this post was submitted on 20 Jun 2026
421 points (99.5% liked)

Technology

85600 readers
4517 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 3 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
421
Only approved phones can pass Google’s new reCAPTCHA, locking out privacy-focused alternatives (cybernews.com)
submitted 20 hours ago by lemmydividebyzero@reddthat.com to c/technology@lemmy.world
52 comments fedilink hide all child comments
top 50 comments
sorted by: hot top controversial new old
[–] ziproot@lemmy.ml 35 points 6 hours ago (1 children)

This is a national security issue. A major corporation should not be able effectively impose a security ceiling by banning more secure operating systems (like GrapheneOS) due to it not making them money. Governments should pass regulations requiring any devices that meet certain security standards and support hardware attestation to be accepted by hardware attestation schemes. This will not pose an undue burden on businesses because you can easily add something like GrapheneOS to your scheme (https://grapheneos.org/articles/attestation-compatibility-guide), and even if it did, that doesn’t matter when national security is on the line.

Right now, it’s not as dire because you can still choose image or audio CAPTCHA, but I don’t know how long that will last, and getting the regulation out before the problem happens is better than after.

[–] Diurnambule@jlai.lu 3 points 5 hours ago

This look le ke illégal, I guess they will shutdown internet for a big par of the population. And they I'll discover than internet traffic is less than 10% human.

[–] greatwhitebuffalo41@slrpnk.net 3 points 4 hours ago

It's funny because my town just posted an article saying a bunch of people got scammed by fake ones already.

[–] Frenchgeek@lemmy.ml 9 points 6 hours ago (1 children)

Quick question: If Google doesn't want to own Android anymore, why don't they make it public domain instead of trying everything to kill it?

[–] end_stage_ligma@lemmy.world 10 points 4 hours ago

Because they'd rather own the public

[–] MrSulu@lemmy.ml 34 points 10 hours ago (1 children)

Monopoly or Duopoly. Either way, it's gotta be taken down.

[–] limer@lemmy.ml 4 points 7 hours ago (1 children)

It cannot be taken down unless there are many changes in several countries; however it will be quite the achievement to reform or have revolution in only one or two countries in the next generation.

The only hope in all this is that technology changes, and what Google has control over will be obsolete in a decade or more.

Cold comfort.

[–] A_Random_Idiot@lemmy.world 8 points 7 hours ago* (last edited 4 hours ago) (1 children)

Need another Roosevelt to come along and take an anti-monopoly hammer to these big companies and shatter them into pieces

[–] limer@lemmy.ml -2 points 6 hours ago

From my understanding, busting monopolies, without changing the underlying structures, only creates Oligopolies which coordinate together.

It’s going to take far more than that

[–] rob200@retrofed.com 5 points 7 hours ago

Is the recaptcha on Google search engine, apps, android os more than one? or is it strictly 3rd party websites?

[–] NM_Gringo@lemmy.world 29 points 13 hours ago (2 children)

I've started the transition away from Google. Sucks because, sometimes, it was really convenient. But now, screw 'em.

[–] roofuskit@lemmy.world 12 points 11 hours ago (1 children)

Convenience is how they get you. I have also been telling people for years that security and convenience are opposite ends of the same line. The closer you are to one the farther you are from the other.

[–] ADTJ@feddit.uk 13 points 10 hours ago (2 children)

~~Security~~ Privacy. They are distinct concepts.

For example, tokenised and biometrically authenticated transactions are more secure and more convenient than cash payments which are comparatively riskier, easier to forge, easier to steal etc.

However, this allows banks and payment providers to keep tabs on your transaction data, which cash does not.

Convenience and privacy are usually at opposite ends, security can come at either end depending on the medium.

[–] A_Random_Idiot@lemmy.world 2 points 7 hours ago* (last edited 7 hours ago) (1 children)

Biometrics are not more secure, because you can be forced to give it against your will.

Fingerprint? They can force your finger onto the scanner.

Eye scan/Face Scan? They can put you in a headlock and hold the phone infront of you.

You cant be manhandled into typing a password.

Biometic security is convenience, not security.

[–] ADTJ@feddit.uk 1 points 6 hours ago (1 children)

It is more secure.

