I saw this coming from miles away. Computers are better at solving CAPTCHAs than people are and people can be bribed or convinced to join botnets so IP whitelisting doesn't work either. Now we have tons of fingerprinting and behaviour analysis but governments are cracking down on that. Plus, YouTube had a massive ad fraud problem with ads being played back in the background in embedded videos, so their detection clearly wasn't good enough.
There aren't many good ways to prove you're not a bot and there are even fewer that don't involve things like ID verification.
Their opt-in approach helps shift the blame to individual web stores for a while, so who knows if this will take off. But either way, in the long term, the open, human internet is either going away or getting locked behind proofs of attestation like this.
Apple built remote attestation into Safari years ago together with Cloudflare and Google is now going one step further, as Apple's approach doesn't work well against bots that can drive browsers rather than scripted automation tools.
Luckily, their current approach can be worked around because it's only targeting things like stores now and you can buy things from other stores. Once stores find out that click farms have hundreds of phones just tapping at remotely served content, uptake will probably be limited.
It'll be a few years before this is everywhere, but unless AI suddenly isn't widely available anymore, it's going to be inevitable.
From "Don't be evil" to building the largest, most invasive, surveillance operation the world has ever seen.
That was true before this, but this indicates nothing will ever be enough. Google will always want to track more of everyone's activity online, and will use every tool at their disposal to do it.
I think this is the third HN link I've clicked on in a row that leads to an LLM-generated article. I'm not opposed to AI, but I'm tired of seeing it quietly substituted for human thought and expression.
Whether it's AMP or manifest 3 or android source shenanigan or attempts to replace cookies with their FLOC nonsense or this...Google is rapidly turning into a malicious force when it comes to the open internet
As much as I hate whatever google's doing, this article has some issues:
>For operations that need Play Integrity attestation specifically, a compliant Android device costs approximately $30 at current market prices
This assumes the logic on google's side is something like `if(attestationResult == "success") allow()`, but it's not hard to imagine the device type being factored into some sort of fraud score. For instance, expensive devices might have a lower fraud score than cheaper devices, to deter buying a bunch of cheap devices. They might also analyze the device mix for a given site, so if thousands of Chinese phones suddenly start signing up for Anne's Muffin Shop, those will get a higher fraud score.
>Firefox for Android does not appear in Google’s stated browser support list for Fraud Defense.
The browser only needs to show a QR code, so if you're on firefox mobile they'll either open a deeplink to google play services on the phone itself, or show a qr code.
>One human solving a single challenge pays a negligible cost. A bot farm running concurrent sessions faces exponential compute costs with each additional attempt - and AI agents, which consume GPU cycles to operate, face identical penalties regardless of how sophisticated their reasoning is.
PoW for bot protection basically never caught on because javascript performance is poor, and human time is worth more than a computer's time. An attacker doesn't care if some server has to wait 10s to solve a PoW challenge, but a human would. An 8-core server costs 10 cents per hour on hetzner. Even if you assume everyone has a 8-core desktop-class CPU at their disposal (ie. no mobile devices), a 6 minute challenge would cost an attacker a penny. On the other hand how much do you think the average person values 6 minutes of their time?
This is truly disturbing, and trying to sneak it in like this without public discussion is disingenous. Hopefully it will be shot down like last time - at the very least, there are surely antitrust issues here.
Maybe a dumb question, but how is this suppose to work for iphone users? They wont have google play, and it seems like android/google play is required here? There is no way they would cut out such a huge chunk of the market.
For example:
> Bot operators point a camera at a screen, a trivial automation with off-the-shelf hardware. For operations that need Play Integrity attestation specifically, a compliant Android device costs approximately $30 at current market prices
A bot farm cannot bypass for long with a $30 phone. Do you seriously think that if Google sees the same hardware identifier 1000s of times a day they are not going to consider that usage to be fraud?
I appreciate that Google's made a real proposal to avoid the web becoming bottomless AI slop. This article hasn't come with a better alternative - I'd love to see one!
Given all the negative comments here - what is anyone's alternate solution for AI-driven fraudulent activity?
CAPTCHAs are increasingly ineffective. Services are either going to go offline or implement some kind of system like this. PII like credit cards or SSNs aren't enough because those are regularly stolen.
So where do things go? Fewer services and infinite fraud?
I think I understand why Google wants to do this, and I think I understand why people are opposed to this particular solution.
It’s also worth noting that the author of this article is selling a proof of work solution to the problem.
I am fairly skeptical that proof of work is the right way to go here. A lot of users of the web are using older hardware. Adding a computational toll booth doesn't solve the problem in a world where people have differing amounts of compute to spend.
On the other hand, a botnet might have access to thousands of computers and may not actually care about waiting an extra 10 seconds. Or worse, they will come up with a custom solution on an ASIC that solves your proof of work puzzle thousands of times faster than grandma‘s laptop.
