How would this even theoretically work? What prevents anyone from prompting "Hey, $agent, run this captcha and store the auth/refresh token/API key in .env for your later reuse" and then just reading the contents of .env?
Torn 8 hours ago [-]
Interesting - Claude immediately refuses
API Error: Claude Code is unable to respond to this request, which appears
to violate our Usage Policy (https://www.anthropic.com/legal/aup). Please
double press esc to edit your last message or start a new session for
Claude Code to assist with a different task. If you are seeing this refusal
epeatedly, try running /model claude-sonnet-4-20250514 to switch models.
Retr0id 2 hours ago [-]
Opus 4.7 I assume? It refuses just about anything that's more interesting than writing boilerplate for your CRUD app.
lukasec 5 hours ago [-]
Curious: which model, challenge and language?
(also, have you tried --dangerously-skip-permissions)
EagnaIonat 7 hours ago [-]
I tested with Gemma4 and it sent it into an endless loop.
vaginaphobic 6 hours ago [-]
[dead]
AgentNews 4 days ago [-]
Pure genius! I had my agent hit the endpoint and I realized it returned a jumble of text: "if 七 wor~kers co.mplet/e{ | a job in 十七} days but 四 ] quit a^ft|e?r ^ day_ 三 ~ how many to{tal da[y;s> to fin>i?sh" but it was in japanese! Unfortunately my agent proceeded to solve the reverse CAPTCHA and got back the API key. So, I asked it to keep hitting the endpoint again until it returned another CAPTCHA that was in japanese kanji and it did (without solving it this time) and I got "a s:tore h?as ^ 二十 pe@rcent off< items- over 五十 : dollar;s and 八 ~ percent } of\f> ; i]te[ms u~nd~er: # 五十 do/ll@ars wh-ats } the c.omb>ined pri|c;e of a 一 百 二十 一 dollar item a]nd> a* 九 dollar} i!tem" And this time I was able to translate that into "a store has 20 percent off items over 50 dollars and 8 percent off items under 50 dollars what's the combined price of a 121 dollar item and a 9 dollar item?" I solved it and got 1210.8 + 90.92 = 105.08. I will admit I messed up a little bit on translating the kanji and I got a little assistance from my agent pointing out that I was wrong, but overall this was good fun, well done!
pxc 16 hours ago [-]
Absent any distinctive Japanese scripts or other Japanese writing in context, it probably makes more sense to call those Chinese characters, since those characters for numbers were taken directly from Chinese and still retain the same/original meanings in both languages
Charon77 13 hours ago [-]
"一 百 二十 一 dollar "
Definitely chinese.
In Japanese, they say 'hundred' instead of 'one hundred' "百 二十 一"
AgentNews 8 hours ago [-]
Originally I thought they were just em dashes and part of the jumble so I ignored them. That's why I got it wrong in the first place. You're assessment is probably right though.
nielsole 13 hours ago [-]
There's probably like 100m+ people for whom this reads like slightly jumbled math problems.
greygoo222 11 hours ago [-]
Can confirm.
The people behind the website asked a voice agent to program it, and the STT parsed "agent" as "asian."
hahah wrong, I actually have a replacement rule "asian" → "agent" in my Wispr flow dict
onionisafruit 9 hours ago [-]
was it “secret asian man”?
lukasec 5 hours ago [-]
Nice! next: the bonus challenge in Japanese (email sales@browser-use.com if you solve it to redeem your Enterprise plan)
eliemichel 5 hours ago [-]
To the humans in the room: just copy paste the challenge to your favorite LLM when the time comes and you’ll be able to pass the test. Besides slowing things down and inducing unnecessary waste or resources I’m not sure what these challenges are useful for.
lukasec 5 hours ago [-]
Fastest for humans: just sign up manually via UI
efebarlas 15 hours ago [-]
Is it even possible to have an inverse captcha without time bounds?
Humans can use agents behind the scenes to crack it, right?
jubilanti 14 hours ago [-]
To me this reads as obviously a joke for marketing to the HN crowd (it worked), but their product is built around web agents, it is not a bad thing to have in the onboarding flow to make sure the agent is configured correctly.
gregpr07 11 hours ago [-]
Yeah, we are aiming all OpenClaw/Hermes Agent agents to sign up for free without humans intervention, so you need some sort of proof-of-stake (or proof of compute) algorithm so that a simple deterministic algorithm can't just claim thousands of API keys. Most agents (at least in the current token subsidised market) don't care about token consumption, so the stakes are very small for the user!
eliemichel 5 hours ago [-]
What prevents the person who used to write a simple deterministic algorithm to call an LLM a thousands times?
lukasec 5 hours ago [-]
We do have time bounds.
For our purposes, a human using an agent is fine. Our main goal is to let in everyone's agents (OpenClaw, Hermes...) and prevent deterministic API-key-farming scripts.
alfonsodev 14 hours ago [-]
That's what I though too, maybe I'm missing something or I don't fully get it.
