Tryin to trawl through my saved bookmarks… it might(???) have been this link. But when I try it now, it’s an invalid URL. It was years ago. Maybe the site or domain wasn’t kept up. So I’m not completely sure that was even the right URL.

https://hfet.org/google-recaptcha-privacy-nightmare/

I searched just now and found a few sites mirroring the claim. But they did not have the technical breakdown. Here’s something from The Register.

‘You know how we can prove you’re not a robot? Because we literally know exactly who you are.’ I don’t even know if it should be called a CAPTCHA – it feels like it’s just identity verification.

That story claims too, the more you are in google’s ecosystem, the easier you can pass the recaptcha. For example, Chrome users get past easer than Firefox.

I do have working a link about the infinite captcha block technique! Blocking via an unsolvable CAPTCHA. Warning, google domain. Goes to patents.google.

Have you considered the possibility you are a robot? /s

Hmmm. It would come as a surprise. I’m willing to consider it tho. :D

Yeah I’ve had better luck with non-G captchas. Many of those work. There’s some sliding puzzle piece one that works fine.

Long run, I wonder if captchas are a dead end. AIs can learn to solve them as well as ppl can. So what remains is to mimic the signatures of a human. Little jitters in mouse movements. Or variations in timing. But AIs can easily learn those too. So we end up with many real humans excluded, while many bots get in.

IDK but recapatch hasn’t worked for me on desktop. Since like… forever.

What happens is… I click the squares that contains the stairs. Or motorcycles, traffic lights, buses, w/e. Try to guess whether a sq counts if there are like 2 pixels of railing. Is railing part of the stairs? IDK. Doesn’t matter tho. Google rejects anything I try and displays another captcha. Same result with that one. Fucking endlessly. It will NEVER let me past. I’ve tried some dozens in a row.

I think that is because G can’t ID me to a particular human. So it does not matter how I answer them. “You shall not pass.” G had a patent on “endless rejection” techniques. Instead of an outright block, it presents you with infinite unsolvable captchas.

Someone once analyzed web based recapatcha. Their conclusion was, G isn’t trying to figure out whether you are human. It’s trying to figure out WHICH human you are. It’s identity resolution, not bot detection. If it can’t get a high enough confidence estimate, you get denied. Sometimes with infinite captchas.

Yay. Let’s make this asshole company the gatekeeper to the fucking internet.

Yeah I’m happy with Mullvad. Although like somebody said, make sure wireguard will be OK for you. They dropped OpenVPN. After trying both I like WG better, but some routers or devices won’t support it. Shouldn’t be an issue from phones or lapptops tho.

You can even pay for Mullvad with cash. Well, in some currencies. Someplace, might’ve been Mullvad? dropped rupees recently as a currency you could pay in. Dunno why. But you can pay in €, US$, CAN$, AUS$, and £.

I heard an interview once with one of their umm… founders? Tech guys? IDK.

Anyway he said their philiosphy is to collect the minimum amount of data required to provide the service. And no more.

I wish ALL co’s practiced that. Most are the exact opposite. Collect everything even if totally unrelated to the service.

Once AI deepfakes became common, they got it.

Ayup. I try to tell my friends. It’s not how your data might hurt you today. It’s how it can hurt you tomorrow.

You might be 10 years old today. You could be alive in 60, 70 more years. After who knows what changes to law, culture, tech, everything.

Naomi Brockwell said something like “If someday we decide we hate red haired people, we will not look only at the photos people uploaded after we decided that. We will go back through the pictures people posted long ago.”

She was speaking metaphorical ofc. “Red hair” could be anything.

I’ve also heard

“I’m not important enough for anyone to care what I’m doing.”

I’m like honey this shit is automated at population scale. You don’t have to be important. You only have to be a human.

I have a paid tier. I like it. Beats the shit outta the big G.

I pay for it b/c running privacy focused services is not free. I want a world where we have choices besides Big Surveilence Tech. I could get by with the free tier. I pay anyway.

If you send to other proton addresses, or to other co’s with compatible encryption, it can make email E2EE. Otherwise, it’s not, like if the other end is on a gmail address or w/e.

It doesn’t 100% solve the probs. But it doesn’t do G style spying of your email contents. That’s worth supporting to me.

“if you have nothing to hide would you be OK with a camera in your shower?

I like, “OK! Please hand me your phone, unlocked. Let me have it for 24h. I’ll give it back to you tomorrow. I won’t harm it in any way. I will only look.”

Or, “OK! What is your bank account number and password?”

I believe ppl know that everyone has something to hide. It’s just an excuse they use.

Well they have ways to make it very hard. China, Russia, and some other countries already block VPNs. Sure it’s not 100% ironclad. But it doesn’t have to be. They want to block the big majority. If 1% finds a way around, it was still effective.

There are technical ways, like DPI based blocking of the protocols. There are ways to bypass that, sure, but you lost most ppl already.

Then there are social ways. Make the risk too high if you’re caught. Ppl will be afraid to try.

I do not think the US, EU, Aus are close to that extreme yet. Not tryin to say this is right around the corner. But other countries already have done these things. It is possible we could see those measures in the future.

I’ve sseen the same thing. Sadly, for most ppl, convenience beats privacy. If something is 1% more convenient, they will pick it no matter how awful it is.

