top | item 8694262

(no title)

It seems like they're using cursor tracking to validate human-ness. Assuming thats the case: Since the cursor is outside of javascript's control, it would force the attacker one level higher (to the browser/os, instead of the dom). Not impossible, but still a significant barrier.

discuss

fatratchet|11 years ago

Not really, you would just need to reverse the js code, look at what data they actually send to google and randomly generate appropriate data like mouse movements.

grimtrigger|11 years ago

Ah, good point