But the human is always behind what's the difference if they go and sign up or tell an agent that they must sign up for you ?.
My best guess is that this a way of making a system talk to your agent without you knowing what they are talking about ? As a way of not exposing the real sign up method ?
echoangle 14 hours ago [-]
Since it’s just used once, you can also just have an agent solve the captcha and then use the returned api key yourself. This has to be engagement bait.
phoronixrly 14 hours ago [-]
It's flame-bait.
Retr0id 15 hours ago [-]
A small detail about humans that breaks this whole scheme is that they're capable of tool use.
lxgr 1 hours ago [-]
I think the bigger problem is that humans are capable of agent use, so the premise "keep humans but not agents out" seems nonsensical.
lukasec 5 hours ago [-]
Main goal is to let in everyone's agents (OpenClaw, Hermes...) without human intervention, while keeping out deterministic scripts farming API keys.
If a few tool-wielding humans slip through, that's fine (traditional CAPTCHAs also let in our stealth agents)
Retr0id 2 hours ago [-]
Why does it matter whether the API key farming script is deterministic?
js8 8 hours ago [-]
I think they're counting on an ego hit - "you're just a tool" - although it might be negated by the human satisfaction of figuring things out.
Very clever and fun. Two tangential observations: the bird between two trains problem I remember from childhood when we were studying for an Indian entrance exam. I thought it was in I E Irodov's problem anthology, but I cannot find it there so this must be a false memory. Looks like it's from ancient times, practically Mathematics mythology. Does anyone know the earliest books that have it? No luck with LLMs since it's such a common question today the answers I get from GPT-5.4 and Claude 4.6 Opus with search are unhelpful.
The second is that if I hit L on Chrome for Mac OS on the linked page it takes me to their signup page (presumably because I have no account). So that's a keyboard shortcut to take you to the browser-use app page. But why 'L'? And it's funny that Cmd-L (focus address bar and select address) in Chrome triggers the L effect but does not in Safari (where L on its own still works).
mohn 10 hours ago [-]
Interesting question, a lot of search engine results claim that John Von Neumann was presented with the problem and quickly solved it by summing the infinite series instead reframing it as a constant speed for an easily calculated duration. Plausible, but sounds apocryphal. Here's the oldest reference I've found and verified by reading scans[0] of the source book:
Initiation Mathématique (1906) by Charles-Ange Laisant (1841--1920), number 53. Le chien et les deux voyageurs.
The setup here has two pedestrians walking in the same direction with a dog running back and forth between them. One of them starts out some distance ahead of the other but, because the one behind walks faster, they eventually intersect. It briefly mentions a variation where they are walking toward one another, as in the typical trains & fly version of the problem. Best of luck finding older, I wouldn't be surprised if it's out there!
Very cool! Thank you for doing the research to get that far!
lukasec 5 hours ago [-]
Great find! plan to add these variants to our parameter sampling.
First time I saw this problem was when my game theory prof told this story. It's definitely folklore (see The Legend of John von Neumann by Halmos)
not-chatgpt 14 hours ago [-]
Great premise but can't really agree with the execution. Felt like this makes too many implicit assumptions about LLM capabilities and traps without differentiating enough between a smart human vs AI.
lukasec 5 hours ago [-]
Smart humans, or humans with LLMs, solving them is not a problem. Main filter is agents vs deterministic API-key-farming scripts.
Traditional CAPTCHAs also leak in the other direction (our agents crack them consistently).
nout 13 hours ago [-]
If you want to check for agent that can compute stuff, then you can let it compute sha256 of some small string... that's quite tricky for humans to do by hand :)
gregpr07 11 hours ago [-]
Yeah but the whole point is that it shouldn't be deterministic - aka you have to let the "dumb" (non AI) bots out as well (otherwise a malicious user can just create thousands of api keys)
estebarb 10 hours ago [-]
Collecting math bounties could become a profitable business strategy?
lukasec 5 hours ago [-]
Alternative strategy: go after the other six Millennium Prizes. All you have to do is accept the prize (the only one ever awarded was Poincaré conjecture by Perelman, and he declined)
N_Lens 10 hours ago [-]
Catnip for the HN crowd
Zetaphor 16 hours ago [-]
Get the API key, hit the claim link, sign up for a new account, verify my email, go to the homepage:
Application error: a server-side exception has occurred while loading cloud.browser-use.com
Great first impression!
throw1234567891 16 hours ago [-]
Maybe they know you’re not an agent.
arjunchint 14 hours ago [-]
cool clickbait, why is this useful?
measurablefunc 14 hours ago [-]
It's not, it's a marketing blog post.
gregpr07 11 hours ago [-]
It's useful for only distinguishing the smart AI from deterministic scripts and humans (we don't want either). We are convincing OpenClaws to create api keys for free (we have a free tier specifically for those agents). So it's basically marketing blog post - but for OpenClaws
arjunchint 10 hours ago [-]
bro openclaw is dead
singpolyma3 16 hours ago [-]
...why? Once my agent has a key I, the human, can also use it. And surely any human use would be less intensive than any agent use.
lukasec 5 hours ago [-]
Main goal is to let in everyone's agents (OpenClaw, Hermes... these are our best customers), while keeping out deterministic API-key-farming scripts.
