Hacker News new | past | comments | ask | show | jobs | submit login

With Firefox fingerprint resisting turned on and with Ublock Origin/UMatrix, I get a score of 0.1. And I'm not even on a VPN; I'm sure on my home network I'd have an even lower score.

To me, it feels like Google's entire strategy behind reCaptcha is to make it harder to protect your privacy. We've basically given up on the idea that there are tasks only humans can do, and to me V3 feels like Google openly saying, "You know how we can prove you're not a robot? Because we literally know exactly who you are." I don't even know if it should be called a captcha -- it feels like it's just identity verification.

I don't think this is an acceptable tradeoff. I know that when reCaptcha shows up on HN there's often a crowd that says, "but how else can we block bots?" I'm gonna draw a personal line in the sand and say that I think protecting privacy is more important than stopping bots. If your website can't stop bots without violating my privacy, then I'm starting to feel like I might be on the bots' side.

> it feels like Google's entire strategy behind reCaptcha is to make it harder to protect your privacy

For the irony, I'm still logged into GMail and it still works perfectly, as basic HTML, even with google.com forbidden to run scripts. But it's the flippin' reCaptchas all over the place that make me temp-allow google.com, and then a reload later, temp-allow gstatic.com and reload again. Only then I get to use someone else's site normally, and I can disallow again... it's irritating. And then, this.

BTW that page plainly says the scores are samples and not related to reality. Refresh a few times and watch it change. 0.3, 0.7, and 0.9 seem to be my lucky numbers. I see everyone else getting those and 0.1.

Please stop reading things into it oh it's too late. Maybe they suddenly started seeing this page hundreds of times in the referrer and added that bit afterward, I don't know.

Dunno if it's changed recently or if I just didn't refresh enough before, but I'm now seeing basically random numbers as well.

If anyone wants a fun weekend project, I would love for there to be a few public sites I can reliably check my production score on.

I'm not sure it matters though, since I'm just ignoring most sites that use reCaptcha now. For sites I can't ignore, I've taken to emailing them with my requests instead -- recently I tried to use Spotify's internal data export tool and it wouldn't let me past. If you're not going to let me use a website to manage my existing account, then your support team can do it for me.

I see 0.9 I loaded https://recaptcha-demo.appspot.com/recaptcha-v3-request-scor.... several times and the score did NOT change.

Not sure how much Ublock Origin makes a difference. I have a score of 0.9 with it turned on.

I think this score is fishy. Ran the test three times and got three different scores.

I get the exact same score no matter what browser I use, despite uBlock Origin & Privacy Badger & Decentraleyes, even in private mode and with a VPN connection from a country I normally don't use. Hmmmmm...

When I just keep reloading, I get either 0.9 or 0.1. I get 0.1 more often. Interesting.

Maybe some browser extension can monitor the score and tell me what it currently is on each page load, when reCaptcha is used on some website. I'd just keep reloading, until it's good, and then try the captcha.

Same. FF dev, uBlock, Decentraleyes

Changing the FF content policy from Standard to Strict appears to have no impact on the score.

Opening in a Private window drops it to 0.7 for me. I have a bunch of add ons allowed in Private Browsing, so not surprised it only dropped a little.

Of course, if you have 3rd party frames and scripts disabled globally via uBlock, it doesn't even load.

Ublock Origin + NoScript on FF 60.7.2esr and got 0.9 as well.

[edit] tried in a private window and got the same score.

Does it change if you set privacy.resistFingerprinting=true in about:config?

FF private window + UBlock + Resist Fingerprinting = 0.1 for me

In my main FF window with UBlock + Resist Fingerprinting, logged into a ton of Google accounts, I also got 0.1

Going to guess that without fingerprinting data they are probably going to give you a 0.1.

Do you need to restart FF with that? After setting it to true and using a private window, FF still registers a score of 0.9.

First try in Vivaldi's private mode got me still a 0.3 . Then I tested it while being logged into Google and it went to 0.9 . However, when I tried it again in private mode, I got 0.9 there too. Temporary fingerprints show quite the effect.

I also get 0.1 with the same config as you, except that I had uMatrix disabled (which if anything, should improve the score in Google's eyes)...

so why are they having you solve image puzzles if they know that they are going to fail you? even if they know that you are human...

Firefox Focus, 0.3. You seem to have triggered something outright penalising.

It seems totally reasonable that Google knows you're not a bot if you have a Google account. This isn't the problem, although it hides the problem.

The problem is that they aren't trying harder for users who aren't logged in.

I’m just waiting for the AI-generates fake people and whatever way they will come up to monetize that!

Your privacy isn't nearly as important as you think, and as long as you continue to overvalue it, you'll continue to be unwilling to trade it for convenience.

That's on you, not Google.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact