Comment by coppsilgold
17 hours ago
My understanding is that this new reCAPTCHA is basically just remote attestation.
Remote attestation doesn't use blind signatures (as that would be 'farmable') so tying the device to the 'attestee' is technically possible with collusion of Google servers: EK (static burned-in private key) -> AIK (ephemeral identity key in secure enclave signed by a Google server) -> attestation (signed by AIK). As you can see if the Google server logs EK -> AIK conversions an attestation can be trivially traced to your device's EK. This is also why we don't really see and probably never will see online services which offer fake remote attestations, as it will be pretty obvious that the next step of running such a service is getting Google as a customer and having all your devices blacklisted. Private farms probably won't last long either as I'm sure Google logs everything and will correlate.
Unless something special is done with this new reCAPTCHA not only are you locking internet services behind TPM chips but you are also surrendering anonymity to Google. Unless you acquire untraceable burners for every service, the new reCAPTCHA will be technically capable to tying all your accounts across all these services together. Much like age verification. It may appear that the service would need to cooperate to link the reCAPTCHA session to your registration but the registration time alone will likely be sufficient (the anonymity set will be all but destroyed).
> Much like age verification
Age verification as a technical concept can be done in a privacy-preserving manner! Whether or not we want age verification is another debate, but let's stop making wrong technical claims about that: it doesn't help.
Really, how?
At some point someone will need to issue a key, which at some point will need to be verified against known good signatures.
These signatures will also need to be kept in case of lawsuirs/enforcement, so if somebody gets access they will know you visited that site
The trick is to define "privacy-preserving age verification" in an extremely narrow way that ignores any other privacy concerns.
For example, imagine you put the same private key into the 'secure element' of every single iphone. You use code signing so that key is only unlocked when the phone is running unmodified iOS with all security updates. You use encryption and remote attestation for the front-facing camera and face id depth sensor. You use NFC to read government-authenticated age and appearance data from biometric passport chips (or digital ID cards) and you store it on-device.
Then, when you want to access pornhub, they send an age challenge to your device, your device makes sure your face matches the stored passport, and if so it signs the challenge with the private key.
Pornhub gets an Apple-signed attestation of age - but because every phone signs with challenges with the same private key, Pornhub can't link it to a particular phone or identity document.
So in a very narrow sense, privacy is preserved.
You can't use someone else's ID, as it checks your face every time. You can't fool it with a photo of the person because of the depth sensor. You can't MITM/replay the camera/depth data because the link is encrypted. You can't substitute software that skips the check with a rooted phone because of the code signing. Security holes can be closed by just pushing a mandatory OS update.
Sure, it doesn't work on PCs. Doesn't work on Linux, or on unlocked/rooted phones. It hands users' government ID documents over to Google and Apple. It requires people to carry foreign-made, battery powered, network connected GPS trackers (with cameras, microphones and speech recognition) with them. And there are non-negotiable terms of service everyone must agree to. But if you define "privacy-preserving" to ignore all that stuff and only consider whether Pornhub learns your identity, it's privacy-preserving.
1 reply →
Parental controls on device are a better solution that work today and don't carry a risk of data breach.
3 replies →
Ring cryptography does this - given a public key and a set of private keys you can attest that one of the keys signed it but not which one. This lets both Google and you generate a signature and say “this is attested”, without the person verifying it knowing _who_ signed it.
It should be possible with zero knowledge proofs.
The problem is that while you might be able to trust the crypto, the government won't trust you to do the crypto entirely by yourself. And this introduces avenues for deanonymisation. Moreover, collusion between the government and the entity making the age check can also theoretically deanonimize.
It's a complicated problem.
We continue to seek a technological solution to a parenting problem.
With cryptography. Look at e.g. Privacy Pass, there is an RFC about it.
All states/governments have basic records on their citizens and residents, including at least a name, dob, address, etc, at least for a passport, driver's license, if not an actual id card. Let's assume this is acceptable.
Then it's technically possible (and really not that difficult) for states to provide a service that issues zero-knowledge proofs of facts like "age > X".
https://ageverification.dev/
> Unlinkability is achieved by design through Zero-Knowledge Proof cryptography see the "Privacy by design" section below.
