Artwork

Content provided by The Scales of Truth. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by The Scales of Truth or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Player FM - Podcast App
Go offline with the Player FM app!

TSOT083: Google's ReCaptcha - Example 9,502,301 on why Big Tech is your enemy (aka, yet another tech shell game)

39:04
 
Share
 

Manage episode 422637003 series 2983590
Content provided by The Scales of Truth. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by The Scales of Truth or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Isn't it funny how they really say it up front - By all superficial accounts and impressions ReCaptcha is just a test of being a human - you found all the pictures that included parts of a bike for instance - so you've proved yourself and off you go.
But what is demonic spyware-as-a-business-model Google ACTUALLY doing?
First, what they always do - lie to your face.
Second, more specifically, capturing (CAPTCHA-ing and RE-CAPTCHA-ing) all kinds of data about you.
That is, something as easily clean as "they passed the test - move on" is really monitoring the hell out of you, sending data back to US processors, when there are perfectly more simple and elegant process for even their stated "advanced monitoring" rationale (a rationale that would not even seem necessary)
Google's secondary excuse to distract tech heads: "Oh, well if they were to be able to visit the site and then fill out a form and complete the 'order' in an inhumanly quick time then they must not be a human".
Okaaaay.. but your Turing test was supposed to screen that ANYWAY! That was the predecessor! Making any further lame, less elegant, reverse Turing test inapplicable!
But sure... let's say it would be logical to apply yet another "are you human" after you've applied a legitimate one already (it's NOT logical, but let's say) . . .
A beginning coder could program using timestamps and record locally how long it takes from beginning of interaction with website to finishing an order. Or could record how long it takes to fill out a form.
In no way, shape, or form, would that require it to be sent BACK TO THE U.S. FOR "PROCESSING".
Our main source for this analysis and discussion is an article on how a website could stay compliant with European Union privacy regs and still use ReCaptcha. Spoiler: It's not out-of-the-box compliant.

Yes... .wait for it.. F'ing google, with more money than many small countries, in no way should be expected to just make their self-contained product compliant with privacy regs for nearly an entire continent.
#Sarcasm
It's left to individual website owners to take on the risk of informed consent for web visitors.
We also mention the parallels of creeping lower levels of expectation of privacy and its parallel to U.S. Fourth Amendment (I darned well know that, but initially called it fifth amendment) search and seizure law (i.e. warrants, probable cause, and the like).
In the end, the article says exactly what I'm telling you. As regard "proportionality" of how much data you should be collecting, versus your need to collect, in terms of the concerns of privacy invasion , the United Kingdom's Information Commissioner's Office (ICO) says this is the relevant measure:
“Is the processing proportionate to that purpose, or could it be seen as using a sledgehammer to crack a nut?”
In answer, the article cited states simply:
"Google ReCaptcha V3 takes a sledgehammer approach."
The article "GDPR & Recaptcha: How to stay compliant with GDPR" on measuredcollective.com goes on with more analysis and information than covered in this podcast, including alternatives to F-ing Google, that are relatively proportionate (i.e. HCaptcha, FriendlyCaptcha).
One, wait for it, doesn't even have to use cookies.
But waaait - how could King-of-the-World Google need all this complexity but another solution needs not but a tiny fraction of what Google needs, to do "the same job"???
BECAUSE GOOGLE'S BUSINESS MODEL (that probably makes them vast NSA and/or CIA or DIA money on the "side") IS SPYWARE!!!!!!.

=========================================
Thanks for listening! Please feel free to email me at tysonharley1776@duck.com with requests for appearances, thoughts, feedback, questions, observations, or show ideas! Please like my episodes and follow my show if that is what feels right to you!

  continue reading

218 episodes

Artwork
iconShare
 
Manage episode 422637003 series 2983590
Content provided by The Scales of Truth. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by The Scales of Truth or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Isn't it funny how they really say it up front - By all superficial accounts and impressions ReCaptcha is just a test of being a human - you found all the pictures that included parts of a bike for instance - so you've proved yourself and off you go.
But what is demonic spyware-as-a-business-model Google ACTUALLY doing?
First, what they always do - lie to your face.
Second, more specifically, capturing (CAPTCHA-ing and RE-CAPTCHA-ing) all kinds of data about you.
That is, something as easily clean as "they passed the test - move on" is really monitoring the hell out of you, sending data back to US processors, when there are perfectly more simple and elegant process for even their stated "advanced monitoring" rationale (a rationale that would not even seem necessary)
Google's secondary excuse to distract tech heads: "Oh, well if they were to be able to visit the site and then fill out a form and complete the 'order' in an inhumanly quick time then they must not be a human".
Okaaaay.. but your Turing test was supposed to screen that ANYWAY! That was the predecessor! Making any further lame, less elegant, reverse Turing test inapplicable!
But sure... let's say it would be logical to apply yet another "are you human" after you've applied a legitimate one already (it's NOT logical, but let's say) . . .
A beginning coder could program using timestamps and record locally how long it takes from beginning of interaction with website to finishing an order. Or could record how long it takes to fill out a form.
In no way, shape, or form, would that require it to be sent BACK TO THE U.S. FOR "PROCESSING".
Our main source for this analysis and discussion is an article on how a website could stay compliant with European Union privacy regs and still use ReCaptcha. Spoiler: It's not out-of-the-box compliant.

Yes... .wait for it.. F'ing google, with more money than many small countries, in no way should be expected to just make their self-contained product compliant with privacy regs for nearly an entire continent.
#Sarcasm
It's left to individual website owners to take on the risk of informed consent for web visitors.
We also mention the parallels of creeping lower levels of expectation of privacy and its parallel to U.S. Fourth Amendment (I darned well know that, but initially called it fifth amendment) search and seizure law (i.e. warrants, probable cause, and the like).
In the end, the article says exactly what I'm telling you. As regard "proportionality" of how much data you should be collecting, versus your need to collect, in terms of the concerns of privacy invasion , the United Kingdom's Information Commissioner's Office (ICO) says this is the relevant measure:
“Is the processing proportionate to that purpose, or could it be seen as using a sledgehammer to crack a nut?”
In answer, the article cited states simply:
"Google ReCaptcha V3 takes a sledgehammer approach."
The article "GDPR & Recaptcha: How to stay compliant with GDPR" on measuredcollective.com goes on with more analysis and information than covered in this podcast, including alternatives to F-ing Google, that are relatively proportionate (i.e. HCaptcha, FriendlyCaptcha).
One, wait for it, doesn't even have to use cookies.
But waaait - how could King-of-the-World Google need all this complexity but another solution needs not but a tiny fraction of what Google needs, to do "the same job"???
BECAUSE GOOGLE'S BUSINESS MODEL (that probably makes them vast NSA and/or CIA or DIA money on the "side") IS SPYWARE!!!!!!.

=========================================
Thanks for listening! Please feel free to email me at tysonharley1776@duck.com with requests for appearances, thoughts, feedback, questions, observations, or show ideas! Please like my episodes and follow my show if that is what feels right to you!

  continue reading

218 episodes

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Quick Reference Guide