cross-posted from: https://lemmy.ml/post/47972724
i encountered this for the first time today while attempting to read something on archive.today.
i confirmed that decoding the qrcode using a computer and following the URL it contains is insufficient; the error it gave directed me here which is what the linked screenshot is of.
the old type of captcha remains available too, for now:
to prove you’re human, enter your credit card number
Nah. Block all fingerprinting. You don’t need any of this crap.
I got one of these. They had accessibility options so I just did the auditory one. It says a couple words, you write them out, and you’re done. Like hell am I using a Phone for this shit.
I still won’t order online from a store that won’t show me shipping cost without a full address and phone number. I’ll give them the zip code, that’s all they need, that’s all they get before I decide.
FWIW I’ve found passing it through my local SearxNG usually gives me a clean path to the content. But it’s seriously worrying that some of the blocked content is publically available science (e.g. PMC Bioinformatics). But that should not be necessary, at this point a search engine should be a public resource. Fuck Google.
Just another reason to not use Google.
LOL, fuck off. How about instead I move on to somewhere less hostile toward the user instead?
We are making side loading harder because scammers are using “these” tactics to install malware on your devices.
It’s totally fine when we use the same tactics to install malware on your device.
malware is bytecode Google didn’t approve of. when google spies on you, that’s just “legitimate interest”
Verifying you have a phone doesn’t verify that you’re human.
How so?
Android emulators exist and are usable by bots.
So they SS the QR code, scan it and continue?
May have to stream a video of the screen into a scanner app, but shouldn’t be difficult anyway.
One of the forms of digital ID in use in my country now has a new way to use it, which the government websites use now. You always needed a mobile device for this one anyway (phone holds the private keys and you have to enter the PIN 1 or PIN 2 depending on whether you’re authenticating or authorizing something), but it used to be that you could enter your ID code and get prompted for the PIN (with a verification number to make sure you’re responding to the prompt you think you’re responding to), now it’s either on-device from the default browser to the app, OR on desktop you have to scan a QR code that’s a moving target, it changes a couple of times a second so you couldn’t send a screenshot to someone else to scan. This is meant to prevent scams where someone gets you to just enter your PIN over a phone call.
I don’t know if the google thing is similar though or if it’s a static QR there.
-
Hype up AI.
-
Everyone starts scraping the internet to obtain training data for their AI.
-
To block the scrapers, countless sites implement stricter bot detection tools.
-
The owners of the bot detection tools now effectively hold all of the internet by its throat, deciding who can access what and extorting more and more data from you to verify you’re human.
Fucking genius.
- Crypto comes out of nowhere with a steel chair and now we have to pay websites for access.
You can always build more bot detection tools, right? Or am I wrong?
-
On the bright side, this means they are really worried that privacy practices such as those popular among the Lemmy crowd can make their surveillance expensive or maybe even impractical at scale, rather than profitable. I’m never sure if it’s working, with firmware and all. Almost a good sign? Am I deluded?
Fuck absolutely everything about this.
No malicious site would ever fake this kind of flow in order to get someone to scan a dangerous QR code. Nope, that would never happen.
It’s already happening. They tell you to scan a QR code that links to a website where they ask you to log in with your Google account (but it’s just a phishing page).
Good job Google!
Any website that chooses to use this service will simply not get my traffic. If enough people feel the same, those websites will lose clicks and eventually tell Google to pound sand.
Imagine the utter hubris on these fuckers to think that people will get a google device just to access a website.
Or to think that an average user sitting at home would run to another room to grab their phone so they can verify themselves on the desktop just to visit blackcougar.com
1 year later
Government website you have to use to pay your water bill: “Confirm you are a human…”
I either use my banking website or go into city hall clerks office to pay it in person. I’ve never once had to go to the actual government website. It’s an option, but not mandatory.
You want me to scan a QR code to log onto your fuckin’ website?!
I was wondering how long it would take for someone to get the reference. Its a pretty old episode.
