4 hoursThis happens on Linux via Edge Suite.
They block my ability to use quite a few websites. I’ve tried changing my user agent amongst many other solutions but it never works. My IP is not blacklisted.
I GUESS YOU DIDNT WANT ME TO BUY ANYTHING ON YOUR GODDAMN SITE ANYWAY.
- ziproot@lemmy.mlEnglish22 hours
This is a national security issue. A major corporation should not be able effectively impose a security ceiling by banning more secure operating systems (like GrapheneOS) due to it not making them money. Governments should pass regulations requiring any devices that meet certain security standards and support hardware attestation to be accepted by hardware attestation schemes. This will not pose an undue burden on businesses because you can easily add something like GrapheneOS to your scheme (https://grapheneos.org/articles/attestation-compatibility-guide), and even if it did, that doesn’t matter when national security is on the line.
Right now, it’s not as dire because you can still choose image or audio CAPTCHA, but I don’t know how long that will last, and getting the regulation out before the problem happens is better than after.
- Jason2357@lemmy.caEnglish4 hours
The whole “regulation is bad” scheme was bought and paid for with billions of dollars spent a small number of people who could make tens of billions by conducting their business without concern for the damage (economic externalities) they do. Its a transparent history and obvious on its face.
And yet so many average people go online and parrot it back, drinking the coolaid and passing it along.
- luciferofastora@feddit.orgEnglish11 hours
getting the regulation out before the problem happens is better than after
There’s this weird effect where preventing a disaster is often invisible, sometimes looks detrimental or a waste of time; but responding to a problem and solving it is visible and will get you acclaim. That creates a cynical incentive to let a problem become visible before combating it so as to avoid the Kassandra effect where nobody believes you until it happens.
- Diurnambule@jlai.luEnglish21 hours
This look le ke illégal, I guess they will shutdown internet for a big par of the population. And they I’ll discover than internet traffic is less than 10% human.
- Frenchgeek@lemmy.mlEnglish22 hours
Quick question: If Google doesn’t want to own Android anymore, why don’t they make it public domain instead of trying everything to kill it?
They want Android very much and all the data that goes with it.
They don’t want you to use Android in a way that doesn’t let them harvest your data.
- BigJohnnyHines@lemmy.caEnglish3 hours
This. It’s shocking how many people in tech circles still see Google as anything other than a data harvester for ads.
- Jason2357@lemmy.caEnglish4 hours
What makes you think they want to kill it? I think they regret choosing GPL software to base it on, and dgaf about the small segment of people who use forks, except to worry that one of them might take off with an OEM and regular people.
- limer@lemmy.mlEnglish24 hours
It cannot be taken down unless there are many changes in several countries; however it will be quite the achievement to reform or have revolution in only one or two countries in the next generation.
The only hope in all this is that technology changes, and what Google has control over will be obsolete in a decade or more.
Cold comfort.
Need another Roosevelt to come along and take an anti-monopoly hammer to these big companies and shatter them into pieces
- limer@lemmy.mlEnglish23 hours
From my understanding, busting monopolies, without changing the underlying structures, only creates Oligopolies which coordinate together.
It’s going to take far more than that
- NM_Gringo@lemmy.worldEnglish1 day
I’ve started the transition away from Google. Sucks because, sometimes, it was really convenient. But now, screw 'em.
Convenience is how they get you. I have also been telling people for years that security and convenience are opposite ends of the same line. The closer you are to one the farther you are from the other.
- ADTJ@feddit.ukEnglish1 day
SecurityPrivacy. They are distinct concepts.For example, tokenised and biometrically authenticated transactions are more secure and more convenient than cash payments which are comparatively riskier, easier to forge, easier to steal etc.
However, this allows banks and payment providers to keep tabs on your transaction data, which cash does not.
Convenience and privacy are usually at opposite ends, security can come at either end depending on the medium.
- kaidenshi@lemmy.worldEnglish5 hours
Cash is only “less convenient” for the banks and businesses that would prefer to track you. A cashless society is a society fully stripped of privacy, a society where poor people are guaranteed to stay poor, and where only the rich can afford privacy and security.
- ADTJ@feddit.ukEnglish4 hours
That’s my point.
Regularly going to ATMs / banks is demonstrably less convenient for both consumers and businesses and safeguarding the cash presents a security risk, especially for small businesses.
But the alternative of digital payments comes at a huge cost to privacy.
Biometrics are not more secure, because you can be forced to give it against your will.
Fingerprint? They can force your finger onto the scanner.
