WingNews logo WingNews
top | item 20149337

(no title)

grinsekatze | 6 years ago

I just wasted ~15 minutes on doing the disqus login captcha under different conditions .. turns out that as soon as uMatrix is enabled (and blocks 18 cookies from google.com and 5 more from www.google.com), it starts to act up and get annoying..at least for me.

It then takes between 1 minute and 1 minute 30 to get past the recaptcha when blocking those cookies - and I was certain to be 100% correct in most cases and it kept asking me to solve more and more ..

most of the time spent solving the captchas is from the countless '4s fade ins' via inline style when cookies are blocked (as opposed to 1s fade ins via css, when cookies are set).

I'm curious why they would add 3s to the fade in if their cookies are blocked .. does that help to fight off bots, or does google just want to punish me for blocking their cookies?

discuss

order

penagwin|6 years ago

That's what I don't understand. If you're building a bot to get past reCAPTCHA then you're almost certainly in some selenium/chrome headless environment, with full chrome support of cookies, Javascript, you name it. There's certain methods of detecting such environments based on their environmental variables there were again more work around to patch those.

Also the fade is irrelevant because the bot already has access to the image without the fade (although it still has to await the fades completion to continue).

tylerl|6 years ago

The fade thing is to rate limit attackers.

By blocking specific cookies you're making yourself look like a certain kind of botnet, so obviously you're going to have a difficult time convincing the site that you're a legitimate user.

Most users don't block normal cookies, so if you go tweaking the machinery that manages the relationship between your browser and the site, then be prepared to deal with a buggy experience. This is what it means when they say that what you're doing is "unsupported." Nobody is going to spend any time optimizing for your weird setup.

xvector|6 years ago

Once again, Google obstructs the web for people who take even basic privacy measures.