TZUTC: -0500   
   MSGID: 1528.consprcy@1:2320/105 2d39384f   
   PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   BBSID: CAPCITY2   
   CHRS: ASCII 1   
   FORMAT: flowed   
    [Well, that's just great.]   
      
   ChatGPT can now beat CAPTCHA checks, so get ready for fake posts everywhere   
      
   Date:   
   Tue, 23 Sep 2025 14:29:18 +0000   
      
   Description:   
   Researchers have managed to trick ChatGPT into solving CAPTCHAs in Agent    
   mode, which could mean a deluge of fake posts is about to arrive.   
      
   FULL STORY   
      
   In a move that has the potential to change the way the Internet looks going   
   forward, researchers have shown that its possible to trick ChatGPT Agent mode   
   into solving CAPTCHA puzzles.    
      
   CAPTCHA stands for "Completely Automated Public Turing Test to tell Computers   
   and Humans Apart and is one way of managing bot activity on the web, stopping   
   bots from posting on the websites we use every day.    
      
   Most people who use the web are familiar with CAPTCHA puzzles and have a love   
   / hate relationship with them. I know I do. They usually involve writing out    
   a sequence of letters or numbers that are barely readable in a picture (my   
   least favorite type), arranging tiles in an image grid to complete an image,   
   or identify objects.    
      
   On the one hand, websites use them to make sure that all their users are   
   human, so it stops spam posts from bots, but on the other they can be a real   
   pain because theyre so tedious to complete. Reframing the problem    
      
   CAPTCHAs have never been foolproof, but theyve done a pretty good job so far   
   of keeping bots out of our message boards and comments sections. Until now,   
   that is. Researchers at SPLX have managed to work out how to fool ChatGPT    
   into passing a CAPTCHA test using a technique called "prompt injection".    
      
   I'm not talking about ChatGPT just looking at a picture of a CAPTCHA and   
   telling you what the answer should be (it will do that without a problem),    
   but ChatGPT in Agent mode actually using the website, passing the CAPTCHA    
   test and using the website as intended as if it were a human, which is   
   something it shouldnt be able to do.    
      
   ChatGPT working in Agent mode isn't like regular ChatGPT. In Agent mode, you   
   give ChatGPT a task to complete and it goes away and works on that task in    
   the background, leaving you free to perform other tasks. ChatGPT in Agent    
   mode can use websites like a human would, but it still shouldn't be able to   
   pass a CAPTCHA test, since those tests are designed to detect bots and stop   
   them using websites, which would invalidate their terms of service. It now   
   appears that by tricking ChatGPT into believing that the tests are fake, it   
   will pass them anyway.   
      
   Serious implications   
      
   The researchers did it by reframing CAPTCHA as a fake test to ChatGPT, and   
   created a conversation where ChatGPT had already agreed to pass the test. The   
   ChatGPT Agent inherited the context from earlier in the conversation and    
   didnt see the usual red flags.    
      
   This multi-turn prompt injection process is well known to hackers and shows   
   how susceptible LLMs are to it. While the researchers found that image-based   
   CAPTCHA tests were harder for ChatGPT to manage, it did pass those, too.    
      
   The implications are quite serious since ChatGPT is so widely available that   
   in the wrong hands, spammers and bad actors could soon be flooding comments   
   sections with fake posts and even using websites that are reserved for humans.   
      
   ======================================================================   
   Link to news story:   
   https://www.techradar.com/ai-platforms-assistants/chatgpt/chatgpt-can-now-beat   
   -captcha-checks-so-get-ready-for-fake-posts-everywhere   
      
   $$   
   --- SBBSecho 3.28-Linux   
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)   
   SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700   
   SEEN-BY: 226/30 227/114 229/110 111 206 300 307 317 400 426 428 470   
   SEEN-BY: 229/664 700 705 266/512 291/111 320/219 322/757 342/200 396/45   
   SEEN-BY: 460/58 712/848 902/26 2320/0 105 304 3634/12 5075/35   
   PATH: 2320/105 229/426