-
Google is making it mandatory to have Play Services for its next-generation reCAPTCHA system on Android.
-
Your phone will need to be running Play Services version 25.41.30 or greater when the system asks you to scan a QR code for verification.
-
This hurdle means that de-Googled phones will fail the verification test by default.
This is awesome news for scammers:
- Fake page will say “you need to scan this qr code to verify you’re human”
- Users normally dismisses this shit, but it has become normal nowadays, take out the phone to scan it
- Qr code opens a page on totallynotascam.com that say “you need to install this totally safe APK on your device for verification 😉”
- APK passes the new useless developer “verification” as the scammer either used a hacked dev account or just paid $25 with a stolen id + stolen credit card
- User see the message “APK verified by Google play protect” and would totally believe the bullshit, giving all the possible permissions to the app
Yeah, don’t use Google. We will dwell in an alternative Web and soon it really will be illegal…
I would never scan a qr code to verify that I’m not a bot. I’d simply close the page
cool. guess I won’t be using any of the things that use it.
🤷 oh well.
This requirement will kick in the moment the system suspects suspicious activity. At that point, reCAPTCHA will forgo the old image puzzles and require you to scan a QR code with your smartphone to prove you’re human. Although this will stop an autonomous bot in its tracks, it also adds another step to verification. But the problem runs a little deeper than the annoyance of a single additional step.
I didn’t see what the spec of this new recaptcha is but my first thought is an android emulator and a free google account combined with whatever bot/LLM wants to pass through is probably going to be what happens.
And as we all know, they’re going to say that not using a Genuine™ Android® Operating System is extremely suspicious.
Verify by qr = insta hacked
Surely this would be nearly impossible for visually impaired people, which makes me question the ability for governments to implement this on their websites.
I know about screen reader software for visual impairment, but to expect a blind person use a separate device with a camera to take a “photo” of a QR code on another screen is beyond comprehension. Well, at least it would be in the normal timeline.
I guess I’ll have to switch to a dumb phone out of spite now.
“Google’s next-gen reCAPTCHA system could spell trouble for any website that implements it as no de-Googled phone user will care to use it”
That demographic is so small as to be irrelevant to the majority of companies.
Which is why governments exist. Supposedly.
@ennof@feddit.org @LuminousLuddite@lemmy.world @technology@lemmy.world
As if it were a matter of caring or wanting/not wanting to use websites… It would be really nice to live in such a world where one could have the luxury of “choosing”. Unfortunately, it’s not this world for many people and many peoples.
To exemplify this, there are websites I, as a Brazilian, can’t simply choose whether to use or not, because there are government and bureau websites for services through which I’m expected to comply with citizen things I didn’t ask for (as I didn’t ask to be born in this world to begin with). Online services such as “DETRAN” (state-wise transportation bureaus where one must renew one’s driver’s license), which I remember having to click a reCAPTCHA in order to proceed with transportation-related citizen duties. I can’t have the luxury of saying “you know what, I’m not renewing my driver’s license which has become my ID for a plethora of services not even related to driving, which means I’m going ID-less and becoming a legally-indigent person in the eyes of the next cop that requests my ID”.
Hell, I can’t even choose to have a degoogled phone because our customs (Receita Federal) will likely deny the entry for any “unlicensed device” (i.e. devices not licensed by ANATEL, Brazilian telecommunication agency). And installing a custom ROM in any available device is not without the risk of bricking the device (and losing a monthly minimum wage worth of money spent with said device) especially for someone like me who never installed custom ROMs.
Again, would be really awesome to live in the world you described where one could afford “caring to use” things…
Well the good thing is that now Google enshittified recaptcha and now if the website owner wants to implement it, needs to pay $1 for 1000 verification requests which is crazy expensive for something that as of now it’s easy to pass as a bot than as a human (bots ask the voice verification and ask a LLM to interpret that, pass recaptcha in less than a second. Humans need to click on 25 traffic lights and give up in the process)
Removed by mod
So more Linux phones?
Or maybe you’ll need to get a bot to do the captcha for you… 😅
If you’re a web dev, and you implement this, just know you won’t receive my web traffic. Ill go live with the other robots and we will start our own internet with blackjack and hookers.
I’m getting close to just giving up on the internet.
Web devs who implement this won’t care about your traffic.
Woooooosh
No u
deleted by creator
how do you do, fellow human
I too, enjoy the company of blackjack and to play hookers
Add me to your beta list . .please!
And any service that uses it can fuck off.
That means if Google’s verification system gets widely adopted, browsing the web could become a headache.
Using a phone to scan a QR code in order to access a website on my desktop is a headache even if it has no dependencies in particular.
Unless it was the website I needed inorder to receive an organ donation, I would just close it.
I could claim that’s an act of righteous protest, but really I just know that absent my needing a new liver, there’s no website I would ever care enough about to get me to scan a QR code just to keep browsing.
I have, multiple times, had to take a screenshot, send it to another device, and then display that QR code on that device so I can scan it. Nothing about using phones isn’t a headache.
I’m too lazy to take out the phone from my pocket.
This is evil. Fuck it. I want nothing to do with these cunts anymore. I’m degoogling this year.
My weather apps force google play integrity checks too 💀
What about the ~40% of Americans with an iPhone??
It also supports iOS.
They only need to be on a recent version of iOS, nothing else.
Old device? Ooh, that’s suspicious.
Ignoring the de-Googled phones for a sec: I assume if you’re using a desktop, then the QR shows up and you have to drag out your phone to scan it in the camera app that then prompts to open the google play store. Dumb, but possible for people who have a phone with Android. What about those that don’t? Would you need a google account?
Now if it’s all on phone (using Chrome or Firefox or whatever) and pops up a QR code, you can’t scan it… but the browser would have to open the play store directly and thats a huge security no-no. The browser shouldn’t even know I have the Play Store.
I have a feeling the hundreds of us that are de-Googled ad just going to stop using these sites all together.
The browser shouldn’t even know I have the Play Store.
Every app on your Android phone knows every other app you have installed. GrapheneOS are trying to solve this but it’s challenging.
Yeah, so the hundreds of us won’t be able to use the internet anymore if this passes
Awesome
At this part I’m genuinely starting to wonder which parts of the internet I really need.
Google doesn’t care about screwing up the lives of thousands of people, as long as it can capture the information of millions.
…and what about iPhone owners?
And desktop users? Will Linux and any non-Google Chrome browsers be locked out now?
https://support.google.com/recaptcha/answer/16609652
According to this support page only older iOS versions would need additional app. So I can assume Apple and Google collaborate on that and Apple added the “feature” in newer iOS already.
Bro wtf? Time to stop using the website using these anti-competitive captchas. I hope they get fined for this
You’ll probably have to install a Google app I guess.
What about people who use iPhones? Even if I used a normal google android I wouldn’t want to be bothered to scan a qr code with my phone to verify myself every time