That’s how big tech enshittifies everything. They bank on 99% of people putting convenience before anything else. Even before the future of their society. Most ppl do not understand how powerful information is.

Well, there’s a new War On VPNs starting (ugh). If the Forces of Enshittification prevail, we could see them banned in more countries. And not just the usual suspects either. The idea is being pushed in several US states, in the UK, and maybe(?) the Aussies? It’s being fought in all those ofc. But I’m afraid the political momentum for bans will build and build.

My hope is, that Canada will be chill and not follow the rest of us off a cliff. Come on, Canada! You’re our best hope!

Those are very good points. Some of that tied into my choice to keep my old car until the wheels fall off.

Eventually I’ll have to replace it. Then it’ll be either antother old but less old combustion car, or an EV. But all the EVs leave such a bad taste with the surveilence.

Oh yeah. I buy local too as much as I can. Feels better. I get to suport a locally owned small biz, and all that jazz.

It’s limited tho. The selection online is so much vaster. Some things I jcan’t source locally even if I want to. Hopefully if more ppl take your advise, it’ll create pressure for better local selection.

I loled at 55 factor auth!

Yup understood, me too.

Hopefully the group is small enough still to not be a big astroturf target, so company mentions are OK. I guess mods can remove if they want. At the mo, it seems like mostly real humans here. Could change eventually I guess.

I guess this group doesn’t have rules against mentioning commercial co’s, so it’s OK if I say it? They’re called Ironvest. It’s fairly cheap. The plan I have gives me unlimited masked emails, and masked credit cards. Also some other things.

Sometimes, I use my real name with a masked card. I’ll do that for companies that already have to know who I am for KYC or w/e reason. But I can still avoid my normal CC company selling my history. In other cases I will use a fictious name with the masked card, for when I want to buy sth but they don’t need to know my real identiy. Like I’ve bought digital music like that. I wanted to support the artist and even the music store who sells DRM free. But didn’t want the music store selling my music prefs. I want to give them my $$, not my data lol.

Should go without saying, everyone who uses privacy services shouldn’t use them to be a dick. If too many ppl try to abuse them, we will lose what very few options we have to protect from data brokers. Not tryin to accuse you ofc. Just putting it out there as general advise for all.

Never heard of that guy myself but yeah I guess it’s human nature… we are good at rationalizing what we want to do.

Personally I’m kinda torn. I would like an EV for environmental reasons. But all EVs seem to be horrible spyware on wheels. Even worse than internal combustion cars. Which already are pretty bad. At least newer ones are. My old ass car isn’t. But a modern EV? It’s so invasive.

So I stick with my old ass car. But I grind my teeth. Because I want a lower impact vehicle. I use a bike or bus when I can. But sometimes Ican’t.

Tesla is one product among hundreds of consumer choices.

Reminds me,… I have heard priv advocates propose a consumer label. Like we have nutritions labels on food products but for privacy.

Their idea is, there are so many products. It is almost impossible for average consumer to even know how much data their car, blutooth gizmo, or smart TV collects. With a mandatory label, they could be better informed. Companies could even compete on it. Just like car co’s first bitched about car safety features but later competed to have the best safety ratings.

But that label idea would need teeth. Gov agencies tasked to test it. And enforce compliance. That’s the hard part.

Ayup I agree wtih you.

It’s one example of a general prob. So much of tech now betrays the privacy of NON users. There are calculator apps, weather apps, prayer apps, fitness apps for phones. They scrape contacts. I’m in my friends contacts. Now a million data broker companies track my social graph despite I don’t give it tot hem.

And Facebook ofc. They build Shadow Profiles on NON users. You never used FB? Well FB still buidls a profile of you. You can tell a lot about someone just from metadata. Who are your friends? Now we can infer your politics. Your educational level. Your hobbies.

Oh, gmail too! When gmail started it was “Your new mailman will read your mail”. But in reading your mail it also reads MY mail.

I guess, most ppl just do not think about it. They give personal data as much thought as I give my toothbrush. Personal data is invisible. We cannot touch it. Out of sight out of mind.

Yes. I think we just have no statistics about it. Just one off examples. It’s gotta happen way more than we have any idea of. If the power is there, it will be abused.

I always resist the meme level thinking that all cops are bad or w/e. This black and white thinking does the world no good. It just drives polarization and us-vs-them thinking. Reality is not so black and white.

Still, we need safeguards against public servants we entrust with power. We need to hold them accountable. Iindividuals when they betray the public trust. Also police depts who have corrupt cultures. Power corrupts. And some kinds of power are too much for anyone. They always lead to bad outcomes. Mass warrantless surveilance is one of those things. It’s too much. It leads to erosion of democratic societies.

There are some rays of hope. In the country I live (US) many communites have pushed back against license plate surveilance! They have succeded. Sure it’s still just a fraction. But it’s a start! Shows we the public, we can fight surveilance. And win.

Here’s one example. There are LOTS of others! Citizens banded together, and succesfully fought.

The cities of Eugene and Springfield announced Friday evening that they would discontinue the use of AI-powered license plate cameras connected to the company called Flock Safety. The announcements, issued in separate press releases, come after months of public pushback. Opponents said the cameras could be used to track innocent people and put vulnerable residents at risk of surveillance by federal agencies.