-
Google is making it mandatory to have Play Services for its next-generation reCAPTCHA system on Android.
-
Your phone will need to be running Play Services version 25.41.30 or greater when the system asks you to scan a QR code for verification.
-
This hurdle means that de-Googled phones will fail the verification test by default.
You must log in or register to comment.
- Skankhunt420@sh.itjust.worksEnglish2 hours
I was wondering how they would screw the new Motorola phones coming out since they couldn’t do the whole “factory operating system has been tampered with” mode of whining and being little bitches.
Glad to see their engineers came up with another way to fuck us! Thanks google!
4 hoursA push to undermine our freedom of choice of ROMs, services, and providers.
- daniskarma@lemmy.dbzer0.comEnglish5 hours
What stops a bot to just run an android emulator to scan any prompted qr?
This would only track if we read the small letter of the proposal. That this only work on android devices which have verified identify signed within their account. Meaning that android would require id verification, aka upload your id to google.
- zerofk@lemmy.zipEnglish7 hours
Wait wait wait. To prove you’re human you have to read something designed for computers to read?
- 8 hours
Would this pass in EU? Seems anti competition. Do we need another movement like atok chat control to mobilize people?
- WhoIzDisIz@lemmy.todayEnglish7 hours
It’s not just anti-competition, but anti-privacy - Google will know exactly who is going to what sites, regardless of your browser.
- ExLisper@lemmy.curiana.netEnglish7 hours
At that point, reCAPTCHA will forgo the old image puzzles and require you to scan a QR code with your smartphone to prove you’re human.
What is that supposed to mean? What QR code? Just any? I’m supposed to find some QR code laying around and scan it? Or will the webpage display a QR and I’m supposed to scan it with my phone using a mirror or something?
- luciferofastora@feddit.orgEnglish7 hours
The example image I saw was of a page opened on a laptop, which prompted you to scan with a phone. If you don’t have a (compatible) phone, I’m curious how that would go.
- ExLisper@lemmy.curiana.netEnglish7 hours
Oh, I thought they are talking about browsing on their phones.
That still makes very little sense. What if someone has an iPhone? What if I am browsing on my phone? What if I don’t have my phone near me? This sounds like some optional, extreme case feature. Like when they are pretty much sure you’re a bot but the website optionally gives you last one chance to prove you’re not instead of just rejecting your request.
- luciferofastora@feddit.orgEnglish6 hours
What if someone has an iPhone?
Per https://support.google.com/recaptcha/answer/16609652
Supported Environments for reCAPTCHA Mobile Verification:
-
Android Devices:
- Google Play Services version 25.41.30 or greater.
- To verify Google Play Services version on an Android device, open Settings > Apps > All Apps > Google Play Services
-
iOS/iPadOS devices for QR Code Scan:
- Version 15.0 or greater.
-
iOS/iPadOS devices for “Click to Verify” Button:
- Version 16.4 or greater.
- Version 15.0-16.4 with the reCAPTCHA app installed.
What if I am browsing on my phone?
I’m not seeing anything related to that specifically, but I imagine a (supported) mobile browser will be able to interface with Play Services directly and not need a QR code challenge.
If you use an unsupported browser, I think we can both guess what’s gonna happen. As for what browsers are supported:
Browser requirements for reCAPTCHA
We support the two most recent major versions of the following:
- desktop (Windows, Linux, Mac) - Chrome - Firefox - Safari - Chromium Edge
- mobile
- Chrome
- Safari
- Android native browser
Guess if you’re using Firefox mobile, you’re fucked - plz switch to Chrome, thank you and welcome to our digital
prisonsaferoom!What if I don’t have my phone near me?
You mean you don’t carry our surveillance device with you 23/7 (we’ll give you an hour for sleep)?
I’m somehow reminded of that mobile Diablo announcement and the surprised response “Don’t you guys have phones?”
This sounds like some optional, extreme case feature. Like when they are pretty much sure you’re a bot but the website optionally gives you last one chance to prove you’re not instead of just rejecting your request.
The stated goal is to fight fraudulent agentic AI: “As we identify potentially fraudulent behavior from agents, we enable application providers to deter and mitigate malicious requests by requesting humans to be in the loop using the new QR code-based challenge.”
