It makes sense that VPN users see CAPTCHAs though… By design, it’s hard to differentiate an attacker from a legitimate user, and there’s a LOT of cyberattacks that go via VPNs.
That’s also why banks and online stores don’t like VPNs. It’s hard to tell if it’s you logging in vs if it’s an attacker using the same VPN as you.
I mean properly you could say that about most any public network though. So far I haven’t had to deal with such but I wonder what the experience for those who’s ISP sticks them behind a CGN is on that front.
The difference with a public network at a coffee shop or whatever is that people usually aren’t using that network for DoS attacks.
who’s ISP sticks them behind a CGN is on that front.
Good ISPs that use CGNAT also use IPv6, and modern OSes prefer IPv6 over IPv4. There are some bad ISPs that use CGNAT and don’t support IPv6, in which case I imagine the experience for users isn’t ideal. I’ve tried using a network like that and kept getting “unusual traffic from your computer network” CAPTCHAs on Google.
But checking a box only works if they can somehow determine you’re human (cookies, crawlies, i dunno). Which may work if you’re only using uBlock, but not with a hardened user.js.
Captchas is one of the reason why I ditched Google as my default engine because I started having nightmares about blurry low res pictures of motorcycles and busses and pedestrian crossings broken up into squares.
Since I started using a privacy respecting browser and moved to GNU/Linux, my whole life is captchas.
Try using a VPN on top of that.
It makes sense that VPN users see CAPTCHAs though… By design, it’s hard to differentiate an attacker from a legitimate user, and there’s a LOT of cyberattacks that go via VPNs.
That’s also why banks and online stores don’t like VPNs. It’s hard to tell if it’s you logging in vs if it’s an attacker using the same VPN as you.
I mean properly you could say that about most any public network though. So far I haven’t had to deal with such but I wonder what the experience for those who’s ISP sticks them behind a CGN is on that front.
The difference with a public network at a coffee shop or whatever is that people usually aren’t using that network for DoS attacks.
Good ISPs that use CGNAT also use IPv6, and modern OSes prefer IPv6 over IPv4. There are some bad ISPs that use CGNAT and don’t support IPv6, in which case I imagine the experience for users isn’t ideal. I’ve tried using a network like that and kept getting “unusual traffic from your computer network” CAPTCHAs on Google.
There are some really awful captchas out there. I miss the days of just typing out some stretched and tilted numbers and letters.
OTOH there are captchas that you just need to check a box today. It boggles my mind this is not more widespread.
“No, let’s make our users play a fucking puzzle for a minute before granting them access”.
But checking a box only works if they can somehow determine you’re human (cookies, crawlies, i dunno). Which may work if you’re only using uBlock, but not with a hardened user.js.
Of course, they want you to train their AI for them.
Those captchas only work because you previously have correctly solved a captcha and it saved your session. It is a credential-less login.
That’s not true. Look how invisible recaptcha works.
Firefox and Linux have not really caused any more captchas than I had on windows, using a VPN on the other hand is horrible.
Captchas is one of the reason why I ditched Google as my default engine because I started having nightmares about blurry low res pictures of motorcycles and busses and pedestrian crossings broken up into squares.
Has anyone else received a reCAPTCHA from Google where they intentionally pixelated the image squares you have to click?
Yes I have come across those. They want new data lol
It may be because I have all history turned off, and I run a pihole + ublock origin.
Even just using a VPN makes google spam me with with captcha after captcha for each search