Skip to content

seanpm2001/Why-you-should-stop-using-ReCaptcha

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Read in a different language:

ar عربى zh-t 中國傳統的)en-us fr français de Deutsch ja 日本語 ko-south 韓國語 pl polski ru русский es en español

Translations in languages other than English are machine translated and are not yet accurate. No errors have been fixed yet as of February 19th 2021. Please report translation errors here look for the correct language translation thread. Make sure to backup your correction with sources and guide me, as I don't know languages other than English well (I plan on getting a translator eventually) please cite wiktionary and other sources in your report. Failing to do so will result in a rejection of the correction being published.


Why you should stop using ReCaptcha

RecaptchaLogo.svg

This is an article on why you should stop using the Google ReCaptcha method and avoid it when possible.


Index

01.0 - Overview

02.0 - Privacy

03.0 - Alternative solutions

04.0 - Anti-competitive behavior

05.0 - Bad AI

06.0 - Sites to avoid

07.0 - Other things to check out

08.0 - Article info

08.0.1 - Software status

09.0 - File history

10.0 - Footer


Overview

Like other Google products, ReCaptcha has a history of privacy and performance issues.

General description from Wikipedia: ReCaptcha - Data from Februry 19th 2021 at 4:49:12 pm (PT: Pacific Time)

reCAPTCHA is a CAPTCHA system that enables web hosts to distinguish between human and automated access to websites. The original version asked users to decipher hard to read text or match images. Version 2 also asked users to decipher text or match images if the analysis of cookies and canvas rendering suggested the page was being downloaded automatically. Since version 3, reCAPTCHA will never interrupt users and is intended to run automatically when users load pages or click buttons. reCAPTCHA is owned by Google.

The original iteration of the service was a mass collaboration platform designed for the digitization of books, particularly those that were too illegible to be scanned by computers. The verification prompts utilized pairs of words from scanned pages, with one known word used as a control for verification, and the second used to crowdsource the reading of an uncertain word. reCAPTCHA was originally developed by Luis von Ahn, David Abraham, Manuel Blum, Michael Crawford, Ben Maurer, Colin McMillen, and Edison Tan at Carnegie Mellon University's main Pittsburgh campus. It was acquired by Google in September 2009. The system helped to digitize the archives of The New York Times, and was subsequently used by Google Books for similar purposes.

The system was reported as displaying over 100 million CAPTCHAs every day, on sites such as Facebook, TicketMaster, Twitter, 4chan, CNN.com, StumbleUpon, Craigslist (since June 2008), and the U.S. National Telecommunications and Information Administration's digital TV converter box coupon program website (as part of the US DTV transition).

In 2014, Google pivoted the service away from its original concept, with a focus on reducing the amount of user interaction needed to verify a user, and only presenting human recognition challenges (such as identifying images in a set that satisfy a specific prompt) if behavioral analysis suspects that the user may be a bot. reCAPTCHA v1 was declared end-of-life on March 31, 2018.


Privacy

Google has a very very bad record when it comes to user privacy. (I could go on and on with evidence of this, but it took a long time to find and go through all these articles)

Privacy on Google products is always bad, due to all Google products containing spyware.

No matter what you do, when you are using Google, all of your sensitive personal data is being sent to Google and others. Google has also been spotted going through open programs. For example, from personal experience (on Firefox) with a YouTube tab open that I didn't visit, I watched several videos offline (VLC Media Player) Later when I went to check the recommendations, it was nearly everything that I had watched. There is no doubt they are spying on other programs too.

In Chrome (and many other browsers) an incognito mode is present. In Chrome, this mode is pointless, as Google will still mine your data. Even if you turn data mining/tracking off, and enable the "do not track" signal, surprise suprise, Google is still mining your data.

If you think you have nothing to hide, you are absolutely wrong. This argument has been debunked many times over:

Via Wikipedia

  1. Edward Snowden remarked "Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say. "When you say, ‘I have nothing to hide,’ you’re saying, ‘I don’t care about this right.’ You’re saying, ‘I don’t have this right, because I’ve got to the point where I have to justify it.’ The way rights work is, the government has to justify its intrusion into your rights."

  2. Daniel J. Solove stated in an article for The Chronicle of Higher Education that he opposes the argument; he stated that a government can leak information about a person and cause damage to that person, or use information about a person to deny access to services even if a person did not actually engage in wrongdoing, and that a government can cause damage to one's personal life through making errors. Solove wrote "When engaged directly, the nothing-to-hide argument can ensnare, for it forces the debate to focus on its narrow understanding of privacy. But when confronted with the plurality of privacy problems implicated by government data collection and use beyond surveillance and disclosure, the nothing-to-hide argument, in the end, has nothing to say."

