99.999% of people don't give a shit and don't even know what this means. They'll follow the instructions. These are the same 99.999% of people who press win+R ctrl+V enter when the captcha prompts them to. Because do this to see the dancing bunnies.
reply> press win+R ctrl+V
replyLOL is this real?
I guess yes, because yesterday ReCaptcha asked me to screenshot a QR-code with the mobilephone :-D
It’s a common thing for malware. But people are going to be more likely to fall for it when mainstream sites ask you to complete weird tasks with your phone to verify your identity.
replyPeople are constantly made to jump through strange hoops to do things on the internet. Unless you're really keyed in to what's going on, it's easy to fall for stuff like that.
replyIt is. There are fake Cloudflare CAPTCHAs on pwned Wordpress sites that instruct users to run Powershell scripts.
replyYeah, this is going to turn into another malware vector, isn't it?
replyDiscord has a feature where you can log into your account on your PC by scanning a code on your phone.
replySo does Binance.
Those are good things though? They’re about logging in, on purpose.
replyNot about attesting to Google that you have a proper smartphone as a proxy for your humanity, like this thing.
To prove you're not a bot, scan this QR code with Discord.
replyBut none of those options are requirements to access the service.
replyThey're requirements to access my website though! To prove you're not a bot, scan this QR code - with Discord.
replyThey will do exactly as it says while also ceaselessly complaining, completely unable to connect their choice to use a website with the pain of using that website.
replyThere's some sort of serious issue with learned helplessness or something
It's almost like some people aren't IT hobbyists.
replyI'm not a heart surgery hobbyist, therefore I don't chop people's chests open, no matter who suggests it.
replyI have blocked it for years with ublock origin, if a site doesn't work, ctrl-w.
Nowadays i cannot even use google search because of this, any search will trigger a captcha, hilarious (atleast on chromium-based browsers, firefox lets me get a page or two).
replyDitch Google Search as well then, use something like SearXNG or another meta-search engine. You'll get more representative results, no tracking and no captchas. Sometimes some of the engines may return captchas but they're kept from the search results, i.e. those engines don't get used for the query. You can run your own instance of SearXNG or one of the alternatives or use one of the available public instances, your choice. The fewer direct interactions with the likes of Google/Apple/Microsoft/etc. the better.
replyThe thing is even a contact form without something like reCaptcha is doomed on today's web: spam all day.
replyIf it's just a contact form on some random site that isn't particularly valuable to spammers, a bespoke solution like hidden input fields, obfuscation, or some kind of token calculated client-side by JS will probably work just as well.
replyThat used to be the case, unfortuantely today even bespoke solutions can be completed by automation - any anything that just requires running JS in a headless browser was ineffective for a long time already.
reply