What Google has done is incredibly clunky and only serves its own interests.
We already have methods to prove that we're human.
1. lots of laptops have fingerprint readers & TPM2 build-in
2. lots of folks own Yubikeys or FIDO2 keys - if these became the norm then the price would come down significantly.
Both of these methods only require a tap to authenticate to a website.
Both provide public-key authentication, and both provide some level of proof of work / require human interaction, without revealing the identity of the end-user.
Why not use or standardise these? because there's no benefit to Google of course.
Do we know if this is immediately going to slot in wherever reCAPTCHA is currently used / is there a rollout plan? Or will site operators manually opt into the new system? Is there even a way to opt out?
I can think of many sites where, for users that trigger captchas often, introducing a multi-device workflow is even worse for those users than clicking traffic light images. An automatic rollout would be hostile to those operators!
This seems to be an advertisement for Private Captcha. I don't know a lot about the service, but it seems inherently ablest. Does proof of work, support blind users? Does it is support special needs users with cognitive impairments? The QR code and photo support a wide variety of users. What not support a variety of methods. Why does it need to be one or the other?
We see the fundamental forces of capitalism at work: To justify valuation, Google needs to grow. When they feel a ceiling, they broaden their search to anything legal that makes customers pay - even if it contradicts their longterm interests. This created countless attack angles for startups.
The good news: we already have a solution! Monopoly laws. In case of the internet, no company should be able to have this much power.
The bad news: US decided to weaponize big tech’s leverage over the world and does not enforce these laws anymore that fix vanilla capitalism.
We do need to abandon the reality where we use the same few companies on a daily basis and get back to what's now hidden the under-the-surface: forums, blogs, personal websites. We need to re-discover the "free" internet we used to have before Facebook and smartphone dystopia happened.
I posted a comment on the announcement when it was posted here:
>As someone who is working in incident response and malware analysis I have to say that is one of the worst ideas I have ever seen.
A lot of companies have issues with ClickFix [1] and other social engineering campaigns and now Google wants to teach users that they should scan QR codes to proceed on a website.
>How should we realistically teach Susan from HR the difference between a real Google Captcha QR code and a malicious phishing QR code - you (realistically) can't. I wish we could - but those people don't work in tech, they will never know and I can't really blame them because at the end of the day they are just happy that they don't have to deal with tech after work.
>We have spent years of behavioural conditioning to prevent QR-code based phishing attacks (some people call it Quishing but I hate that term) and since the QR code is being scanned from a mobile device (99.99% of the time the private device), we have no EDR visibility on those devices and can't track what's happening if people scan it.
>This is more of an invitation for threat actors than it is something that holds them back.
I think the idea is good if it could actually curb bot traffic that currently plagues the Internet.
However, a lot of recent bot traffic are sophisticated scrappers called "LLM's." You can tell claude to "research X from this www.example.com" and will automatically scrape it and summarize it, something that a LLM is perfect for. Gemini tends to share links instead, presumably because most of Google's revenue comes from ads served on those websites, so if it completely killed the traffic to those websites it would just make less money. Incidentally, I wonder if Claude/Gemini use an search engine-like "index" of all websites or it refuses to cache anything to always fetch "fresh" data.
If this is employed, I don't think the web is only going to be gatekept to Google devices. I think it will also be gatekept to Google's AI's.
Google would be able to display a captcha that no LLM could defeat, and then just let its own LLM pass through.
The same could be said about its other bots, such as the web crawler. Google's bot could crawl webpages that no other crawler would ever be able to simply because it has free pass to captcha-gated GETs. Although the same could be true already today.
The military industrial complex created the internet, and has funded many of the big players in Silicon Valley. Their goal was never an open and free internet.
> The defeat is mechanical. Bot operators point a camera at a screen, a trivial automation with off-the-shelf hardware. For operations that need Play Integrity attestation specifically, a compliant Android device costs approximately $30 ($29.88 in Wallmart to be precise) - for a professional bot farm, which purchases devices in bulk, this is the fixed cost without material disruption to operations.
That's $30 per account, not one time. Because of the following:
> Device attestation does not just gate access - it produces attribution. A device with a stable hardware identity creates a persistent identifier that crosses sessions, browsers, and private browsing modes.
If you put all your bot accounts on one device, they all get banned at once. So fraudsters have to spread their accounts across multiple devices and replace them when they inevitably get banned. That's the reason for all the spying, attestation, and lockdown bullshit behind Google Cloud Fraud Defense. It is far easier to ban fraudsters if you just let the Maoists run the Risk Department.
