It's funny because my town just posted an article saying a bunch of people got scammed by fake ones already.
this post was submitted on 20 Jun 2026
398 points (99.5% liked)
Technology
85602 readers
3711 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 3 years ago
MODERATORS
Is the recaptcha on Google search engine, apps, android os more than one? or is it strictly 3rd party websites?
I've started the transition away from Google. Sucks because, sometimes, it was really convenient. But now, screw 'em.
Convenience is how they get you. I have also been telling people for years that security and convenience are opposite ends of the same line. The closer you are to one the farther you are from the other.
~~Security~~ Privacy. They are distinct concepts.
For example, tokenised and biometrically authenticated transactions are more secure and more convenient than cash payments which are comparatively riskier, easier to forge, easier to steal etc.
However, this allows banks and payment providers to keep tabs on your transaction data, which cash does not.
Convenience and privacy are usually at opposite ends, security can come at either end depending on the medium.
Biometrics are not more secure, because you can be forced to give it against your will.
Fingerprint? They can force your finger onto the scanner.
Eye scan/Face Scan? They can put you in a headlock and hold the phone infront of you.
You cant be manhandled into typing a password.
Biometic security is convenience, not security.
It is more secure.
It's much easier to steal cash than to force someone to unlock a device and make a payment, so yes it is more secure.
I didn't say 100% unbeatable.
It’s much easier to steal cash than to force someone to unlock a device and make a payment, so yes it is more secure.
and with biometics, its not hard at all, you just force their finger onto the scanner/hold their camera infront of their face.. and hell they probably dont even have to be alive to do it, and you've got full access to do everything on their phone. instead of stealing 5 bucks out of their wallet, you've now got access to any and all banking shit on their phone.
Ok mate, I disagree but accept I'm not gonna convince you
I mean, you are disagreeing with facts.
Cause not only is if factually real, it has factually happened,
FBI kinda screwed up the case against one of the Jan6ers by forcing them to unlock their phone by forcing their thumb onto their phone. . Granted, it was appealed and the court declared it a violation of 5th amendment (which is great in general, even if it unfortunately helps a Jan6er).
and there have been numerous other instances of police and authorities have done the same thing, it was not an uncommon practice before that court ruling.. and to be honest, with how power abusive police are, its probably still not that uncommon.
So you can disagree all you want. but its happening every day. Biometrics are security theater, not actual security.
Secure, convenient, private. Pick two.
Yep, which is also why paper ballots are still the de facto standard for democratic elections. Digital voting which is verifiable and yet anonymous is very difficult to get right, especially when it needs to be accessible enough for every citizen to understand.
same I only use google authenticator - for now…
Easy to replace with FOSS.
Pretty sure that just implements HOTP/TOTP
You could replace it with FreeOTP
Or Aegis. It works perfectly for me.
I have heard good things about Aegis as well, although I went with Ente myself.
I personally have definitely encountered the point where I'm just not going to do some things merely because of "the principle".
I don't even care about the inconvenience of doing everything myself, it just feels wrong to not be in control
I like that, and feel similarly.
Like, great, you add that 'feature' to your product. I'm just not going to use it anymore.
I mean yeah we crossed that point like 30 years ago lmao
I think everyone has their own tolerance.
I once heard someone say that everyone draws a line in the sand sometimes. And most often that line is right in front of where you're standing.
Remembering that helps me to be more conscious about my implicit biases and where I draw those lines.
My line has moved as I've matured.
The robots were about to kill me and my entire family when I said "Look! A stop sign!". They immediately recognized my superior intelligence and retreated. /s
People are so oblivious to this shit.
... OK, no, there's a slow dawning that online privacy is important for many reasons, but it never seems to translate into action. Probably largely because there's hardly any consumer alternatives. Employers have been renewing contracts with Big Tech for decades and can't be arsed to even think about changing their behavior.
They're still going to buy new surveillophones just to be able to log in again.
So, we have to convince people not of the "morality" of whatever action we want them to take, but the strategic importance of the action. To do that you have to have an action in mind and I see these two things as the stumbling block most people trip over on a lot of the time on most issues.
Once you have an aim to achieve and you have convinced people of its strategic importance, you just need them to stay on the same page and working in the same direction.
Maybe this is the kick up the arse companies need to finally start using hCaptcha or even Anubis.
Maybe it's the kick in the ass they need to just cut out captchas completely, since they do absolutely nothing to block bots.
We've moved to Cloudflare's turnstile and it's significantly less obnoxious.
Fuck cloudflare in general though...
I hope so, but it could easily come the other way. "We are so used to/deeply integrated/in a close strategic partnership with Google therefore we rather lose 5 % of our customers that care about privacy and are a pain in the ass for our data-driven business."
5% is huuuge overestimate. Maybe on a tech site or forum. On a regular website for the general public? Less than a rounding error. Remember, we are in a lemmy bubble
I know, it was largely exaggerated, but a smaller percentage makes the negative scenario drastically more realistic.
One can only hope. I know it likely won’t happen. But one has to have hope.
Please not hCaptcha. It's basically guaranteed to generate infinite loops.
Can’t say I’ve come across that before
It's almost every time for me. Maybe they don't like my ad blocker or my browser's privacy settings but it's rare for hCaptcha to let me through after three or four repetitions.
Usually I give up after ten because of it won't let me in by then it won't let me in after a hundred. I tried.
It should work if you use a Firefox based browser with tracking protection set to strict and resistFingerprinting disabled, then use Jshelter with the following settings.
- Locally rendered images: Little lies
- Locally generated audio: Little lies
- WebAssembly speed-up: Enabled
- Everything else including Fingerprint Detector disabled
Then visit fingerprint.com in a normal window, then visit it again in private mode with a VPN or with a dufferent server selected. You will see that the ID is different both times which proves that you're protected.
As for the adblocker, just use uBlock Origin with the Quick Fixes list disabled as it may shadowban YouTube comments because their bot protection is silent.
That is... a rather byzantine list of requirements to get a captcha service to work as opposed to just running a Firefox derivative with tracking protection on standard and a default-configuration uBO (which is the specific configuration that led to the 100 repetitions, not some kind of recommendation).
Yes just like they all actively support the Firefox browser...
Recaptcha has been trash for years now. Like, it either doesn't bock bots, or it blocks actual real people. Don't use it. Use turnstile.
Everyone needs to flood the web with fake reCAPTCHA QR codes that lead to something that looks malicious to the average person.
Send them to lemonparty
LOOKS malicious? Why not just BE malicious? That's way more lucrative if we're at that point.
Looking malicious just trains users that it's probably ok to do X on sketchy sites...