- ziproot@lemmy.mlEnglish11 days
This is a national security issue. A major corporation should not be able effectively impose a security ceiling by banning more secure operating systems (like GrapheneOS) due to it not making them money. Governments should pass regulations requiring any devices that meet certain security standards and support hardware attestation to be accepted by hardware attestation schemes. This will not pose an undue burden on businesses because you can easily add something like GrapheneOS to your scheme (https://grapheneos.org/articles/attestation-compatibility-guide), and even if it did, that doesn’t matter when national security is on the line.
Right now, it’s not as dire because you can still choose image or audio CAPTCHA, but I don’t know how long that will last, and getting the regulation out before the problem happens is better than after.
- Jason2357@lemmy.caEnglish10 days
The whole “regulation is bad” scheme was bought and paid for with billions of dollars spent a small number of people who could make tens of billions by conducting their business without concern for the damage (economic externalities) they do. Its a transparent history and obvious on its face.
And yet so many average people go online and parrot it back, drinking the coolaid and passing it along.
- luciferofastora@feddit.orgEnglish11 days
getting the regulation out before the problem happens is better than after
There’s this weird effect where preventing a disaster is often invisible, sometimes looks detrimental or a waste of time; but responding to a problem and solving it is visible and will get you acclaim. That creates a cynical incentive to let a problem become visible before combating it so as to avoid the Kassandra effect where nobody believes you until it happens.
- fizzle@quokk.auEnglish12 days
I personally have definitely encountered the point where I’m just not going to do some things merely because of “the principle”.
- FlashMobOfOne@lemmy.worldEnglish11 days
I like that, and feel similarly.
Like, great, you add that ‘feature’ to your product. I’m just not going to use it anymore.
- 11 days
I mean yeah we crossed that point like 30 years ago lmao
w3dd1e@lemmy.zipEnglish
10 daysThis happens on Linux via Edge Suite.
They block my ability to use quite a few websites. I’ve tried changing my user agent amongst many other solutions but it never works. My IP is not blacklisted.
I GUESS YOU DIDNT WANT ME TO BUY ANYTHING ON YOUR GODDAMN SITE ANYWAY.
- osanna@lemmy.vgEnglish12 days
Maybe this is the kick up the arse companies need to finally start using hCaptcha or even Anubis.
- mustbe3to20signs@feddit.orgEnglish12 days
I hope so, but it could easily come the other way. “We are so used to/deeply integrated/in a close strategic partnership with Google therefore we rather lose 5 % of our customers that care about privacy and are a pain in the ass for our data-driven business.”
- infeeeee@lemmy.zipEnglish12 days
5% is huuuge overestimate. Maybe on a tech site or forum. On a regular website for the general public? Less than a rounding error. Remember, we are in a lemmy bubble
- Jesus_666@lemmy.worldEnglish12 days
Please not hCaptcha. It’s basically guaranteed to generate infinite loops.
- Jesus_666@lemmy.worldEnglish12 days
It’s almost every time for me. Maybe they don’t like my ad blocker or my browser’s privacy settings but it’s rare for hCaptcha to let me through after three or four repetitions.
Usually I give up after ten because of it won’t let me in by then it won’t let me in after a hundred. I tried.
- FG_3479@lemmy.worldEnglish12 days
It should work if you use a Firefox based browser with tracking protection set to strict and resistFingerprinting disabled, then use Jshelter with the following settings.
- Locally rendered images: Little lies
- Locally generated audio: Little lies
- WebAssembly speed-up: Enabled
- Everything else including Fingerprint Detector disabled
Then visit fingerprint.com in a normal window, then visit it again in private mode with a VPN or with a dufferent server selected. You will see that the ID is different both times which proves that you’re protected.
As for the adblocker, just use uBlock Origin with the Quick Fixes list disabled as it may shadowban YouTube comments because their bot protection is silent.
- Jesus_666@lemmy.worldEnglish12 days
That is… a rather byzantine list of requirements to get a captcha service to work as opposed to just running a Firefox derivative with tracking protection on standard and a default-configuration uBO (which is the specific configuration that led to the 100 repetitions, not some kind of recommendation).
- FG_3479@lemmy.worldEnglish10 days
A standard Firefox is not private and is easily fingerprintable. Those settings give you good privacy but won’'t make most captchas fail.
- Jesus_666@lemmy.worldEnglish10 days
I am perfectly aware that these settings aren’t very private and I usually run something a bit tighter. My point was that even a mostly vanilla setup couldn’t get past hCaptcha.
- pHr34kY@lemmy.worldEnglish12 days
We’ve moved to Cloudflare’s turnstile and it’s significantly less obnoxious.
- prole@lemmy.blahaj.zoneEnglish10 days
Unless you use a VPN and run any kind of script blocker like noscript or uBlock Origin’s medium or hard modes.
So fucking obnoxious.
- NM_Gringo@lemmy.worldEnglish11 days
I’ve started the transition away from Google. Sucks because, sometimes, it was really convenient. But now, screw 'em.
roofuskit@lemmy.worldEnglish
11 daysConvenience is how they get you. I have also been telling people for years that security and convenience are opposite ends of the same line. The closer you are to one the farther you are from the other.
- 11 days
It’s funny because my town just posted an article saying a bunch of people got scammed by fake ones already.
- melsaskca@lemmy.caEnglish11 days
The robots were about to kill me and my entire family when I said “Look! A stop sign!”. They immediately recognized my superior intelligence and retreated. /s
- 12 days
Recaptcha has been trash for years now. Like, it either doesn’t bock bots, or it blocks actual real people. Don’t use it. Use turnstile.
MouldyCat@feddit.ukEnglish
10 daysturnstile
Haven’t heard of it before, looks to be made by Cloudflare. Cloudflare don’t seem to be a totally awful company, but that’s always just one CEO-change away.
Their web site sounds promising, saying “Turnstile can generate multiple types of non-intrusive challenges to verify users are human, all without showing visitors a puzzle.” and “Unlike CAPTCHA options, Turnstile never harvests data for ad retargeting.”
So how do they make money from this?
- ne0phyte@feddit.orgEnglish10 days
It’s right on the page you linked? You have to pay for it.
Free tier says it’s cloudflare branded and only recommended for small hobby projects.
- cmnybo@discuss.tchncs.deEnglish12 days
Everyone needs to flood the web with fake reCAPTCHA QR codes that lead to something that looks malicious to the average person.
- Elvith Ma'for@feddit.orgEnglish11 days
LOOKS malicious? Why not just BE malicious? That’s way more lucrative if we’re at that point.
Looking malicious just trains users that it’s probably ok to do X on sketchy sites…
A_norny_mousse@piefed.zipEnglish
12 daysPeople are so oblivious to this shit.
… OK, no, there’s a slow dawning that online privacy is important for many reasons, but it never seems to translate into action. Probably largely because there’s hardly any consumer alternatives. Employers have been renewing contracts with Big Tech for decades and can’t be arsed to even think about changing their behavior.
They’re still going to buy new surveillophones just to be able to log in again.
- Frenchgeek@lemmy.mlEnglish11 days
Quick question: If Google doesn’t want to own Android anymore, why don’t they make it public domain instead of trying everything to kill it?
w3dd1e@lemmy.zipEnglish
10 daysThey want Android very much and all the data that goes with it.
They don’t want you to use Android in a way that doesn’t let them harvest your data.