The author proposes an alternative solution: proof-of-work. And, yes, there are use cases for that, such as Anubis. Google might even want to consider a proof-of-work option in certain scenarios. But there is no scenario in which someone's phone deliberately burns $30 worth of compute - perhaps a quarter of the user's battery - and the user still has a good onboarding experience. Most of your actual users are not going to be able to burn compute as efficiently as fraudsters, either - so maybe you have to burn the whole battery on a phone to cost a fraudster $30. Proof-of-work is, strictly speaking, anti-egalitarian and anti-democratic. "One CPU, One Vote" is less useful than you think when you realize fraudsters have the money to just buy lots of CPUs to always win[0].
Every Risk Department eventually reinvents arbitrary and capricious punishment. When you have no legal authority to prosecute crime, you rely entirely upon your freedom of association and ban people with a hair trigger. It's the only thing that works. Personally, I'd rather live in the world where governments actually took fraud seriously and corporations didn't have to do this, but for right now, GCFD is at least less onerous than WEI in the sense that WEI was going to lock down all browsers. GCFD just means I have to keep a Google-approved phone around to scan a QR code every once in a while.
[0] I'm not mentioning the massive waste problem proof-of-work creates, because obviously attestation will also produce waste. Actually, if anything, the fraudsters will probably wind up dumping all their banned devices on the used market and ruin it.
Google Cloud Fraud Defence is just WEI repackaged
(privatecaptcha.com)679 points by ribtoks 23 hours ago | 345 comments
Comments
There aren't many good ways to prove you're not a bot and there are even fewer that don't involve things like ID verification.
Their opt-in approach helps shift the blame to individual web stores for a while, so who knows if this will take off. But either way, in the long term, the open, human internet is either going away or getting locked behind proofs of attestation like this.
Apple built remote attestation into Safari years ago together with Cloudflare and Google is now going one step further, as Apple's approach doesn't work well against bots that can drive browsers rather than scripted automation tools.
Luckily, their current approach can be worked around because it's only targeting things like stores now and you can buy things from other stores. Once stores find out that click farms have hundreds of phones just tapping at remotely served content, uptake will probably be limited.
It'll be a few years before this is everywhere, but unless AI suddenly isn't widely available anymore, it's going to be inevitable.
That was true before this, but this indicates nothing will ever be enough. Google will always want to track more of everyone's activity online, and will use every tool at their disposal to do it.
>For operations that need Play Integrity attestation specifically, a compliant Android device costs approximately $30 at current market prices
This assumes the logic on google's side is something like `if(attestationResult == "success") allow()`, but it's not hard to imagine the device type being factored into some sort of fraud score. For instance, expensive devices might have a lower fraud score than cheaper devices, to deter buying a bunch of cheap devices. They might also analyze the device mix for a given site, so if thousands of Chinese phones suddenly start signing up for Anne's Muffin Shop, those will get a higher fraud score.
>Firefox for Android does not appear in Google’s stated browser support list for Fraud Defense.
The browser only needs to show a QR code, so if you're on firefox mobile they'll either open a deeplink to google play services on the phone itself, or show a qr code.
>One human solving a single challenge pays a negligible cost. A bot farm running concurrent sessions faces exponential compute costs with each additional attempt - and AI agents, which consume GPU cycles to operate, face identical penalties regardless of how sophisticated their reasoning is.
PoW for bot protection basically never caught on because javascript performance is poor, and human time is worth more than a computer's time. An attacker doesn't care if some server has to wait 10s to solve a PoW challenge, but a human would. An 8-core server costs 10 cents per hour on hetzner. Even if you assume everyone has a 8-core desktop-class CPU at their disposal (ie. no mobile devices), a 6 minute challenge would cost an attacker a penny. On the other hand how much do you think the average person values 6 minutes of their time?
I know it is a small move, but as it happened when chrome started, this opens opportunities for other players
For example: > Bot operators point a camera at a screen, a trivial automation with off-the-shelf hardware. For operations that need Play Integrity attestation specifically, a compliant Android device costs approximately $30 at current market prices
A bot farm cannot bypass for long with a $30 phone. Do you seriously think that if Google sees the same hardware identifier 1000s of times a day they are not going to consider that usage to be fraud?
I appreciate that Google's made a real proposal to avoid the web becoming bottomless AI slop. This article hasn't come with a better alternative - I'd love to see one!
CAPTCHAs are increasingly ineffective. Services are either going to go offline or implement some kind of system like this. PII like credit cards or SSNs aren't enough because those are regularly stolen.
So where do things go? Fewer services and infinite fraud?
It’s also worth noting that the author of this article is selling a proof of work solution to the problem.
I am fairly skeptical that proof of work is the right way to go here. A lot of users of the web are using older hardware. Adding a computational toll booth doesn't solve the problem in a world where people have differing amounts of compute to spend.
On the other hand, a botnet might have access to thousands of computers and may not actually care about waiting an extra 10 seconds. Or worse, they will come up with a custom solution on an ASIC that solves your proof of work puzzle thousands of times faster than grandma‘s laptop.
