419

No

I don't think so

top 50 comments
sorted by: hot top new old
[-] gressen@lemmy.zip 105 points 2 weeks ago

Name the offending website please.

[-] lemmyng@piefed.ca 141 points 2 weeks ago

Google. It's their recaptcha service doing that. The QR code validation also gets rejected if you're using a privacy oriented mobile OS like Graphene.

[-] markz@suppo.fi 50 points 2 weeks ago

At the cost of conditioning people into following orders from random qr codes

[-] dieTasse@feddit.org 14 points 2 weeks ago* (last edited 2 weeks ago)

you mean it was google,com? Or on which website was this recaptcha?

load more comments (6 replies)
[-] sidebro@lemmy.zip 21 points 2 weeks ago
[-] 9bananas@feddit.org 7 points 2 weeks ago

are they fucking serious with this shit?

what the hell...

[-] woelkchen@lemmy.world 15 points 2 weeks ago

Archive.is is a Russian propaganda bot net. Don't use it.

load more comments (4 replies)
[-] wander1236@sh.itjust.works 18 points 2 weeks ago

It looks like a Cloudflare interstitial. I also don't think sites get to choose which challenge types show up in reCAPTCHA, so this is on Google.

[-] fizzle@quokk.au 20 points 2 weeks ago

Isn't the site choosing to use recaptcha?

[-] wander1236@sh.itjust.works 7 points 2 weeks ago

The site is using Cloudflare for DDoS protection, and unfortunately Cloudflare is probably the most effective tool for this. It also looks like it might be archive.org in the screenshot, and they've been dealing with a lot of DDoS attacks lately.

I don't think Google advertises "we force you to scan a QR code" as a feature of reCAPTCHA either, so it feels a little weird to me to blame the site for using a DDoS protection tool that in turn uses reCAPTCHA for human verification when Google randomly decides to add a new stupid challenge type.

[-] VonReposti@feddit.dk 5 points 2 weeks ago

As far as I know, Cloudflare doesn't use reCaptcha. I think they use a version of hCaptcha running on their own workers.

[-] laundry861@fedinsfw.app 102 points 2 weeks ago

None of these are about identifying if you're human, they're about identifying which human you are.

load more comments (5 replies)
[-] EisFrei@lemmy.world 87 points 2 weeks ago

Not to excuse Google's practices, but you can select the eye icon to continue training an AI to detect buses and bikes.

[-] sidebro@lemmy.zip 34 points 2 weeks ago

Oh, thanks for letting me know. I missed that one, as it isn't all that clear that's what it does.

[-] feannag@sh.itjust.works 18 points 2 weeks ago

I also use an extension called buster that automatically solves the audio accessible captcha challenge.

[-] Tja@programming.dev 6 points 2 weeks ago
[-] DrunkAnRoot@sh.itjust.works 48 points 2 weeks ago

I tried watching some yt in librewolf made me do 5 captchas an i had to switch vpn location so fuck google

[-] W3dd1e@lemmy.zip 19 points 2 weeks ago

I have degoogled but YT is the only thing I’m stuck with. The monopoly is too much to overcome.

[-] A_Random_Idiot@lemmy.world 6 points 2 weeks ago* (last edited 2 weeks ago)

Creating an infrastructure that could potentially ingest terrabytes of data per second, and then processing it into multiple resolutions, is a massive ask.

Especially for a new site that might not ever get picked up by users, much less creators.

I think the only people that have a hope in hell of having a success at starting a youtube competitor are the owners of the big porn sites, since they are in a similar, if much smaller than youtube business with regards to infrastructure demands and processing needs. . So they have the institutional knowledge and infrastructural inertia to get started easier than anyone else on the planet. assuming they want to do a SFW video site, which they may not want to do, and it'd probably be burdened forever with right wing outrage due to any tenuous, distant connection to the porn sites (even if its just porn money or porn owners)

load more comments (18 replies)
[-] CeeBee_Eh@lemmy.world 6 points 2 weeks ago

If you're on mobile, check out the Greyjay app. It's promoted (sponsored?) by Louise Rossman

load more comments (5 replies)
load more comments (12 replies)
load more comments (2 replies)
[-] psx_crab@lemmy.zip 36 points 2 weeks ago* (last edited 2 weeks ago)

Man i will nope out of this website so quick.