Eye scan/Face Scan? They can put you in a headlock and hold the phone infront of you.
You cant be manhandled into typing a password.
Biometic security is convenience, not security.
- ADTJ@feddit.ukEnglish23 hours
It is more secure.
It’s much easier to steal cash than to force someone to unlock a device and make a payment, so yes it is more secure.
I didn’t say 100% unbeatable.
It’s much easier to steal cash than to force someone to unlock a device and make a payment, so yes it is more secure.
and with biometics, its not hard at all, you just force their finger onto the scanner/hold their camera infront of their face… and hell they probably dont even have to be alive to do it, and you’ve got full access to do everything on their phone. instead of stealing 5 bucks out of their wallet, you’ve now got access to any and all banking shit on their phone.
I mean, you are disagreeing with facts.
Cause not only is if factually real, it has factually happened,
FBI kinda screwed up the case against one of the Jan6ers by forcing them to unlock their phone by forcing their thumb onto their phone. . Granted, it was appealed and the court declared it a violation of 5th amendment (which is great in general, even if it unfortunately helps a Jan6er).
and there have been numerous other instances of police and authorities have done the same thing, it was not an uncommon practice before that court ruling… and to be honest, with how power abusive police are, its probably still not that uncommon.
So you can disagree all you want. but its happening every day. Biometrics are security theater, not actual security.
edit This isnt conservative media, downvoting doesnt make facts become unfacts, lol.
This is why the up/downvote systems are so toxic and ruin human interaction. It allows people to carve out their own imaginary realities/echochambers, by “punishing” things they don’t like and pushing them down, so they don’t have to see them anymore… And once you hit a critical mass, people just stop even reading and thinking and just join in on the group think with blind downvotes.
This gamification is ruining human social ability and creating people who don’t have the basic means of self control to deal with being wrong, or with contrary opinions, or anything.
- ramjambamalam@lemmy.caEnglish1 day
Yep, which is also why paper ballots are still the de facto standard for democratic elections. Digital voting which is verifiable and yet anonymous is very difficult to get right, especially when it needs to be accessible enough for every citizen to understand.
- ozymandias117@lemmy.worldEnglish1 day
Pretty sure that just implements HOTP/TOTP
You could replace it with FreeOTP
- ramjambamalam@lemmy.caEnglish1 day
I have heard good things about Aegis as well, although I went with Ente myself.
- fizzle@quokk.auEnglish1 day
I personally have definitely encountered the point where I’m just not going to do some things merely because of “the principle”.
- FlashMobOfOne@lemmy.worldEnglish1 day
I like that, and feel similarly.
Like, great, you add that ‘feature’ to your product. I’m just not going to use it anymore.
- EddoWagt@feddit.nlEnglish1 day
I don’t even care about the inconvenience of doing everything myself, it just feels wrong to not be in control
- 1 day
I mean yeah we crossed that point like 30 years ago lmao
I once heard someone say that everyone draws a line in the sand sometimes. And most often that line is right in front of where you’re standing.
Remembering that helps me to be more conscious about my implicit biases and where I draw those lines.
- osanna@lemmy.vgEnglish1 day
Maybe this is the kick up the arse companies need to finally start using hCaptcha or even Anubis.
Maybe it’s the kick in the ass they need to just cut out captchas completely, since they do absolutely nothing to block bots.
- Jako302@feddit.orgEnglish3 hours
They do though. The point of captchas isn’t to block all bots, that’s never going to happen. They are there to block the low effort bot army that’s rampaging across the internet which is effectively a DDOS stack on smaller servers.
Big AI companies throw petabytes of Data into their models. Instead of crawling and saving it once, they just index each site worth using and scrap the data each time they train a model. As a server owner you either block the scrappers with a captcha or you blanked ban IP ranges that are known for scraping.
Sure, they may block the most basic of basic bots. But for most languages in which bots are made, there are ready-made libraries for captcha solving that are essentially plug-and-play. To move from “basic” to “makes captcha useless” is an install and about 2 lines of code.
Given that, I highly doubt it blocks bots as effectively as it blocks actual users.
AFAIK all captcha is good for these days is training data.
- mustbe3to20signs@feddit.orgEnglish1 day
I hope so, but it could easily come the other way. “We are so used to/deeply integrated/in a close strategic partnership with Google therefore we rather lose 5 % of our customers that care about privacy and are a pain in the ass for our data-driven business.”