Divorcing technical detail from how it is used does little good for humanity.
worth noting that google/twitter/facebook/reddit/others colluded to combine sessions, identifiers, so that any person getting identified on any one session / ip would be identified on all
so while this comment is apt, i would ask them what they think of the previous chicxulub impact of the 2012 era collusion - which to this day has not been reported on
(just realized emacs bindings work in comments, nice, no ctrl-x tho)
I was going to ask for more info on this collusion but you say it wasn't reported. And googling "chicxulub" just gives a volcano.
Is this speculation, or has it been confirmed somewhere?
"Chicxulub impact" seems to be functioning as a bit of hyperbole to imply that this collusion was absolutely devastating, by analogy to the K-T extinction event 66 million years ago.
Not that I really can tell what this was devastating to. Maybe United States v. Apple (2012), where Hachette Book Group, Inc., HarperCollins publishers, Macmillan publishers, Penguin Group, Inc., and Simon & Schuster, Inc. conspired with Apple to raise ebook prices?
1 reply →
Colluded how?
If you run a website, it seems trivial to forward the attestation to someone else by putting the same code up on your website, and getting their device banned from google instead of your own.
The domain in the attestation would be yours, so that wouldn't work
How would the phone camera know the domain name of the website displaying the QR code it's scanning?
9 replies →
Some people will notice, some will not
Realistically, what Google will do in such a scenario is collect data about the illicit service, enumerate the devices the farm uses and what other activities the devices participate in. What you suggested has far less control over the devices that generate the attestations and it will show.
Also, if the implementation is competently done the phone will show the website for which you scanned the QR code. A user would be able to see whether or not that matches the site where they observed the QR code and proceed accordingly. In time Google will probably integrate it into the Chrome browser where a proxied QR code cannot even be shown.
Stop visiting sites and using services that use reCAPTCHA. Problem solved.
That's great until it's some essential government, medical, educational, etc. service that you have either no alternative to or no alternative that isn't also using the same thing. I'm already being slowly and incrementally softlocked out of some (fortunately non-essential so far) sites either by cloudflare or other more subtle "anti-bot" networks as time goes on, including some like I've listed above. I can only expect this will continue until it's something I can't avoid.
For some reason, I'm softlocked from booking tickets from Deutsche Bahn. The website errors out with a cryptic "Your browser's behavior resembles that of a bot." message with no option to try again or pass a captcha or whatever. The website itself described several possible solutions but none helped (I tried using different computers, different internet connections, even a phone connected to internet using a SIM from a different country).
As for now, when I need to travel to Germany, I just book tickets through the national carrier of my home country, which for cross-border tickets often turns out to actually be cheaper than booking through DB. Thankfully I don't live in Germany proper and my need for travel there is not that high (once or twice a year at most) but I wonder what would I do if I had to move to Germany and use trains there more often.
1 reply →
> That's great until it's some essential government, medical, educational, etc. service
At which point you should contact your attorney general, and work to ensure such efforts face legal challenges at every turn.
> Stop visiting sites and using services that use reCAPTCHA. Problem solved.
Not solved at all: 99.999% of users don't give a damn and use a Google-signed Android.
My opinion is that because they don't give a damn does NOT mean regulations should not protect them. What Google is doing here is anticompetitive and they should be fined (antitrust and all that).
With the new reCAPTCHA this is going to happen because most human visitors will actually be unable to pass the CAPTCHA. It will be interesting to see whether this makes websites ditch reCAPTCHA or whether they literally just don't care about having customers, an attitude that seems to be getting more and more common every day.
I have been unable to give my money to Home Depot, REI and a growing list of online retailers because they use Akamai EdgeSuite, which just assumes I am a bot and 403s on protected API calls. This happens consistently on any IP and any browser on my Linux desktop/laptop.
10 replies →
> most human visitors will actually be unable to pass the CAPTCHA
Most human visitors will never ever notice the change. reCAPTCHA is completely invisible for most human visitors because they are allowed to pass just by fingerprint.
It's not like an average user is going to have to scan a QR code every time they visit a site via web browser. If it were like this then it would be a non-issue because no sane website would adopt this system. But it isn't.
One problem with these things is that businesses have minimal visibility on the amount of users they lose.
