Let’s hope the EU prevents this from happening. We should be able to access every site we wish without Google’s permission.
If google requires me to permit other companies to leech all my personal data to be able to use anything on the Internet at all, I say we label Google, Microsoft, Apple as criminal organizations
I’m sorry, bit there have to be limits.
I. DO. NOT. WANT. TO. USE. ANYTHING. GOOGLE.
OR APPLE. OR MICROSOFT.
FUCK ALL THESE OLIGARCH COMPANIES INTO THE GROUND
I do not want my private data leeches and sold every day, I don’t even get paid for it
Fuck em. If websites use this, I don’t need to see their shit or patronize their business. Google can eat a dick.
Lmao, will this include basic degoogled lineage? I bet it does.
How do you even scan a QR code if you’re browsing on your phone?
Drives me crazy how common this is too
You have to move all the black pixel blocks into the empty spaces and solve the puzzle to open the link. Than cenobites come out of your phone and show you pleasures beyond pain.
The “Mobile Verification” option “will initialize the reCAPTCHA app on your device”.
Default GrapeneOS camera app has a QR code scanner
And how can the camera scan its own phone screen for the QR?
My solution is take a screenshot and then open the file in a separate QR reader app that can open files.
Mirrors
Google lens. :facepalm:
exactly …
what will this mean for the upcoming motorola phones that can come with gOS installed?
They’re still subject to the same dumbassery Google is trying to pull. Any OS that doesn’t conform to Google Play standards is a target.
Watch Motorola sue Google for this.
And then Google retaliates by not allowing Motorola to include Google Play on any of their devices. In the end, Motorola just cancels their GrapheneOS partnership.
Monopolies are the number one reason everything sucks, and will continue to suck until we get non-corrupt politicians (which is impossible)
It’s funny, I hadn’t noticed, maybe because any site aleeady using reCAPTCHA or cloudflare alreadt gets blocked by my ad blocker… If those sites can’t do better on their own, its just another thing you don’t need. This is kind of a nothing burger. Stay strong and let google commit suicide.
Are you blocking Cloudflare at an IP level? Or just when they do that “Are you human?” thing? So much of the Internet goes through Cloudflare for DDoS protection, and blocking AI bots, I’m surprised there’s anything left.
How do you do that. I would love a Cloudfare free web experience. They suck.
This is really bad even just from the perspective of user behavior. Training people to scan QR codes from anything that looks like a captcha box is HORRIBLE for security.
“Thanks for scanning the code, just one more step! Please input your phone number, and type in the code you receive.”
Boom, account stolen.
It’s almost like they don’t really care about your security…
And the phone number thing is already happening too. Google, discord and probably other stuff already ask for a phone number to prove you are a human when they flag your account.
FUD.
I had one of these CAPTCHAs recently and it still gave me the option to verify by clicking the squares. I wouldn’t be surprised if they phased out the ‘legacy’ verification though.
closing the tab works better
well, I guess i will stop using those websites from my /e/os fairphone
That would make the two of us. My Fairphone 3+ is still kicking well with /e/OS.
What they are doing is way worse tban what you understood.
These QR codes will show on your Desktop PC and you will need an Android phone or an iOS device with a logged in Google QR code app to get past it.
so they are not only tracking you, but they are trying to reconnect your records across multiple devices.
And through the VPN
Ayup that has been the holy grail of big tech.
They are most of the way there today. Make Identity Resolution inescapable. Bing bang boom.
It is more than just phones and lappys too. It’s everything. That smart TV. That fitness watch. That automobile. That streaming music service. The ebook reader you got as a birthday gift.
Your behavior across every single device is data gold. This is today’s reality.
Yep, data gold to sell to data brokers and investors so they can sell you shit that you don’t need and can’t even afford.
I wouldn’t scan shit from a website. Random QR codes are a security risk. Just won’t visit that website.
That’s why you have to use the special google app that will protect you from all these dangers*
*and also collect all your data, sell it to advertisers and forward it to US surveillance agencies (for your own protection of course).
Sad thing is, that argument works against so many ppl. “I can trust this app. It’s from Google!”
We(*) are tearing down personal computing. Brick by brick. The very idea of controling our own devs is getting lost. Replacing with Big Tech Feudalism.
(*) Not most of us here. But in the whole pop.
Is it bad I use this for steam login? I thought that was secure …
AnDrOiD iS oPeN sOuRcE
AOSP is. Android is not.
deleted by creator
That would only make me install Graphene even harder if I wasn’t already writing from a phone with it
This. Time to stand up to Google and completely boycott the surveillance tech that the US is deploying.
This does seem to work with sandboxed Google Play Services on GrapheneOS btw.
I scanned the demo QR code on Google’s talk page about it with sandboxed Play Services enabled and it gave me a custom popup asking if I’d like to verify.
and you can do it from a second profile which contains none of your data.
Unless you’re doing that from a separate device in a separate location then all you’re doing is giving them the data they need to link those two accounts
You’re right, you’re not going to achieve complete anonymity if you’re interacting with Google services in any way, but you can reduce the amount of information that they receive.
Sandboxed Google Play Services doesn’t have privileged access to location information, so it can’t pull your GPS location or Wifi Positioning information. It would only see a blank profile and doing this would allow for your primary profile to continue to not run Play Services.
Any malicious code which could be injected into the process would find itself in a sandbox, on a blank profile and isolated from the rest of the system.
Google would only see that you are authenticating from a profile without anything installed, from an unknown location and coming from whatever VPN endpoint that you’d like. They could possibly infer that the blank profile and your ‘real’ profile are different via browser fingerprinting. You can randomize a lot of fingerprinting datapoints with browser extensions, but avoiding browser fingerprinting is a whole other topic.
The ‘real’ privacy solution is to avoid anything that uses this version of recaptcha. However, if you have to use these services then you can still reduce the amount of information leaked via Play Services by using a blank profile to scan the QR codes.
You’re right, you’re not going to achieve complete anonymity if you’re interacting with Google services in any way, but you can reduce the amount of information that they receive.
its not even about complete anonymity. google has zero business in when I’m logging into my utilities company account, or other semi-governmental portals!
it literally is their business; they make millions of dollars off of it.
That’s assuming they know I have another account
One more reason to switch to a Linux phone like Jollas new phone.
Good luck if you live in an authoritarian state. The governments have Google’s dick in their mouths.