[-] Redjard@reddthat.com 26 points 2 weeks ago

Beware it'd be quite easy to decensor that qr from the image.

[-] 45o3b@lemmy.ml 24 points 2 weeks ago

I'll get hate for referencing a solution that involves AI, but this looks promising: https://github.com/Captcha-Sonic/CaptchaSonic-Extension

[-] lemmyman@lemmy.world 10 points 2 weeks ago

Lmao so the captchas don't even do anything anyway. Except harass us.

[-] 9bananas@feddit.org 6 points 2 weeks ago

that's been true for years now:

captchas have been a mild inconvenience for bots for like 10 years.

they are, like so many things, pure security theater...not actual security.

[-] ozymandias117@lemmy.world 6 points 2 weeks ago

They were introduced as a way to crowdsource OCR

Google would give two words, one they knew and one they didn't

4chan screwed with them back in the day by all giving the same wrong answer on the second word so their OCR would scan wrong

[-] AssaultPepper@lemmy.dbzer0.com 8 points 2 weeks ago
[-] muhyb@programming.dev 11 points 2 weeks ago

Eye for an eye

[-] MonkderVierte@lemmy.zip 22 points 2 weeks ago

Recaptcha users will experience some visitor losses.

[-] Frenchgeek@lemmy.ml 18 points 2 weeks ago
load more comments (1 replies)
[-] MrSoup@lemmy.zip 8 points 2 weeks ago* (last edited 2 weeks ago)

I see phishing opportunity here. Thanks Google

[-] Maxxie@piefed.blahaj.zone 7 points 2 weeks ago

I dont understand how and why is the phone involved in this check. I assume its a link to a website that authenticates you (probably google), but why not open it in the browser its alread at? Like what recaptcha was already doing for the past decade?

Im so confused

[-] IphtashuFitz@lemmy.world 14 points 2 weeks ago

A few years ago I was given a technical deep dive into Akamai’s bot detection systems. One area they were quite focused on were bots impersonating mobile devices, and in particular mobile apps. It’s commonplace for attackers to try to mimic the behavior of mobile apps because it often provides more direct access to the data they’re looking for than trying to scrape websites.

To counter this threat Akamai developed a library for their customers to incorporate into their apps. This library collects a bunch of haptic data from the mobile device, such as the tilt sensors, accelerometers, finger taps/swipes on the screen, and other available data. It then encrypts it and sends it along to Akamai along with the data the app sends. Akamai then analyzes that haptic data and uses it as part of their bot detection analysis.

It is VERY difficult for a computer to mimic the truly random way a mobile device moves in space, or the way your fingers tap/swipe on a screen. If you were asked to draw a straight line from the upper left corner to the bottom right corner of your smartphone, not only would it not be perfectly straight but it would be quite fluid in its randomness. Writing a computer program to simulate that would be very tough. You’re far more likely to get lots of short straight lines with jagged angles than something that looks like a human drew it. And computer algorithms can quickly analyze this sort of data and return a confidence score indicating if it appears to have been created artificially or not.

So my guess is that when that QR code is scanned it will launch a Google app that will collect some similar haptic data and send it off to Google along with a unique id for that captcha. Google will then quickly analyze that haptic data to determine if you’re a bot or not.

[-] Maxxie@piefed.blahaj.zone 8 points 2 weeks ago

Ohh, I've never thought about phone authentication being superior due the amount of sensors it has. Thanks for explaining, it makes a lot of sense (and I hate it)

[-] ambitiousslab@feddit.uk 8 points 2 weeks ago

I think they can use remote attestation on the mobile device to prove that it's a physical device. They do that through Google Play Services or whatever the equivalent is on iOS. So, for instance, scanning the QR code on a custom ROM like lineage or GrapheneOS doesn't work.