So they’d do this when they suspect the thing interacting with the page is not a human, but expects a human to be involved with the process. How exactly that “potentially fraudulent behavior” would be detected is a different question and I have absolutely zero faith that it will fulfill its mission dutifully and without collateral damage. But then, if you’re compliant with their requirements, that collateral damage is negligible. They made sure that the
prisonsaferoom is really comfy.- ExLisper@lemmy.curiana.netEnglish6 hours
Thanks for checking. That clarifies things a lot.
I guess we’re fucked. reCaptcha is not used for visiting websites but for registering or submitting form. I can think of couple of cases where I’m required to complete captcha for online shopping or, ever worse, for work. Step by step they will force us all to either use approved devices or be locked out of big parts of the internet.
This is of course thanks to all the people shitting on Firefox over the years and saying that Chrome is just better and that there’s nothing wrong with giving Google control over the web. So yeah, thanks.
- luciferofastora@feddit.orgEnglish5 hours
I had unsolvable captcha for Github once. Fuck ne, I guess. I just wanted to contribute something, but whatever.
Step by step they will force us all to either use approved devices or be locked out of big parts of the internet.
there’s nothing wrong with giving Google control over the web
To quote a song about a “Fairytale of Doom”:
Blinded by gold and blinded by diamonds
I let you chain me in silk
You told me lies, I drowned in your eyes
And in all those castles you builtSilver the treasure and gold in the cages
Nothing was quite as it seemed
And when I realized, you turned the key and
I saw your eyes full of greed
It was too late when I screamedI try to stay optimistic that this won’t be tenable. Giving in to despair makes it harder to muster the will to resist. But I won’t deny it’s getting tougher.
-
- Etterra@discuss.onlineEnglish6 hours
They’ll mail you one. Can’t use the Internet without a physical interface. Don’t worry though, you won’t need a CD ROM for this one.
This is awesome news for scammers:
- Fake page will say “you need to scan this qr code to verify you’re human”
- Users normally dismisses this shit, but it has become normal nowadays, take out the phone to scan it
- Qr code opens a page on totallynotascam.com that say “you need to install this totally safe APK on your device for verification 😉”
- APK passes the new useless developer “verification” as the scammer either used a hacked dev account or just paid $25 with a stolen id + stolen credit card
- User see the message “APK verified by Google play protect” and would totally believe the bullshit, giving all the possible permissions to the app
- SaharaMaleikuhm@feddit.orgEnglish8 hours
I think I will just install Ubuntu Touch on my phones in a few months. Feels like it’s just time to abandon ship.
I would never scan a qr code to verify that I’m not a bot. I’d simply close the page
- ryan_@piefed.socialEnglish10 hours
Surely this would be nearly impossible for visually impaired people, which makes me question the ability for governments to implement this on their websites.
I know about screen reader software for visual impairment, but to expect a blind person use a separate device with a camera to take a “photo” of a QR code on another screen is beyond comprehension. Well, at least it would be in the normal timeline.
I guess I’ll have to switch to a dumb phone out of spite now.
Yeah, don’t use Google. We will dwell in an alternative Web and soon it really will be illegal…
- ptu@sopuli.xyzEnglish7 hours
I completely missed how Chrome took the market in 2010-2020. I thought everyone understood why it should be avoided, but here we are.
- WhoIzDisIz@lemmy.todayEnglish7 hours
Everyone with a technically inclined, logical, forward-thinking brain did. Unfortunately, that probably at best describes no more than roughly 10-15% of people.
- eekrano@lemmy.worldEnglish11 hours
This requirement will kick in the moment the system suspects suspicious activity. At that point, reCAPTCHA will forgo the old image puzzles and require you to scan a QR code with your smartphone to prove you’re human. Although this will stop an autonomous bot in its tracks, it also adds another step to verification. But the problem runs a little deeper than the annoyance of a single additional step.
I didn’t see what the spec of this new recaptcha is but my first thought is an android emulator and a free google account combined with whatever bot/LLM wants to pass through is probably going to be what happens.
And as we all know, they’re going to say that not using a Genuine™ Android® Operating System is extremely suspicious.
