pulse.wav
 154. https://captcha.com/sounds/dispatch.wav
 155. https://captcha.com/audio-captcha-examples.html
 156. https://captcha.com/angular-captcha.html
 157. https://captcha.com/angular-captcha.html#angularjs-captcha
 158. https://captcha.com/jquery-captcha.html
 159. https://captcha.com/react-captcha.html
 160. https://captcha.com/asp.net-captcha.html
 161. https://captcha.com/java-captcha.html
 162. https://captcha.com/php-captcha.html
 163. https://captcha.com/api/captcha-api.html
 164. https://captcha.com/captcha-download.html
 165. https://captcha.com/demos/features/captcha-demo.aspx
 166. https://captcha.com/contact.html
 167. https://captcha.com/shop.html
 168. https://captcha.com/references.html
 169. https://captcha.com/contact.html
 170. https://captcha.com/about/captcha-inc.html
 171. https://captcha.com/asp.net-captcha.html
 172. https://captcha.com/java-captcha.html
 173. https://captcha.com/php-captcha.html
 174. https://captcha.com/mvc-captcha.html
 175. https://captcha.com/angular-captcha.html
 176. https://captcha.com/jquery-captcha.html
 177. https://captcha.com/react-captcha.html
 178. https://captcha.com/javascript-captcha.html
 179. https://captcha.com/ajax-captcha.html
 180. https://captcha.com/captcha-download.html
 181. https://captcha.com/demos/features/captcha-demo.aspx
 182. https://captcha.com/./
 183. https://captcha.com/api/captcha-api.html
 184. https://captcha.com/contact.html
 185. https://captcha.com/shop.html
 186. https://captcha.com/references.html
 187. https://captcha.com/about/captcha-inc.html
 188. https://captcha.com/contact.html
 189. https://captcha.com/privacy.html
 190. https://captcha.com/terms.html
 191. https://recaptcha.sucks/

   Hidden links:
 193. https://captcha.com/captcha-roadmap-and-release-notes.html#aspnet-release-notes
 194. https://captcha.com/captcha-roadmap-and-release-notes.html#java-release-notes
 195. https://captcha.com/captcha-roadmap-and-release-notes.html#php-release-notes
 196. https://captcha.com/
 197. https://captcha.com/
 198. https://captcha.com/./