According to Google, you’re not human if you aren’t being tracked by Google.

“…one of the ways that Google determines whether you’re a malicious user or not is whether you already have a Google cookie installed on your browser.”

@aral But what would prevent "malicious users" from adding the same cookie? 🤔

@yyp @aral Yeah, this sounds really dumb. Are humans actually even better at captchas than bots? I find myself thinking "well, that *is* a crosswalk, but algo probably thinks "no" on some of those ....
(Would be very interested to see studies on that!)
I also doubt it would be very hard to just record a few "Real Actual Hoomans" navigating a site and just "replay" variations on that via Selenium or whatever browser-automation framework is cool now (for e.g. the "farmers" as they put it)

@meejah @yyp it's a different story, but yes, machines are good at solving Captchas nowadays. Replaying is hard, because it is always different, but even if you did not use a machine, there are also a lot of underpaid clickworkers who justz solve captchas for you… so… 🤷

@rugk @yyp Yeah, weird how "monetary incentive" so often seems to mess things up ...

@yyp @aral Okay I read more of the article .. the *goal* isn't even "detect bots" it is "detect weird behavior". So if you act "oddly" / outside the one standard-deviation or whatever then you're considered "bad". Let alone the privacy impacts, this is a stupid goal.

@thufie This is true but we are not Google’s customers, we are the livestock being farmed :)

@aral So basically every site using them can just go and fsck themselves for me. I started browsing in private windows nearly two years ago now, i only watch YT through invidious instances and most G-domains are blocked by my privoxy already (not all, as my wife is one of those ppl thinking that Google is the entrance to the internet 🙄 and she's resistant to arguments, "nothing to hide" and such).

@aral I still wonder why I so often fail in the "are you not a robot" test ... either I am too bad as human ... or something else is wrong here.

@tam @aral you would just tryna solve the captcha while using free proxy or tor exit.

then you really begin to doubt whether you are a robot

after dozens of failed attempts.

@aral they not only know you're human but also *which* human

@aral recaptcha v3 also reads as very non compliant w gdpr.

Sign in to participate in the conversation
Aral’s Mastodon

This is my personal Mastodon.