It's much easier to steal cash than to force someone to unlock a device and make a payment, so yes it is more secure.

I didn't say 100% unbeatable.

[–] A_Random_Idiot@lemmy.world 0 points 6 hours ago* (last edited 6 hours ago) (1 children)

It’s much easier to steal cash than to force someone to unlock a device and make a payment, so yes it is more secure.

and with biometics, its not hard at all, you just force their finger onto the scanner/hold their camera infront of their face.. and hell they probably dont even have to be alive to do it, and you've got full access to do everything on their phone. instead of stealing 5 bucks out of their wallet, you've now got access to any and all banking shit on their phone.

[–] ADTJ@feddit.uk 1 points 6 hours ago (1 children)

Ok mate, I disagree but accept I'm not gonna convince you

[–] A_Random_Idiot@lemmy.world -1 points 4 hours ago* (last edited 2 hours ago)

I mean, you are disagreeing with facts.

Cause not only is if factually real, it has factually happened,

FBI kinda screwed up the case against one of the Jan6ers by forcing them to unlock their phone by forcing their thumb onto their phone. . Granted, it was appealed and the court declared it a violation of 5th amendment (which is great in general, even if it unfortunately helps a Jan6er).

and there have been numerous other instances of police and authorities have done the same thing, it was not an uncommon practice before that court ruling.. and to be honest, with how power abusive police are, its probably still not that uncommon.

So you can disagree all you want. but its happening every day. Biometrics are security theater, not actual security.

edit This isnt conservative media, downvoting doesnt make facts become unfacts, lol.

[–] frongt@lemmy.zip 3 points 8 hours ago (1 children)

Secure, convenient, private. Pick two.

[–] ramjambamalam@lemmy.ca 3 points 7 hours ago

Yep, which is also why paper ballots are still the de facto standard for democratic elections. Digital voting which is verifiable and yet anonymous is very difficult to get right, especially when it needs to be accessible enough for every citizen to understand.

[–] desmosthenes@lemmy.world 1 points 9 hours ago (1 children)

same I only use google authenticator - for now…

[–] ozymandias117@lemmy.world 4 points 8 hours ago (1 children)

Pretty sure that just implements HOTP/TOTP

You could replace it with FreeOTP

[–] Iceman1973@lemmy.world 6 points 8 hours ago (1 children)

Or Aegis. It works perfectly for me.

[–] ramjambamalam@lemmy.ca 2 points 8 hours ago

I have heard good things about Aegis as well, although I went with Ente myself.

[–] fizzle@quokk.au 68 points 16 hours ago (3 children)

I personally have definitely encountered the point where I'm just not going to do some things merely because of "the principle".

[–] EddoWagt@feddit.nl 3 points 8 hours ago

I don't even care about the inconvenience of doing everything myself, it just feels wrong to not be in control

[–] FlashMobOfOne@lemmy.world 12 points 13 hours ago

I like that, and feel similarly.

Like, great, you add that 'feature' to your product. I'm just not going to use it anymore.

[–] Bluescluestoothpaste@sh.itjust.works 2 points 14 hours ago (1 children)

I mean yeah we crossed that point like 30 years ago lmao

[–] fizzle@quokk.au 7 points 13 hours ago (1 children)

I think everyone has their own tolerance.

[–] Bo7a@piefed.ca 5 points 11 hours ago (1 children)

I once heard someone say that everyone draws a line in the Sand sometimes and most often that line is right in front of where you're standing.

Remembering that helps me to be more conscious about my implicit biases and where I draw those lines.

[–] fizzle@quokk.au 1 points 3 hours ago

My line has moved as I've matured.

[–] A_norny_mousse@piefed.zip 37 points 16 hours ago* (last edited 16 hours ago) (1 children)

People are so oblivious to this shit.

... OK, no, there's a slow dawning that online privacy is important for many reasons, but it never seems to translate into action. Probably largely because there's hardly any consumer alternatives. Employers have been renewing contracts with Big Tech for decades and can't be arsed to even think about changing their behavior.

They're still going to buy new surveillophones just to be able to log in again.

