Are you using Google's reCaptcha? Then you might be training Pentagon's killer drones.
With the rise of blogs, web 2.0, and user-generated content, came a torrent of SPAM. Automated computer programs, or bots, were flooding the internet with comment SPAM, more often than not drowning out actual discussion. In an effort to deal with the problem, the good guys on the internet took advantage of the fact that computers used to be quite bad at recognizing objects in an image. And thus the “Completely Automated Public Turing test to tell Computers and Humans Apart”, or CAPTCHA was born.
The first CAPTCHA implementations were dead simple. To be allowed to write a comment on a web site, the user had to recognize the letters in an image, and then write those exact letters in a text box. If the letters in the image matched the ones provided by the user, the site knew user was human, and was thus allowed to comment. Recognizing the letters in the image was an easy task for most people, but the bots didn’t stand a chance.
But as image recognition software became more advanced, the bots started to solve the first CAPTCHA implementations. The dam was about to break, and to prevent this, the internet created more advanced CAPTCHAs. Some of these second generation CAPTCHA implementations were terrible, like the one in the image to the left. Sure, they were impossible for bots to solve, but they were also very hard for a human being to figure out. It happened more than once that I simply gave up filling out an online form because of an unsolvable CAPTCHA.
Then Google came along with their silver bullet: reCAPTCHA.
The current version of Google’s reCAPTCHA is different from most other CAPTCHA implementations. Instead of numbers and letters, the user is required to identify everyday objects. In the example to the right, the user is asked to identify all the images containing cars. Very easy for a human being, not that easy for your average computer recognition software1.
Google is providing reCAPTCHA for free, but as we all know, there is no such thing as a free lunch. Millions of reCAPTCHAs are solved every day, and Google is using the technology to digitize text, annotate images, create better maps - and solve hard AI problems. The use of the data from our reCAPTCHA example with the cars above is obvious: It will help improve the algorithms used in Google’s self driving vehicles.
And that’s just fantastic, right? There is less SPAM on the internet, and self driving cars will be less likely to crash into things. Everybody wins, yes? The problem is that you can’t be certain if the data you just provided will be used to help a self driving car identify another car to avoid it, or to help a military drone identify a car to blow it up.
“That can’t be!”, you might hear yourself screaming. Google is the Don’t Be Evil-company! But no. Gizmondo recently published a story how Google is “helping the Pentagon build AI for drones”. The story has since been picked up by other news and technology sites, like The Intercept and The Register.
Google is providing Pentagon with access to TensorFlow, an open-source software library for machine learning applications such as neural networks. At Pentagon, TensorFlow is being used to help military analysts detect objects in images.
You might argue that the Pentagon are the good guys. And Google’s reCAPTCHA isn’t showing pictures from Syria, asking you to identify Russian fighter jets, and al-Assad’s tanks. At least not yet. But in my simple mind, you’re on a terribly slippery slope as soon as you start getting directly involved with the military in any way, shape, or form.
Back to basic
I’ve been using Google’s reCAPTCHA on this site for years. It’s terrible effective for stopping SPAM. But I can’t take part in a program that might potentially be used for military purposes. That means that I will replace reCAPTCHA with another CAPTCHA implementation as soon as time permits. Will this result in more comment SPAM? Perhaps. Will it make all military drones fall out of the sky? Certainly not.
But in a world where a single consumer’s voice doesn’t matter dick, it’s about as much as I can do. If you, too, are using reCAPTCHA on your site, I urge you to reconsider.
Yet. This CAPTCHA implementation will also break one day, but it’s currently state-of-the-art. ↩︎
This post has no feedback yet.
Do you have any thoughts you want to share? A question, maybe? Or is something in this post just plainly wrong? Then please send an e-mail to
vegard at vegard dot net with your input. You can also use any of the other points of contact listed on the About page.