I get .7 on my iPhone, I’m guessing that my liberal use of Firefox containers and the cookie auto-delete extension on my desktop will give me a much lower score and cause me to have to jump through extra hoops at websites that implement it, just like the reCaptcha V2 does.
Edit: I also got 0.7 on Firefox with strict content blocking (which is supposed to block fingerprinters), uBlock Origin, and Cookie AutoDelete. I get 0.9 from a container which is logged into Google.
With Firefox fingerprint resisting turned on and with Ublock Origin/UMatrix, I get a score of 0.1. And I'm not even on a VPN; I'm sure on my home network I'd have an even lower score.
To me, it feels like Google's entire strategy behind reCaptcha is to make it harder to protect your privacy. We've basically given up on the idea that there are tasks only humans can do, and to me V3 feels like Google openly saying, "You know how we can prove you're not a robot? Because we literally know exactly who you are." I don't even know if it should be called a captcha -- it feels like it's just identity verification.
I don't think this is an acceptable tradeoff. I know that when reCaptcha shows up on HN there's often a crowd that says, "but how else can we block bots?" I'm gonna draw a personal line in the sand and say that I think protecting privacy is more important than stopping bots. If your website can't stop bots without violating my privacy, then I'm starting to feel like I might be on the bots' side.
> it feels like Google's entire strategy behind reCaptcha is to make it harder to protect your privacy
For the irony, I'm still logged into GMail and it still works perfectly, as basic HTML, even with google.com forbidden to run scripts. But it's the flippin' reCaptchas all over the place that make me temp-allow google.com, and then a reload later, temp-allow gstatic.com and reload again. Only then I get to use someone else's site normally, and I can disallow again... it's irritating. And then, this.
BTW that page plainly says the scores are samples and not related to reality. Refresh a few times and watch it change. 0.3, 0.7, and 0.9 seem to be my lucky numbers. I see everyone else getting those and 0.1.
Please stop reading things into it oh it's too late. Maybe they suddenly started seeing this page hundreds of times in the referrer and added that bit afterward, I don't know.
Dunno if it's changed recently or if I just didn't refresh enough before, but I'm now seeing basically random numbers as well.
If anyone wants a fun weekend project, I would love for there to be a few public sites I can reliably check my production score on.
I'm not sure it matters though, since I'm just ignoring most sites that use reCaptcha now. For sites I can't ignore, I've taken to emailing them with my requests instead -- recently I tried to use Spotify's internal data export tool and it wouldn't let me past. If you're not going to let me use a website to manage my existing account, then your support team can do it for me.
I get the exact same score no matter what browser I use, despite uBlock Origin & Privacy Badger & Decentraleyes, even in private mode and with a VPN connection from a country I normally don't use. Hmmmmm...
When I just keep reloading, I get either 0.9 or 0.1. I get 0.1 more often. Interesting.
Maybe some browser extension can monitor the score and tell me what it currently is on each page load, when reCaptcha is used on some website. I'd just keep reloading, until it's good, and then try the captcha.
First try in Vivaldi's private mode got me still a 0.3 . Then I tested it while being logged into Google and it went to 0.9 . However, when I tried it again in private mode, I got 0.9 there too. Temporary fingerprints show quite the effect.
Your privacy isn't nearly as important as you think, and as long as you continue to overvalue it, you'll continue to be unwilling to trade it for convenience.
On FireFox with uBlock on and logged into my corporate gmail I get 0.9, switching to a private tab I get 0.7. This is with every privacy setting turned on in the FF options.
Really? I don't think so. I get a 0.9 on Google Chrome, and a 0.7 on Firefox. I heavily use Chrome and I have not used Firefox apart from maybe testing some local websites. Despite this I still got 0.7 on there. I expected lower since I don't use the browser.
I was being sarcastic - high score on captcha probably means G knows too much about you. That said, I don't think the scores are reliable. It is possible (probable even) that G is still running experiments.
I get 0.1 continuously, possibly because I have resist fingerprinting enabled in Firefox. I'm not changing anything to compensate that score; it shows I must be doing something right. If I encounter a reCAPTCHA I will continue to (usually) just leave the site it's on.