[–] atrielienz@lemmy.world 3 points 11 hours ago* (last edited 5 hours ago)

So, we have to convince people not of the "morality" of whatever action we want them to take, but the strategic importance of the action. To do that you have to have an action in mind and I see these two things as the stumbling block most people trip over on a lot of the time on most issues.

Once you have an aim to achieve and you have convinced people of its strategic importance, you just need them to stay on the same page and working in the same direction.

[–] osanna@lemmy.vg 107 points 19 hours ago (5 children)

Maybe this is the kick up the arse companies need to finally start using hCaptcha or even Anubis.

[–] TheNamlessGuy@lemmy.world 7 points 10 hours ago

Maybe it's the kick in the ass they need to just cut out captchas completely, since they do absolutely nothing to block bots.

[–] pHr34kY@lemmy.world 22 points 16 hours ago (1 children)

We've moved to Cloudflare's turnstile and it's significantly less obnoxious.

[–] Joeffect@lemmy.world 3 points 8 hours ago

Fuck cloudflare in general though...

[–] mustbe3to20signs@feddit.org 53 points 19 hours ago (2 children)

I hope so, but it could easily come the other way. "We are so used to/deeply integrated/in a close strategic partnership with Google therefore we rather lose 5 % of our customers that care about privacy and are a pain in the ass for our data-driven business."

[–] infeeeee@lemmy.zip 42 points 17 hours ago (1 children)

5% is huuuge overestimate. Maybe on a tech site or forum. On a regular website for the general public? Less than a rounding error. Remember, we are in a lemmy bubble

[–] mustbe3to20signs@feddit.org 9 points 16 hours ago

I know, it was largely exaggerated, but a smaller percentage makes the negative scenario drastically more realistic.

load more comments (1 replies)
[–] Jesus_666@lemmy.world 7 points 18 hours ago (1 children)

Please not hCaptcha. It's basically guaranteed to generate infinite loops.

[–] osanna@lemmy.vg 7 points 18 hours ago (1 children)

Can’t say I’ve come across that before

[–] Jesus_666@lemmy.world 5 points 17 hours ago (1 children)

It's almost every time for me. Maybe they don't like my ad blocker or my browser's privacy settings but it's rare for hCaptcha to let me through after three or four repetitions.

Usually I give up after ten because of it won't let me in by then it won't let me in after a hundred. I tried.

[–] FG_3479@lemmy.world 4 points 17 hours ago (1 children)

It should work if you use a Firefox based browser with tracking protection set to strict and resistFingerprinting disabled, then use Jshelter with the following settings.

  • Locally rendered images: Little lies
  • Locally generated audio: Little lies
  • WebAssembly speed-up: Enabled
  • Everything else including Fingerprint Detector disabled

Then visit fingerprint.com in a normal window, then visit it again in private mode with a VPN or with a dufferent server selected. You will see that the ID is different both times which proves that you're protected.

As for the adblocker, just use uBlock Origin with the Quick Fixes list disabled as it may shadowban YouTube comments because their bot protection is silent.

[–] Jesus_666@lemmy.world 15 points 16 hours ago

That is... a rather byzantine list of requirements to get a captcha service to work as opposed to just running a Firefox derivative with tracking protection on standard and a default-configuration uBO (which is the specific configuration that led to the 100 repetitions, not some kind of recommendation).

load more comments (1 replies)
[–] melsaskca@lemmy.ca 15 points 14 hours ago

The robots were about to kill me and my entire family when I said "Look! A stop sign!". They immediately recognized my superior intelligence and retreated. /s

[–] Lucidlethargy@sh.itjust.works 46 points 18 hours ago

Recaptcha has been trash for years now. Like, it either doesn't bock bots, or it blocks actual real people. Don't use it. Use turnstile.

[–] cmnybo@discuss.tchncs.de 29 points 19 hours ago (2 children)

Everyone needs to flood the web with fake reCAPTCHA QR codes that lead to something that looks malicious to the average person.

[–] TheGiantKorean@lemmy.today 3 points 11 hours ago

Send them to lemonparty

[–] elvith@feddit.org 7 points 15 hours ago

LOOKS malicious? Why not just BE malicious? That's way more lucrative if we're at that point.

Looking malicious just trains users that it's probably ok to do X on sketchy sites...

load more comments
view more: next ›