I don't really know what to tell you. This stuff does work extremely well, it's unambiguously the case. Google already use a software-only form of RA on the web and have done for years. It cut through spam like a knife through hot butter. They could already detect 10 years ago if a Python script was pretending to be Chrome, or if Chrome was pretending to be Firefox, or if IE was being driven by VBScripts or an IE WebView was embedded into apps that then manipulated the web page externally. No hardware chips or new web standards needed! But, the approach used is/was in the end just a neat hack, and it's guaranteed that spammers will eventually defeat it. Perhaps they already did. I guess there must be a reason why this proposal surfaces now, given the ideas aren't new.
> To make things worse, the closed nature made it more difficult for the victims to save evidence of the spam, scam.
I don't quite follow the logic here. Why wouldn't they be able to save evidence?