On the opposite, if they see reports of many visitors not completing the captcha, they're likely to think "Wow so many bots!!! This defense nowadays is indispensable..!".
Sometimes you need to pass a captcha even to contact them (if you want to tell them that you can't pass their captcha).
4 replies →
>> whether they literally just don't care about having customers
So every government website. Every website where people simply have no choice (DMV) or where failure to login results in them not claiming the money/benefits they are due (all tax websites). And every website handling post-sale complaints (Airlines, insurance).
Or stop spreading this extraordinarily naive view of how the world works.
I'd love to, but I'd not be able to visit many sites anymore thanks to Cloudflare...
HN uses reCAPTCHA under certain conditions
I've not hit it but that would suck.
Yeah, live in a cave, and problem solved.
However much I hate it, right now among the sites using reCAPTCHA there are many that I strongly want to use.
Let's find a better solution please
> Let's find a better solution please
Is there an argument here that Google is creating a monopoly?
Could this be challenged on similar grounds that forced Microsoft to recommend other browsers to users on Windows?
7 replies →
sieabahlpark, I probably hate this more than you, you misunderstood
[dead]
So what are you doing here?
> Ask HN: Did HN just start using Google recaptcha for logins? [0]
> dang
> No recent changes, but we do sometimes turn captchas on for logins when HN is under some kind of (possible) attack or other. That's been happening for a few hours. Hopefully it goes away soon.
[0] https://news.ycombinator.com/item?id=34312937
Stop visiting sites and using services that use reCAPTCHA. Problem solved.
No. Bigger problem created, since there are innumerable government, health care, and educational web sites that use reCAPTCHA.
I'm not going to give up reading the test results from my doctor because of some simplistic ideologue decides that it's "problem solved."
The other problem with this is that there are few CAPTCHA alternatives.
CF turnstile is one, but of course that means Cloudflare owns even more of the web.
HCaptcha is inaccessible and actively discriminatory against individuals with disabilities and refuses to change, to the point that I suspect the only way that they will do anything is to file a class-action against them and sue them into the ground.
And I... Can't think of anything else. Other than to just get rid of Captchas entirely.
3 replies →
At least in my country (Poland) you should be able to make a pretty bug fuss and resulting in them fixing it, if indeed one of ego services made you leak all your data to Google.
People do care about such things.
I hope the same is true in other EU countries.
Compliance is what makes all that shit possible. Sadly most people are compliant and made so by gradually increasing their dependency on "commodities" which really are anchors to a shit lake.
1 reply →
I agree, and I think CAPTCHA is a disservice on public websites.
> I'm not going to give up reading the test results from my doctor
You could just call them.
3 replies →
[dead]
When companies like this exist, what is the point of relying of TPM? Looks like the future is bright for VC backed bots
https://doublespeed.ai/
I'm assuming that's a troll / sarcasm / fake... But that could just be my last vestige of faith in humanity.
Edit: aaaand... That's another little sliver of my faith gone : https://www.theatlantic.com/podcasts/2026/04/how-fake-people...
Yeah, it's real. Say goodbye, faith!
How is this not grounds to be sued into oblivion by Google and Meta? They clearly violate ToS for profit. This is something I expect to find on a dark web forum where 0days are traded, not in public.
This kind of thing has been common for ages. Obviously AI has kicked it into overdrive, but it’s not darkweb kind of stuff.
Note that they do not mention any specific companies on that landing page. That is pretty intentional.
But realistically going after bots is expensive and rarely successful, so most companies don’t do it. Even if you find the guy, the chances they can be legally reached are pretty low.
> How is this not grounds to be sued into oblivion by Google and Meta?
Because they don't care. It doesn't matter that it's AI slop, it generates views. And Google and Meta can bill advertisers for those views.
Zuckerberg is paying people to put AI slop Shrimp Jesus on facebook. (Not directly to platforms like this, but with the incentive structure)
Really, they're not just cashing in on the views of AI slop being put in front of boomers. They're cashing both ways; While the low end spam industry is merely guessing and iterating on whatever generates views, the more refined spammer does not leave the performance of their latest slop post up to chance, and just uses good old viewbotting. Viewbotting that these days, is mostly done on real devices. Which show ads, to the bots or underpaid developing world workers. Google and Meta'll still charge you for those impressions though.
