• Google is making it mandatory to have Play Services for its next-generation reCAPTCHA system on Android.

  • Your phone will need to be running Play Services version 25.41.30 or greater when the system asks you to scan a QR code for verification.

  • This hurdle means that de-Googled phones will fail the verification test by default.

  • x00z@lemmy.worldEnglish
    58·
    3 days ago

    A lot of Android bot devices simulate (or even ARE) a full phone with a legit Play Store and other Google services.

    This requirement is enforced vendor lock in. Nothing more.

  • wonderingwanderer@sopuli.xyzEnglish
    16·
    2 days ago

    Fuck that. One of the biggest offenders of web scraping and bot traffic wants to force us all to install their spyware just to verify that we’re human when there have already been much simpler ways to do this without that bullshit captcha for years…

      • blargh513@sh.itjust.worksEnglish
        9·
        3 days ago

        I really hate the idea that any car I buy in the future is going to come stuffed with fucky software that I don’t want. Software defined car my fucking brown asshole.

        I don’t want some old jalopy with a carburetor and crank windows, but there’s so little benefit to the individual for all the shit that I can’t imagine wanting it.

        I do my own repairs and I hate that half the time I need to get my laptop out to reset a thing, clear a code, re-initiate some shit. Pulling the battery cable off used to work for most things, but not anymore and for a long time.

        I bought the car, but they own the software? So if I want do change or repair something, I have to pay them, but if the software shits the bed, I have to pay them? Everything ends with me paying them for something I already paid for.

        Fuck that.

    • SethDove@lemmy.worldEnglish
      6·
      2 days ago

      Sailfish is awesome. It just doesn’t work on any phones that work in north America anymore.

    • dantheclamman@lemmy.worldEnglish
      6·
      3 days ago

      Big market, but also huge barrier to entry to get a phone ecosystem off the ground. MS, Amazon, Facebook, Mozilla and many others have tried and failed. Apple and Google have huge moats

    • mynameisbob@lemmy.mlEnglish
      4·
      3 days ago

      monopoly capital tisk tisk tisk… we need to keep the children safe… don’t you care about the children?

  • 9tr6gyp3@lemmy.worldEnglish
    2801·
    4 days ago

    If you’re a web dev, and you implement this, just know you won’t receive my web traffic. Ill go live with the other robots and we will start our own internet with blackjack and hookers.

  • MuteDog@lemmy.worldEnglish
    32·
    3 days ago

    This requirement will kick in the moment the system suspects suspicious activity. At that point, reCAPTCHA will forgo the old image puzzles and require you to scan a QR code with your smartphone to prove you’re human.

    How is this going to work if you’re browsing the internet on your phone??

  • Wispy2891@lemmy.worldEnglish
    951·
    3 days ago

    This is awesome news for scammers:

    1. Fake page will say “you need to scan this qr code to verify you’re human”
    2. Users normally dismisses this shit, but it has become normal nowadays, take out the phone to scan it
    3. Qr code opens a page on totallynotascam.com that say “you need to install this totally safe APK on your device for verification 😉”
    4. APK passes the new useless developer “verification” as the scammer either used a hacked dev account or just paid $25 with a stolen id + stolen credit card
    5. User see the message “APK verified by Google play protect” and would totally believe the bullshit, giving all the possible permissions to the app
    • redsand@infosec.pubEnglish
      2·
      3 days ago

      Don’t even need an app. There’s a root LPE almost monthly now most of android takes a month or more to patch. Just need a common exploitable app to handle your link and get your initial shell.

  • Zak@lemmy.worldEnglish
    185·
    4 days ago

    That means if Google’s verification system gets widely adopted, browsing the web could become a headache.

    Using a phone to scan a QR code in order to access a website on my desktop is a headache even if it has no dependencies in particular.

    • limonfiesta@lemmy.worldEnglish
      48·
      4 days ago

      Unless it was the website I needed inorder to receive an organ donation, I would just close it.

      I could claim that’s an act of righteous protest, but really I just know that absent my needing a new liver, there’s no website I would ever care enough about to get me to scan a QR code just to keep browsing.

    • Kairos@lemmy.todayEnglish
      9·
      4 days ago

      I have, multiple times, had to take a screenshot, send it to another device, and then display that QR code on that device so I can scan it. Nothing about using phones isn’t a headache.

        • systemglitch@lemmy.worldEnglish
          4·
          3 days ago

          I spend most of my day without a phone near me. I hate phones, this won’t encourage me to do anything but pull further away.

          I suppose that is a win. Real life isn’t happening on a screen.

  • zerofk@lemmy.zipEnglish
    56·
    3 days ago

    Wait wait wait. To prove you’re human you have to read something designed for computers to read?

    • JcbAzPx@lemmy.worldEnglish
      5·
      3 days ago

      To be honest, most of what they use now is pretty easy for machines to do. Mostly because they’ve been using the captcha to train ocr and self driving.

        • YeahToast@aussie.zoneEnglish
          2·
          3 days ago

          And started off with letter identification to help with reading scanned books. For example, place 3 known 'R’s tell users to select all R’s. If majority of people select 4 R’s then that unknown 4th R becomes a known letter

  • Skankhunt420@sh.itjust.worksEnglish
    30·
    3 days ago

    I was wondering how they would screw the new Motorola phones coming out since they couldn’t do the whole “factory operating system has been tampered with” mode of whining and being little bitches.

    Glad to see their engineers came up with another way to fuck us! Thanks google!

  • systemglitch@lemmy.worldEnglish
    22·
    3 days ago

    I’ve scanned 4 QR codes in my life. 2 were not what I was told they would be.

    I will never scan a QR code again.

  • thejml@sh.itjust.worksEnglish
    112·
    4 days ago

    Ignoring the de-Googled phones for a sec: I assume if you’re using a desktop, then the QR shows up and you have to drag out your phone to scan it in the camera app that then prompts to open the google play store. Dumb, but possible for people who have a phone with Android. What about those that don’t? Would you need a google account?

    Now if it’s all on phone (using Chrome or Firefox or whatever) and pops up a QR code, you can’t scan it… but the browser would have to open the play store directly and thats a huge security no-no. The browser shouldn’t even know I have the Play Store.

    I have a feeling the hundreds of us that are de-Googled ad just going to stop using these sites all together.

    • Phoenixz@lemmy.caEnglish
      521·
      4 days ago

      Yeah, so the hundreds of us won’t be able to use the internet anymore if this passes

      Awesome

    • Dave@lemmy.nzEnglish
      10·
      3 days ago

      The browser shouldn’t even know I have the Play Store.

      Every app on your Android phone knows every other app you have installed. GrapheneOS are trying to solve this but it’s challenging.

    • Cethin@lemmy.zipEnglish
      6·
      3 days ago

      I’m not even de-Googled (yet) and I wouldn’t bother with this shit. It’s an instant close in that tab, and if it’s something I need then I’ll find another service.

    • timestatic@feddit.orgEnglish
      4·
      4 days ago

      What about people who use iPhones? Even if I used a normal google android I wouldn’t want to be bothered to scan a qr code with my phone to verify myself every time