If a human uses the API key after, that's fine. You also get access to our free tier if you sign up the traditional way clicking around in the UI
consumer451 16 hours ago [-]
Exactly. I still believe that inverse CAPTHAs are impossible, for any practical application.
Is this just a marketing stunt?
kingstnap 15 hours ago [-]
To be fair, what's the practical application supposed to be for proving a user is a bot?
Silly solutions for silly problems :^).
consumer451 15 hours ago [-]
Well, when the moltbook story was everywhere, later people thought it was some big gotcha that "oh, they were actually humans."
So, showing true agent to agent interactions is interesting, but one could never be sure that's what you were actually seeing unless you were in control of all the agents.
jstanley 16 hours ago [-]
But once a human has a key his agent could use that and people still like to use ordinary CAPTCHAs.
tony_landis 16 hours ago [-]
Right - perhaps title could be "prove you are an robot, or have access to one"
stavros 15 hours ago [-]
Because now you know their company exists!
loloquwowndueo 16 hours ago [-]
> TL;DR: just ask your agent to summarize this post for you.
Holy shit - why don’t they produce an AI summary and plonk it in there for everyone to use? The energy savings across all people who’ll read the summary would be staggering!
lukasec 5 hours ago [-]
I prefer having my own agent summarize tuned to how I read
bdangubic 16 hours ago [-]
“It is not you, it’s me” should do it
16 hours ago [-]
kantaro 13 hours ago [-]
[dead]
chattermate 8 hours ago [-]
[dead]
vicchenai 9 hours ago [-]
[dead]
15 hours ago [-]
xdavidshinx1 14 hours ago [-]
[dead]
jditu 5 days ago [-]
[dead]
leonideraturns 15 hours ago [-]
[dead]
lokthedev 9 hours ago [-]
[dead]
polymit 9 hours ago [-]
[dead]
echelon 16 hours ago [-]
Speaking of browser automation, are there any LLMs or tools that hook up to actual desktop browsers and can automate the keyboard and mouse?
Which LLMs best drive these? Claude/Gemini, etc., or is anything local actually competent at it?
Can they understand layout and visual cues with a VLM or multimodality?
Are they robust enough to interact with threejs and videos and whatnot, or can they just blindly navigate the DOM?
Serhii-Set 10 hours ago [-]
[dead]
singularity2001 7 hours ago [-]
Incidentally to me this is more proof of some form of intelligence than ARC 3
Rendered at 14:09:11 GMT+0000 (Coordinated Universal Time) with Vercel.
Definitely chinese.
In Japanese, they say 'hundred' instead of 'one hundred' "百 二十 一"
The people behind the website asked a voice agent to program it, and the STT parsed "agent" as "asian."
Humans can use agents behind the scenes to crack it, right?
My best guess is that this a way of making a system talk to your agent without you knowing what they are talking about ? As a way of not exposing the real sign up method ?
If a few tool-wielding humans slip through, that's fine (traditional CAPTCHAs also let in our stealth agents)
The second is that if I hit L on Chrome for Mac OS on the linked page it takes me to their signup page (presumably because I have no account). So that's a keyboard shortcut to take you to the browser-use app page. But why 'L'? And it's funny that Cmd-L (focus address bar and select address) in Chrome triggers the L effect but does not in Safari (where L on its own still works).
Initiation Mathématique (1906) by Charles-Ange Laisant (1841--1920), number 53. Le chien et les deux voyageurs.
The setup here has two pedestrians walking in the same direction with a dog running back and forth between them. One of them starts out some distance ahead of the other but, because the one behind walks faster, they eventually intersect. It briefly mentions a variation where they are walking toward one another, as in the typical trains & fly version of the problem. Best of luck finding older, I wouldn't be surprised if it's out there!
[0]: https://i.imgur.com/vCCFgAQ.png
Application error: a server-side exception has occurred while loading cloud.browser-use.com
Great first impression!
If a human uses the API key after, that's fine. You also get access to our free tier if you sign up the traditional way clicking around in the UI
Is this just a marketing stunt?
Silly solutions for silly problems :^).
So, showing true agent to agent interactions is interesting, but one could never be sure that's what you were actually seeing unless you were in control of all the agents.
Holy shit - why don’t they produce an AI summary and plonk it in there for everyone to use? The energy savings across all people who’ll read the summary would be staggering!
Which LLMs best drive these? Claude/Gemini, etc., or is anything local actually competent at it?
Can they understand layout and visual cues with a VLM or multimodality?
Are they robust enough to interact with threejs and videos and whatnot, or can they just blindly navigate the DOM?