Google reCAPTCHA service under the microscope: Questions raised over privacy promises, cookie use

CAPTCHA is a PITA

and the only reason that google.com isn't blocked at my firewall.

Refuzniks of the world unite - avoid Google, Facebook, Amazon etc.

hCaptcha

In my quest to reduce my (and that of my users) exposure to Google I have started migrating to hCaptcha. I can recommend it, it works.

Still looking for a European alternative so no data gets send to the other side of the planet at all but this is a start.

Helping Google

Privacy aside, the reason I hate them is I'm effectively helping google build it's AI by finding fire hydrants, traffic lights, etc. They have effectively built the world's largest free human labour image recognition machine - and that's what gets my goat most.

Google are lying

I can prove Google are lying, when I need to log in to a site using recaptcha, but also when I use two different accounts to do so.

One is a personal account, I have a dedicated email address for it used only there, not used for anything but this one site. As a general standard, I delete cookies from all sites I visit after I leave (I have about 6 sites that I allow primary domain cookies, but block all third party) . I have blocked all Google domain and advertising sites for years and if a site uses resources from a Google domain like fonts or scripts and it doesn't work with the blocks in place, I go else where. I do not use any Google services, except my Android phone does have an account that's not used anywhere else and that doesn't work too well as it likes to continually nag me, as though there is a virus running, "App permission management is running" and I have blocked as much as I can there too.

The second account is a work colleague's address. Although he occasionally does add blocking, he does little else and remains logged in to many sites/services.

When I use the target site, I have to allow Google.com and gstatic.com (used to be recaptcha.net and gstatic,com, I wonder why that changed?). I login, order some parts I need, log out, delete cookies and re-block the two domains and the main site I just used. I do this whether I use my account or my colleagues, there is NO data on my machine to show if I have visited before and that I passed the recaptcha.

When I login as me, I need to select the images to prove I'm not a bot, when I use my colleague's account, all I need to do is check the box. This is from the same Linux PC, both accounts, I don't use my colleagues machine to login.

How do they know it's a human when I use my colleague's email, but not when I use my mainly Google protected email, I have to be tested? Where are they getting the data from to decide my colleague with lots of Google data is human, but my low profile account needs a bot test?

The simplest explanation is that as on other occasions, Google are lying, they are using their trove of personal data and making the experience of non Googled people worse. I'd give this as evidence in a legal hearing.

reCRAPTCHA

If I run into reCAPTCHA then I'll try once and when I fail then I leave the web site, I recently unsubscribed from The Guardian when they started using it - I could swear that I was answering the problems correctly but it just kept asking a new question all the time.

I don't mind ticking a box but no one is paying me to count the blue cars.

So I leave.

So companies lie to make money. Big surprise. Nothing to see here, move along please.

v1

Anyone here remember when reCAPTCHA was an independent service and the answers used for book digitizing?

Pepperidge Farm remembers.

gstatic.com

Recently, I had to allow gstatic.com in noscript and uBlock Origin when I want to load google.com, and it did appear to be related to accepting their T&Cs, so, I presumed it involved more snooping/cookies.

Quite apart from privacy...

"reCAPTCHA makes it possible for the internet giant to challenge netizens to prove they are real people"

The reality is more like "reCAPTCHA makes it possible for the internet giant to challenge netizens to prove they are real Americans".

Most of the images are parochially USA-biased and culture bound, which indicates the level of care with which they are chosen for a supposedly "universal" service.

"I'm classifying Google's Recaptcha service as an *Advertising Network* "

He's only noticed now ?

Anything Google does is for advertising.

Always has been, always will.

I'm pretty sure that I'm not the only one who considers reCAPTCHA to be a 'denial of service' tool - I actively avoid any sites which employ it.

If the Great Satan of Mountain View wants me to help train their neural networks then all they need to do is ask - my rates are pretty reasonable.

reCAPTCHA in government website

There's a place in the Colorado Secretary of State's website where users who have just entered private information into a form have to solve a Google reCAPTCHA to submit it. Private information for the government and Google are two things that do not go well together.

I hate the stinking things

They always seem to ask me for several iterations, possibly because I use an obscure browser. There is one particular site which invariably runs through several challenges, tells me I am not a robot then locks up until the session times out and I have to start again, which doesn't help because the same thing happens every time.

I hate reCaptcha. If a site uses it, there's about an 80% chance I'll see one of its stupid popups and then, depending on how it's set up, I may have to 'solve' 4 or 5 different reCaptcha's before it will let me log in.

Pisses me off. It's not like I'm hiding behind a dodgy VPN. I have a static IP, with reverse DNS that matches the domain I own. I don't do anything particularly dodgy using on my connection, yet Google's rePester constantly targets me.

If I was paranoid, I'd say they had it in for me!!!

Who said that?!??!?!?!

two out of three ain't bad

reCaptcha is just more pointless techno-shit. If in doubt which is a traffic light remember there are usually three correct " humanising answers" so,if you must,include the pole.