Privacy

48827 readers

814 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 6 years ago

MODERATORS

515

"Scan to Verify You're Human": Google's reCAPTCHA is trialing a new "experimental challenge type" which requires desktop users to use an Android or iOS device to be able to pass it (lemmy.ml)

submitted 2 days ago by cypherpunks@lemmy.ml to c/privacy@lemmy.ml

160 comments fedilink hide all child comments

cross-posted from: https://lemmy.ml/post/47972724

i encountered this for the first time today while attempting to read something on archive.today.

i confirmed that decoding the qrcode using a computer and following the URL it contains is insufficient; the error it gave directed me here which is what the linked screenshot is of.

the old type of captcha remains available too, for now:

you are viewing a single comment's thread
view the rest of the comments

[–] MrKoyun@lemmy.world 2 points 1 day ago (1 children)

I don't know much about this new captcha system, but I feel like the challenge wouldn't really be in the scanning of the qr code itself but more so on making the device you're scanning with seem legitimate. They could check usage patterns, what apps are installed, how many accounts are added and are they actively used, location and sensor data, are the hardware specifications really unusual, are they constantly trying to complete random captchas... Stuff like that to tell apart a real user's device from a bot or sandbox. The QR Code is probably just a random ID for which captcha instance the user is trying to pass.

Also I just realised this but this is probably inconvenient as hell. Like I do NOT want to constantly be picking up my phone to scan QR codes when I'm trying to go around the Internet. What if my phone is on the other side of the house? I don't want to get up and walk all the way over there! If this gets fully rolled out there may actually be a small dip on the amount of desktop users of websites because they just leave when they are hit wth this captcha instead of bothering to scan a code.

[–] HeHoXa@lemmy.zip 1 points 1 day ago

Heard. We have a QR 2auth system for one of my work domains, and I let out an exasperated sigh every time I realize I have to get my phone out