  3. Adam D. Moore, author of Privacy Rights: Moral and Legal Foundations, argued, "it is the view that rights are resistant to cost/benefit or consequentialist sort of arguments. Here we are rejecting the view that privacy interests are the sorts of things that can be traded for security." He also stated that surveillance can disproportionately affect certain groups in society based on appearance, ethnicity, sexuality, and religion.

  4. Bruce Schneier, a computer security expert and cryptographer, expressed opposition, citing Cardinal Richelieu's statement "If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged", referring to how a state government can find aspects in a person's life in order to prosecute or blackmail that individual. Schneier also argued "Too many wrongly characterize the debate as 'security versus privacy.' The real choice is liberty versus control."

  5. Harvey A. Silverglate estimated that the common person, on average, unknowingly commits three felonies a day in the US.

  6. Emilio Mordini, philosopher and psychoanalyst, argued that the "nothing to hide" argument is inherently paradoxical. People do not need to have "something to hide" in order to hide "something". What is hidden is not necessarily relevant, claims Mordini. Instead, he argues an intimate area which can be both hidden and access-restricted is necessary since, psychologically speaking, we become individuals through the discovery that we could hide something to others.

  7. Julian Assange stated "There is no killer answer yet. Jacob Appelbaum (@ioerror) has a clever response, asking people who say this to then hand him their phone unlocked and pull down their pants. My version of that is to say, 'well, if you're so boring then we shouldn't be talking to you, and neither should anyone else', but philosophically, the real answer is this: Mass surveillance is a mass structural change. When society goes bad, it's going to take you with it, even if you are the blandest person on earth."

  8. Ignacio Cofone, law professor, argues that the argument is mistaken in its own terms because, whenever people disclose relevant information to others, they also disclose irrelevant information. This irrelevant information has privacy costs and can lead to other harms, such as discrimination.

Google AMP is the same as all other Google products, it contains spyware, as Google is not just a search company, they are a user data company, and you are the product. To Google, you are only worth about $700.00 (unless you are making them ad revenue)


Alternative solutions

ReCaptcha has some alternatives:

hCaptcha - An alternative to ReCaptcha, but has the problem of restricting a user to solving the hCaptcha 30 times before the user is restricted from using the site until they pay money to get more Captcha attempts.


Anti-competitive behavior

The AMP project contains the default page code for a web page, but then applies Googles formatting to the page, making every page look the same, and making it harder to distinguish between sites. It has been criticized as a method of Google destroying the open web and restricting the web further.


Bad AI

Google is developing Artificial Intelligence to continue violating its users. Googles AI is extremely dangerous, due to it having known racism and sexism problems, and the fact that Google is firing all of its ethical AI leaders so that unrestricted, illegal changes can be made.

ReCaptcha is being used to help Google create a deadly AI. Google has participated in the Pentagons Maven project in the past to help the US gain superiority in an Artificial Intelligence arms race, and by solving ReCaptcha puzzles, you are training Googles system to cause more damage.

Sources: 1 2 3 4 5 6


Sites to avoid

Here are some sites that use ReCAPTCHA that should be avoided

This list is incomplete. You can help by expanding it.

Stackoverflow (as of February 19th 2021)

List is heavily incomplete


Other things to check out

The Google Graveyard (killedbygoogle.com) - a sorted list of the 224+ products Google has killed

GitHub link

Alphabet worker union - The new workers union at Google with over 800 members

Don't want to part with the dinosaur easter egg? This website has you covered

There are other alternates, just search for them.


Some fact checking is needed for this article


Article info

File type: Markdown (*.md)

File version: 1 (Friday, February 19th 2021 at 5:05 pm)

Line count (including blank lines and compiler line): 221

Software status

All of my works are free from restrictions. DRM (Digital Restrictions Management) is not present in any of my works. This project does not contain any DRM

DRM-free_label.en.svg

This sticker is supported by the Free Software Foundation. I never intend to include DRM in my works.

File history

Version 1 (Friday, February 19th 2021 at 5:05 pm)

Changes:

  • Started the file/article
  • Added the title section
  • Referenced the Google AMP icon
  • Added a section about privacy
  • Added a section about the overview
  • Added the article info section
  • Referenced the DRM Free icon
  • Added the file history section
  • Added the alternative solutions section
  • Added the Anti-competitive behavior section
  • Added the bad AI section
  • Added the sites to avoid section
  • Added the other things to check out section
  • Added the index
  • Added the footer
  • No other changes in version 1

Version 2 (Coming soon)

Changes:

  • Coming soon
  • No other changes in version 2

Footer

You have reached the end of this file!

EOF