I made an extension that bypasses online age verification
To show my stance towards online age verification, I made a small (literally, less than 10 kilobytes) add-on that will completely skip ageverif.net’s verification prompt. (Only that site (for now?))
With more and more data breaches going on it’s important to protect yourself by not sharing unnecessary data, and to show how broken some age verification platforms are!
It’s #opensource too! https://github.com/helloyanis/agechecker.net-bypass (more info on why I do it is in the readme)
Bought a plot of land in a small town decently out of the beaten path. Nothing too crazy, just 650 square meters. Been learning pottery and some homesteading skill. In a month and a half I pack the essentials I need on my bicycle and just try my best to leave this rotten system as much as possible.
Fuck all this. I’m going to get me one of those wood burning pen thingies and write on old boards I find around the street and in the alleys. I’ll leave them back where I found them and show up every few days to review any comments.
You could make a website from this. Great idea. I want to see the comments.
Has anyone else noticed that suddenly boat loads of sites suddenly complain about “suspicious activities non your account” and blocked your account?
But don’t worry! All you need to do is give them all your private information, your passport, your driver’s license, and your first born and it’ll all be fine!
I’m in rather desperate need of a job, 2 more weeks and I’ll have to leave the country I called home for 5 years now because I’m not allowed to work here anymore and I can only get international remote jobs… So I’m desperately looking for sites like remote.com and two of these fuckers already blocked my account right after registration “because of suspicious activities on my account”. You mother fuckers, I haven’t even had the time to be suspicious, I just registered.
Bit alas, since I have no choice, I must sendy passport and personal data and biometrics (face) to persona.com or be fucked
I hate the world we live in, I hate it.
I just want to enjoy my quiet life. I don’t need a Lamborghini, I don’t need expensive shit, I like a little bit of computer, not even gaming, but nope, can’t have nice things, can’t enjoy anything anymore, the rich need more
Fuck this shit
Life is no longer worth living. I’m basically done.
But don’t worry! All you need to do is give them all your private information, your passport, your driver’s license, and your first born and it’ll all be fine!
Weird. I had to solve a bunch of CAPTCHAs and also I have a limited set of services I use daily.
It’s horrible. I would also play along under your circumstances but if I don’t absolutely have to, I will not send any identification to big tech companies or online sites in America. I’m swedish and I don’t need to use any American sites.
I will give up YouTube, email, search engines… And replace them with any option without this bullshit.
Check you IP on a blacklist checker. I was (am) on one for no apparent reason. They will do that, I was refused email accounts, refused access to wikipedia talk, and corporate emails keep trying to force me to hand over personal information. Tutamail may still give you an email, don’t bother with proton.
https://whatismyipaddress.com/blacklist-check
You don’t need to do anything just go to the site, if it’s the same one, and click check, and it goes through several dozens of these blacklisting sites.
That can be caused by how the browser is set up. If you use Firefox with resistFingerprinting disabled and the only privacy extension being uBlock Origin then the sites should work fine.
No, but that does reminds me that I need to set that up as well
I’m close to giving upon the internet entirely, beyond Lemmy that is.
I have nearly everything self hosted and once that’s done, I will fucking refuse to use anything beyond that
We’ll, wikipedia is cool still
Of course forks should also work, but make sure resistFingerprinting is off and WebGL is allowed.
Congratulations, you’ve made the first “must-have” extension to get added to my list in years
@rockSlayer Glad you like it! Hopefully it gets approved on the store so it can be installed more easily!
Lol, is it just an
onclosedfunction call?!I myself haven’t seen any age verification popups yet, due to me always being on a VPN, but I admire you for writing the bypass and making it open source.
I hope this continues to work, but seeing how dystopian the surveillance is getting, I won’t be surprised if everything is handled in the backend in the near future (client <-> server, client <-> verification provider, server <-> verification provider); sort of like how payments are handled.
It might get there eventually but for now we can probably continue to coast on various combinations of general ineptitude, cheapness, laziness, and ignorance on part of people implementing these systems.
@TheDarkQuark if they change it, then all of the websites using it will also have to change their code. But I don’t think they will change it unless the extension goes crazy viral, they won’t bother imo
Doesn’t matter, even if they do then you and others, well I guess “we” now, can come up with another solution. AdBlocks are still there … because they work. It costs very little to fix (add or modifying a regex by 1 person that suddenly reaches thousands if not millions of users) whereas they have to find a new solution that is indeed compatible. It’s not a race they can win.
Why
agechecker.net-bypass? Suggestion: Change that name to something more generic likeagecheck-bypassquick. You will almost certainly run into other URLs you can add in, and future users are going to think this only works with “agechecker.net”.@Fmstrat When it works on other site I will change the name! For now it only works on agecheck.net so it’s named like that to not confuse people who haven’t read this post.
OK, but that’s going to be a lot more confusing when it happens for existing users. Especially if a platform requires you to start over vs update a name.
@Fmstrat Well technically I added support for another platform just now (see github) and so I changed the name. I don’t think in 1 day I had too many users lol
doing the lords work
Can’t this just be a filter in uBlock Origin? What does this do that is special that uBlock Origin can’t do?
You can at least block ageverif.com with uBO
||ageverif.com/checker.js^$allYou need to send data to a callback URL. Blocks won’t work, that’s basically like sitting on the verification screen and doing nothing.
@bamboo I dont’t think so? I’m not sure how uBO filters works but the popup file is supposed to send an event to the main page to let it know that the verification is done and I don’t think uBO filters can do that
In your experience do sites fail open or closed if the JavaScript from the third party not load? Like will the site wait for the event of the JavaScript library is never requested or loaded?
@bamboo Not sure if that’s exactly what you mean but each site can set up the age verification by loading a script and adding event callbacks, like redirect_url to set an URL to be redirected to once the verification is over, and onclosed which occurs when the verification is successful, and where the site can set some code to run.
So if you just block the popup, it never appears and can never fire onclose and the code that happens after will never run.
Since sites are often minified and obfuscated, and the call for the popup can come from any file, I just replaced the response to requests to the popup URL, to have my own script that fires the event and/or redirects to the page, so that it works every time.
I think the only way to counter this is, if they change the URL (I can later update it too, or if a website hosts their own version of the file (so it will be at a different URL and be undetected). But all of these have easy workarounds as well.
Curious to know this as well. I think it’s possible, but I myself am not capable of writing the filter.
And of course a furry.
Is always a furry that save humanity.
@ZeroHora This is just a facade so that we eventually take over the world, but shh!!
!remindme 4 months (yes I need a reminder bot)
I don’t get it. The block is only a front end thing? No server side check?
@kutt The block is a front-end popup that sends ID data to the back-end, and when the back-end completes verification, the front-end dispatches an event and closes the popup window.
So if, let’s say, an extension replaced the popup script by something that would fire the event immediately, then sites would work!
That’s surprising. Thank you for the explanation!
How did you discover this was bypassable ?
@cipherd Snooping around in the console and not wanting to show my face to some random website! Also, reading the docs on their site helped.
More technical details https://github.com/helloyanis/agechecker.net-bypass/issues/14#issuecomment-4801644570
Hosted on github, which is owned by Micro$lop. One of the companies who are pushing this age verifying crap (and has ties with Peter Thiel). Is it a good idea to host it there?
Why? What can they do? Force you to git push it to a new remote on codeberg?
Along those lines I have always though of the fact you can download a windows script from github to active windows and/or debloat it.
@[email protected] is it librewolf compatible?
Might also be handy to put it on Codeberg!
Absolute royal owo
@[email protected] ok I gotta attend to self-care needs, will install on return and get back to you.