- infeeeee@lemmy.zipEnglish1 day
5% is huuuge overestimate. Maybe on a tech site or forum. On a regular website for the general public? Less than a rounding error. Remember, we are in a lemmy bubble
- mustbe3to20signs@feddit.orgEnglish1 day
I know, it was largely exaggerated, but a smaller percentage makes the negative scenario drastically more realistic.
- osanna@lemmy.vgEnglish1 day
One can only hope. I know it likely won’t happen. But one has to have hope.
- pHr34kY@lemmy.worldEnglish1 day
We’ve moved to Cloudflare’s turnstile and it’s significantly less obnoxious.
- prole@lemmy.blahaj.zoneEnglish6 hours
Unless you use a VPN and run any kind of script blocker like noscript or uBlock Origin’s medium or hard modes.
So fucking obnoxious.
Yup. I’ve had to add exceptions to my VPN for this reason. Mainly food/grocery delivery sites for some reason
- Jesus_666@lemmy.worldEnglish1 day
Please not hCaptcha. It’s basically guaranteed to generate infinite loops.
- Jesus_666@lemmy.worldEnglish1 day
It’s almost every time for me. Maybe they don’t like my ad blocker or my browser’s privacy settings but it’s rare for hCaptcha to let me through after three or four repetitions.
Usually I give up after ten because of it won’t let me in by then it won’t let me in after a hundred. I tried.
- FG_3479@lemmy.worldEnglish1 day
It should work if you use a Firefox based browser with tracking protection set to strict and resistFingerprinting disabled, then use Jshelter with the following settings.
- Locally rendered images: Little lies
- Locally generated audio: Little lies
- WebAssembly speed-up: Enabled
- Everything else including Fingerprint Detector disabled
Then visit fingerprint.com in a normal window, then visit it again in private mode with a VPN or with a dufferent server selected. You will see that the ID is different both times which proves that you’re protected.
As for the adblocker, just use uBlock Origin with the Quick Fixes list disabled as it may shadowban YouTube comments because their bot protection is silent.
- Jesus_666@lemmy.worldEnglish1 day
That is… a rather byzantine list of requirements to get a captcha service to work as opposed to just running a Firefox derivative with tracking protection on standard and a default-configuration uBO (which is the specific configuration that led to the 100 repetitions, not some kind of recommendation).
- FG_3479@lemmy.worldEnglish7 hours
A standard Firefox is not private and is easily fingerprintable. Those settings give you good privacy but won’'t make most captchas fail.
- Jesus_666@lemmy.worldEnglish5 hours
I am perfectly aware that these settings aren’t very private and I usually run something a bit tighter. My point was that even a mostly vanilla setup couldn’t get past hCaptcha.
- 21 hours
It’s funny because my town just posted an article saying a bunch of people got scammed by fake ones already.
People are so oblivious to this shit.
… OK, no, there’s a slow dawning that online privacy is important for many reasons, but it never seems to translate into action. Probably largely because there’s hardly any consumer alternatives. Employers have been renewing contracts with Big Tech for decades and can’t be arsed to even think about changing their behavior.
- atrielienz@lemmy.worldEnglish22 hours
So, we have to convince people not of the “morality” of whatever action we want them to take, but the strategic importance of the action. To do that you have to have an action in mind and I see these two things as the stumbling block most people trip over on a lot of the time on most issues.
Once you have an aim to achieve and you have convinced people of its strategic importance, you just need them to stay on the same page and working in the same direction.
- 1 day
Recaptcha has been trash for years now. Like, it either doesn’t bock bots, or it blocks actual real people. Don’t use it. Use turnstile.
turnstile
Haven’t heard of it before, looks to be made by Cloudflare. Cloudflare don’t seem to be a totally awful company, but that’s always just one CEO-change away.
Their web site sounds promising, saying “Turnstile can generate multiple types of non-intrusive challenges to verify users are human, all without showing visitors a puzzle.” and “Unlike CAPTCHA options, Turnstile never harvests data for ad retargeting.”
So how do they make money from this?
Is the recaptcha on Google search engine, apps, android os more than one? or is it strictly 3rd party websites?
- melsaskca@lemmy.caEnglish1 day
The robots were about to kill me and my entire family when I said “Look! A stop sign!”. They immediately recognized my superior intelligence and retreated. /s
- cmnybo@discuss.tchncs.deEnglish1 day
Everyone needs to flood the web with fake reCAPTCHA QR codes that lead to something that looks malicious to the average person.
- Elvith Ma'for@feddit.orgEnglish1 day
LOOKS malicious? Why not just BE malicious? That’s way more lucrative if we’re at that point.
Looking malicious just trains users that it’s probably ok to do X on sketchy sites…
- 1 day