[-] snooggums@piefed.world 15 points 2 weeks ago

They want to force interaction with your phone so they can identify who you are.

load more comments (1 replies)
[-] Luisp@lemmy.dbzer0.com 7 points 2 weeks ago
load more comments (1 replies)
[-] winkledinkle@sh.itjust.works 7 points 2 weeks ago

First time I saw that, I immediately suspected a malware attack.

If it's not, it soon will be.

[-] TryingToBeGood@reddthat.com 6 points 2 weeks ago
[-] Hubi@feddit.org 6 points 2 weeks ago

Not justifying this by any means but you can just click on the eye icon at the bottom to get the regular captcha.

[-] snooggums@piefed.world 7 points 2 weeks ago

Vague option is vague.

load more comments (2 replies)
[-] Stopwatch1986@lemmy.ml 5 points 2 weeks ago

Doesn't clicking on the headphones switch to an audio test like with regular captcha? That's what I do and it works first time instead of getting an endless number of images when I use VPN. The words you enter don't even have to be 100% correct.

load more comments
view more: next ›
this post was submitted on 21 Jun 2026
419 points (99.3% liked)

Mildly Infuriating

46680 readers
1123 users here now

Home to all things "Mildly Infuriating" Not infuriating, not enraging. Mildly Infuriating. All posts should reflect that. Please post actually infuriating posts to !actually_infuriating@lemmy.world

I want my day mildly ruined, not completely ruined. Please remember to refrain from reposting old content. If you post a post from reddit it is good practice to include a link and credit the OP. I'm not about stealing content!

It's just good to get something in this website for casual viewing whilst refreshing original content is added overtime.


Rules:

1. Be Respectful


Refrain from using harmful language pertaining to a protected characteristic: e.g. race, gender, sexuality, disability or religion.

Refrain from being argumentative when responding or commenting to posts/replies. Personal attacks are not welcome here.

...


2. No Illegal Content


Content that violates the law. Any post/comment found to be in breach of common law will be removed and given to the authorities if required.

That means: -No promoting violence/threats against any individuals

-No CSA content or Revenge Porn

-No sharing private/personal information (Doxxing)

...


3. No Spam


Posting the same post, no matter the intent is against the rules.

-If you have posted content, please refrain from re-posting said content within this community.

-Do not spam posts with intent to harass, annoy, bully, advertise, scam or harm this community.

-No posting Scams/Advertisements/Phishing Links/IP Grabbers

-No Bots, Bots will be banned from the community.

...


4. No Porn/ExplicitContent


-Do not post explicit content. Lemmy.World is not the instance for NSFW content.

-Do not post Gore or Shock Content.

...


5. No Enciting Harassment,Brigading, Doxxing or Witch Hunts


-Do not Brigade other Communities

-No calls to action against other communities/users within Lemmy or outside of Lemmy.

-No Witch Hunts against users/communities.

-No content that harasses members within or outside of the community.

...


6. NSFW should be behind NSFW tags.


-Content that is NSFW should be behind NSFW tags.

-Content that might be distressing should be kept behind NSFW tags.

...


7. Content should match the theme of this community.


-Content should be Mildly infuriating. If your post better fits !Actually_Infuriating put it there.

-The Community !actuallyinfuriating has been born so that's where you should post the big stuff.

...


8. Reposting of Reddit content is permitted, but attribution is not required in any way. No links to Reddit in post body


-If you would like to provide a source link, do so in the comments but not in the post body.

...

...


Also check out:

Partnered Communities:

1.Lemmy Review

2.Lemmy Be Wholesome

3.Lemmy Shitpost

4.No Stupid Questions

5.You Should Know

6.Credible Defense


Reach out to LillianVS for inclusion on the sidebar.

All communities included on the sidebar are to be made in compliance with the instance rules.

founded 3 years ago
MODERATORS