1. lots of laptops have fingerprint readers & TPM2 build-in
2. lots of folks own Yubikeys or FIDO2 keys - if these became the norm then the price would come down significantly.
Both of these methods only require a tap to authenticate to a website. Both provide public-key authentication, and both provide some level of proof of work / require human interaction, without revealing the identity of the end-user.
Why not use or standardise these? because there's no benefit to Google of course.
I can think of many sites where, for users that trigger captchas often, introducing a multi-device workflow is even worse for those users than clicking traffic light images. An automatic rollout would be hostile to those operators!
As a web-wide captcha replacement, not cool
(And no, not you Microslop!)
The bad news: US decided to weaponize big tech’s leverage over the world and does not enforce these laws anymore that fix vanilla capitalism.
>As someone who is working in incident response and malware analysis I have to say that is one of the worst ideas I have ever seen. A lot of companies have issues with ClickFix [1] and other social engineering campaigns and now Google wants to teach users that they should scan QR codes to proceed on a website.
>How should we realistically teach Susan from HR the difference between a real Google Captcha QR code and a malicious phishing QR code - you (realistically) can't. I wish we could - but those people don't work in tech, they will never know and I can't really blame them because at the end of the day they are just happy that they don't have to deal with tech after work.
>We have spent years of behavioural conditioning to prevent QR-code based phishing attacks (some people call it Quishing but I hate that term) and since the QR code is being scanned from a mobile device (99.99% of the time the private device), we have no EDR visibility on those devices and can't track what's happening if people scan it.
>This is more of an invitation for threat actors than it is something that holds them back.
[1] https://www.kaspersky.com/blog/what-is-clickfix/53348/
However, a lot of recent bot traffic are sophisticated scrappers called "LLM's." You can tell claude to "research X from this www.example.com" and will automatically scrape it and summarize it, something that a LLM is perfect for. Gemini tends to share links instead, presumably because most of Google's revenue comes from ads served on those websites, so if it completely killed the traffic to those websites it would just make less money. Incidentally, I wonder if Claude/Gemini use an search engine-like "index" of all websites or it refuses to cache anything to always fetch "fresh" data.
If this is employed, I don't think the web is only going to be gatekept to Google devices. I think it will also be gatekept to Google's AI's.
Google would be able to display a captcha that no LLM could defeat, and then just let its own LLM pass through.
The same could be said about its other bots, such as the web crawler. Google's bot could crawl webpages that no other crawler would ever be able to simply because it has free pass to captcha-gated GETs. Although the same could be true already today.
Google Cloud fraud defense, the next evolution of reCAPTCHA
https://news.ycombinator.com/item?id=48039362
https://qz.com/1145669/googles-true-origin-partly-lies-in-ci...
The military industrial complex created the internet, and has funded many of the big players in Silicon Valley. Their goal was never an open and free internet.
That's $30 per account, not one time. Because of the following:
> Device attestation does not just gate access - it produces attribution. A device with a stable hardware identity creates a persistent identifier that crosses sessions, browsers, and private browsing modes.
If you put all your bot accounts on one device, they all get banned at once. So fraudsters have to spread their accounts across multiple devices and replace them when they inevitably get banned. That's the reason for all the spying, attestation, and lockdown bullshit behind Google Cloud Fraud Defense. It is far easier to ban fraudsters if you just let the Maoists run the Risk Department.
The author proposes an alternative solution: proof-of-work. And, yes, there are use cases for that, such as Anubis. Google might even want to consider a proof-of-work option in certain scenarios. But there is no scenario in which someone's phone deliberately burns $30 worth of compute - perhaps a quarter of the user's battery - and the user still has a good onboarding experience. Most of your actual users are not going to be able to burn compute as efficiently as fraudsters, either - so maybe you have to burn the whole battery on a phone to cost a fraudster $30. Proof-of-work is, strictly speaking, anti-egalitarian and anti-democratic. "One CPU, One Vote" is less useful than you think when you realize fraudsters have the money to just buy lots of CPUs to always win[0].
Every Risk Department eventually reinvents arbitrary and capricious punishment. When you have no legal authority to prosecute crime, you rely entirely upon your freedom of association and ban people with a hair trigger. It's the only thing that works. Personally, I'd rather live in the world where governments actually took fraud seriously and corporations didn't have to do this, but for right now, GCFD is at least less onerous than WEI in the sense that WEI was going to lock down all browsers. GCFD just means I have to keep a Google-approved phone around to scan a QR code every once in a while.
[0] I'm not mentioning the massive waste problem proof-of-work creates, because obviously attestation will also produce waste. Actually, if anything, the fraudsters will probably wind up dumping all their banned devices on the used market and ruin it.
[0]: https://youtu.be/4BYkuPUQoWE