Contrary to the results here, using Firefox + uBlock with DNT and tracking protection enabled, I get a score of 0.9. In private browsing mode it's 0.7.
I wonder how many people here are using a VPN or accessing from a non-western country -- I'd bet those are much bigger factors
This looks like a RNG: I got 0.7, 0.9, and 0.1 successively. It can't make up its mind whether I'm almost certainly not a bot (0.9) or almost certainly a bot (0.1)?
Might very well be. I also get errors on hacker news about "can't process requests that fast". When asking about it (initially because I thought votes didn't work randomly), the limit is a few requests per second. Turns out I click faster than that, either by reading a whole comment thread and making up my mind whose comments were most helpful (to upvote all at once) or by navigating too fast.
That would be a useless site, but that's not how I read it. I understand it as "this is not that Google thinks your account is a bot, it's that this request might be made by a bot. And since you didn't use this site as a normal website, it also doesn't score your type of traffic, just this one request". You might be right, but it really does seem to be doing a request to their API.
Documenting requests' format and their return values is documentation and doesn't require an interactive site that looks totally real and makes you expect a real (rather than a dummy) answer. Which is not to say it's impossible, but it would be weird/unlikely. Usually when there is an example api request in documentation, it's a real (live) request, too, and this isn't even a documentation page.
Come on, how is everyone in this chain so blind. It's literally in bold and the single largest block of content on the page:
NOTE:This is a sample implementation, the score returned here is not a reflection on your Google account or type of traffic. In production, refer to the distribution of scores shown in your admin interface and adjust your own threshold accordingly. Do not raise issues regarding the score you see here.
I too got 0.1 even though I'm not on a VPN, and have a stock FF installation with just uBlock addon. I think my ISP may have some part in it but still 0.1 score is 100% bot right?
I'm also logged into google and fb which also doesn't affect my score. Only shows how broken their algorithm is :(
edit: just tried it with chrome and my score jumped to 0.9! So definitely not my ISP. It's just my browser that Recaptcha doesn't like. If you put two and two together that's really evil shit, even for Google!
I got 0.7 on FF, 0.3 on Opera and Chrome, all in incognito mode.
Maybe they have just a few values and return it based on AND OR logic of 2-4 variable.
Or maybe they are just playing around trying to gather some stats, for some "Don't be Evil" purpose!
Google is putting a number on us, is honestly some Minority Report level dystopia. Google is already using this to make life hell for anyone who cares about their privacy, we need to do something about this before they finish putting up their iron curtain over the web. Would it be possible to sue website owners for requiring such invasive measures? I'd love to see this ruled as monopoly power and Google broken up but that's probably not very realistic so we would probably do better to make using Google captchas more expensive in court costs alone than just building their own solutions to fight bots.
Seeing what everyone else has posted I'm very suprised that I've received a 0.3 using Chrome on Android. I'm logged in to Google and most of my browsing is via Chrome or Chrome based webview. At least on my phone I've never cleared my cookies or done anything special.
This is total bullshit. My score of 0.1 in firefox shoots up to 0.9 if I change my user agent to ChromeOS. No other changes - same set of ghostery/ad blocker/fingerprinting prevention, etc. What a scam.
Ding ding ding ding, Google's way of killing the other browsers in the market for good, kill off the adblockers manifest, literally become the entity which monitors the internet as much as the NSA...
Hitting the same URL over and over again is bot-like behaviour. When working with reCaptcha on forms I usually start getting hit after 4-5 test submissions.
I get .9 in Firefox on my MBP with UBlock Origin installed. I wondered if it was because I was logged in to Google, so I tried Incognito and got .7. In a never-before-used container I also get .7.
I get a 0.7 on my computer on Firefox. If I use the same website in Chrome (which is signed into a Google account) I get a 0.9. I guess it's a [0,1] scale?
I'm guessing their a-listers came up with something like this:
// TODO: add impressive-looking math
if (signedin && trackedEverywhere) {
return 0.9
} else {
return 0.7
}
I think we give Google way too much credit for their talent. This is the same company that didn't feel like finishing their website for two decades and subsequently stole $75 million from their users even when Google knew [1].
