I'm curious if ToS's have ever been legally useful. I've heard cases where they've been thrown out and disregarded by courts when they conflict with (the judge's interpretation of) the common law, but never the other way around.
Not sure. Just to be safe, by not clicking "disagree" they agree to my ToS, which include an invalidation of previous ToS to which I might have agreed.
I switched to hCaptcha on my home-grown blog comments. It was a drop-in replacement — they obviously have an incentive to make switching as easy as possible
> A good start to this would be making the code FOSS, and allowing webmasters to self host it, rather than relying on Google’s black box proprietary cloud services.
Clearly, this could never work. You'd be giving the bot makers a clear and testable recipe for bot detection.
It's actually really hard to look exactly like Chrome... Did your bot-browser return exactly the same error message as Chrome does when compiling corrupted webassembly? Detected!
Yes, but considering a recaptcha only takes ~1 second of computation time, I wouldn't think it's cost prohibitive... Botters could just spin up more workers.
Real chrome has telltale signs when selenium is connected. For example, garbage collections happen more frequently when requestAninationFrame is called. There is also an extra startup delay for service processes while selenium is given an opportunity to connect (service workers). Built in extensions (like Google Cast) also behave differently.
I try to browse with JavaScript off by default and a lot of sites just don't load anymore - and I'm not speaking of SPAs here. Anything Cloudflare had a 50/50 chance of throwing me a "please enable JavaScript to continue" error, and when it doesn't happen, anything that looks like an email address is filtered out.
And even if I do enable JavaScript wholesale, website isolation means that reCaptcha thinks I'm an evil bot because I don't allow it to see my activities elsewhere.
I had set up disabled fingerprinting, disabled fingerprinting via WebGL, website containers, a whole bunch of other stuff I cannot remember the name of in the Firefox preference list (you'll see why) in an effort to maximise browsing privacy and the result was I spent probably 30 minutes a day filling in reCaptchas; probably 2 or 3 panels per form -- and the ultra annoying slowly-fade-out kind.
hCaptcha was a lot less annoying for websites that used it but the end result was still a grotesque addition of friction to my browsing experience. I ended up resetting Firefox back to the defaults to un-set all those options I made a list of.
That's not a comment on Firefox of course; the sad state of the web currently is that in order to prove we're not a bot we seemingly have to give up our privacy (via relentless fingerprinting) OR your time (through hugely wasteful reCaptcha, and to a lesser extent hCaptcha fills).
As a webmaster you have no choice but to optimize for Chrome and Google search and to use Google ads nowadays. But do you really have to integrate Google Captcha? I can see no reason why people can't use alternatives or implement their own (I hardly know much about the subject though - you are very welcome to reveal such a reason).
22 comments
[ 3.2 ms ] story [ 51.9 ms ] threadThere is no way this is legally binding right? Please?
Clearly, this could never work. You'd be giving the bot makers a clear and testable recipe for bot detection.
https://github.com/dessant/buster
Bonus: recaptcha is explicitly whitelisted[1][2] by most filter lists, so even using "tracking protection"/ad blocker isn't going to save you.
[1] https://github.com/easylist/easylist/blob/1fe73f353dce3e3eae...
[2] https://github.com/AdguardTeam/AdguardFilters/blob/43146e949...
Are the bot makers that dumb? Don't they set user agent to Chrome, disable all forms of protection and stuff?
And even if I do enable JavaScript wholesale, website isolation means that reCaptcha thinks I'm an evil bot because I don't allow it to see my activities elsewhere.
hCaptcha was a lot less annoying for websites that used it but the end result was still a grotesque addition of friction to my browsing experience. I ended up resetting Firefox back to the defaults to un-set all those options I made a list of.
That's not a comment on Firefox of course; the sad state of the web currently is that in order to prove we're not a bot we seemingly have to give up our privacy (via relentless fingerprinting) OR your time (through hugely wasteful reCaptcha, and to a lesser extent hCaptcha fills).
Obviously.
> and free labour for image recognition
Why?