[homakov]

> I did read it.

So what do you think about clickjacking issue? I made an assumption about their algo and maybe I'm wrong and they do track your mouse, but there's exploitable weakness. My post is 1) your algo seems simple 2) here's a bug in it.

[yhlasx]

The curious thing is, I could not replicate the clickjacking issue. Everytime I make a click on original wordpress registration page, I am verified as a human immediately.

If I do the click on your github page, I get a challenge. My clicks were never accepted as human on your github page. My clicks were always accepted as human on wordpress page.

[homakov]

No incognito tab? Maybe they fixed it

[homakov]

yes they fixed it but i don't know how. Likely there's a way to bypass.