The same company that somehow still doesn't reconcile amounts owed and just keeps the money when they randomly-ban users and hide behind fake support emails, but they did feel like paying $11 million to keep that away from scrutiny [2].
Google consistently gives me the impression of a company that (I suppose) has tons of smart people in it, but has badly broken management & incentive structures leading them to constantly do bafflingly stupid stuff at both large and small scales, even by the standards of a bigcorp, to the point that they survive only because they've got one hell of a golden goose.
And in keeping with recent revelations on Google's manipulation of search results, I think they have really gone beyond the pale. I un-archived my old iPhone two days ago and went back to iOS after the James O'Keefe/Project Veritas revelations. I now cannot, in good conscience, use anything Google. I always knew about the tracking and all that because, after all, they are an ad company. I'm now in the process of moving all of my domains over to Fastmail, which I've used since 2002. I'm using Qwant, Startpage, and DDG for search. FF for browser with many about:config tweaks and several add-ons.
Please explain. Even without the revelations from PV, it's patently obvious Google, et al are biased. Anyone can see it. Silicon Valley is a bloody echo chamber. If the videos by PV were not damning in the least, why did 4 different companies take them down and remove the accounts of PV?
Sunlight is the very best disinfectant. People have a right to know if searches are being manipulated to one side.
If I sign out of my google account in Chrome it drops from 0.9 to 0.7.
I could have sworn I'd never signed in to Chrome using my google account, but I guess I must have mistakenly signed in to gmail or something.
I use FF as my main browser, only ever drop back to Chrome sporadically, or when I really want tabs to be completely isolated (there are some annoyingly CPU/power intensive stuff I do from time to time, and I can just renice Chrome while I get on with other stuff.)
That was the last straw to uninstall Chrome from all my devices and I've been a happy Firefox user ever since. Well, except now reCAPTCHA hardly ever works.
The GP post's IP address or other fingerprint may be validated from other Google properties they might have visited, so I wouldn't put so much stock in the 0.7.
Honestly... if it's the same team that did ReCaptcha 2.0, this is a team that pulls out all the stops. Per https://github.com/neuroradiology/InsideReCaptcha ... they implemented a freaking VM in Javascript to obfuscate the code that combines various signals. There's a lot going on here that's likely highly obfuscated and quantized before it's displayed to us.
So, I still have to whitelist Google in uMatrix and allow cookies for this to work. Even after doing so, I get a 0.1. I reloaded the page to check for variation as some other users mentioned but get the same score each time. I guess Google is saying I shouldn't be allowed to use the internet.
What is most odd is I get 0.7 on iOS Safari which I use for 100% of my purposeful mobile browsing, but I get .9 on iOS Chrome, which is only used when I accidentally click on links from gmail (so very, very rarely).
Not really odd at all - if you're using the gmail app, there's a shared authentication cookie in all Google apps - including Chrome, so Google knows who you are in Chrome.
Stock Qutebrowser 0.7, FF w/ all the usual extensions (ublock origin) 0.7. Don't know if it matters but I'm rolling Arch. Just adding another point of data for those curious.
interesting my score is 0.9 if I allowed google to track me using cookies, if I block the cookies it goes to 0.7 and if I enable content blocking in Firefox it drops to 0.1
With desktop Chrome I get a 0.3. My browser sends Do Not Track, has PrivacyBadger extension, and has that useless google-profile-in-the-browser feature disabled.
It didn't load for me and I couldn't figure out why.
Then I remembered that I put this in my /etc/hosts a few weeks ago and forgot about it.
127.0.0.1 google.com
127.0.0.1 www.google.com
[Edit] So if nothing shows up for you on that page, check for that. Also I just generally recommend it. Google has some unethical practices and duckduckgo.com is pretty good.
I get .7 on my iPhone, I’m guessing that my liberal use of Firefox containers and the cookie auto-delete extension on my desktop will give me a much lower score and cause me to have to jump through extra hoops at websites that implement it, just like the reCaptcha V2 does.
Edit: I also got 0.7 on Firefox with strict content blocking (which is supposed to block fingerprinters), uBlock Origin, and Cookie AutoDelete. I get 0.9 from a container which is logged into Google.