Executive TL;DR:
- Google’s reCAPTCHA update may compromise user anonymity
- De-googled Android users are affected by the change
- Privacy concerns are rising among internet users
The Buzz Score
The Internet’s Verdict: 70% Hyped, 30% Skeptical
Forum Reactions
Users are expressing their concerns over the new reCAPTCHA system, with some stating that it compromises their anonymity.
My understanding is that this new reCAPTCHA is basically just remote attestation. Remote attestation doesn’t use blind signatures (as that would be ‘farmable’) so tying the device to the ‘attestee’ is technically possible with collusion of Google servers.
Others are choosing to avoid Google services altogether, opting for alternative solutions to maintain their privacy.
I don’t use Android right now and haven’t used Google’d Android for almost a decade. And I won’t. If this is the hill I die on, so be it. I’m not going to use any sort of hardware attestation, especially one controlled by Google.
Impact on Users
The new reCAPTCHA system may have significant implications for users who value their online anonymity.
As one user noted, the system could potentially tie all of a user’s accounts together, destroying their anonymity set.
Unless you acquire untraceable burners for every service, the new reCAPTCHA will be technically capable to tying all your accounts across all these services together.
Focus Keyword: reCAPTCHA issue