The losers? People who sincerely try to use these platforms, and whatever idiot businesses are still paying for ads by the impression or click, rather than conversions that immediately generate revenue.
Violating ToS isn't illegal in most cases. Companies just put scary looking clauses in their ToS to discourage you from doing things they don't like.
2 replies →
Why is every startup using that same Serif font now, Garamond or whatever. Is it an LLM design phenomenon? Its kinda ruining that font style for me.
Also $1,500 a month for 10 "influencers" is wild. This doesn't seem that sophisticated unless they're doing something special to increase trust scores of accounts. They say they have "in house warming algorithm" which honestly doesn't inspire confidence for me.
Whats funny is its almost a certainty (if they are doing things correctly) that they have literal farms of phones (probably in SEA). The only real way to keep trust high is to have a real mobile connection and unique devices. Proxies are okay, but you really need to use the apps on real hardware.
I think the font is mimicking old Apple ads, eg: https://i.insider.com/5bf8592eb73c284de50e2f28
1 reply →
Yep. They got hacked in the past, 1k+ smartphones reported.
The cost is the attestation keys of a real phone. Once it gets burned, the phone is useless to them.
https://www.penligent.ai/hackinglabs/inside-the-ai-phone-far...
2 replies →
Reckless Condensed?
These companies would have to buy one phone per fake influencer.
Wow that is so dystopian.
[dead]
> My understanding is that this new reCAPTCHA is basically just remote attestation.
Yes, somehow "parse this QR code" would not have made my top 500,000 list of 'tasks that a human can do more effectively than a computer'.
I'm sure some people still remember how to mentally decode QR codes and verify ECDSA signatures from Covid days. Public transit ticket inspectors in my city also seem to be quite proficient at it :)
I don't see any requirement to support hardware attestation in the recaptcha documentation, the Play Services seem to be "enough".
I think it's most likely to be attested by Google remotely; they might be using an app (with enormous access to the phone as the Play Services have) to be able to link a ton of data together, possibly including the local activity on the phone, officially to make better humanity assessments based on it all.
For people using a Google account it probably won't make a huge difference, in terms of data collected.
If that's how it would work, spoofing would probably be theoretically possible, but it would be easy for Google to detect attestations used by multiple people.
Let's not forget that this is an update to a very approximate system, absolute security is not (yet) required.
But there's a good chance that it will be extremely hard to sidestep, despite that.
> I don't see any requirement to support hardware attestation in the recaptcha documentation, the Play Services seem to be "enough".
Doesn't Play Integrity use hardware attestation, but specifically checking the Google keys?
If you use the Play Services on GrapheneOS, you still don't pass Play Integrity because your system is signed by GrapheneOS and not by Google.
> they might be using an app (with enormous access to the phone as the Play Services have) to be able to link a ton of data together, possibly including the local activity on the phone
But anything your phone can possibly do in software can be spoofed, so how would that help?
Shouldn't that be illegal under GDPR?
There are massive exemptions for the prevention and detection of crime
And https://gdpr.eu/recital-49-network-and-information-security-... :
> Recital 49 - Network and Information Security as Overriding Legitimate Interest
> The processing of personal data to the extent strictly necessary and proportionate for the purposes of ensuring network and information security, i.e. the ability of a network or an information system to resist, at a given level of confidence, accidental events or unlawful or malicious actions that compromise the availability, authenticity, integrity and confidentiality of stored or transmitted personal data, and the security of the related services offered by, or accessible via, those networks and systems,...
It's funny how people after all this time think 99 Articles, 173 Recitals and a huge tech lobby equals a water-tight, pro-citizen, impenetrable privacy law with almost no exemptions.
> Google didn’t demand iPhone users install Google software to pass the test.
Can de-Googled Android phones present themselves as iPhones?
Apple has their own remote attestation infrastructure and you will not be able to impersonate an Apple device without extracting private key material from the secure enclave of a legitimate Apple device or compromising Apple certificate authority private keys.
Is this actually available in Safari?
1 reply →
Can they present themselves as... web browsers?
Yes, and then they'll get served a QR code that you have to scan on a phone Google approves of.
[dead]