news.volyx.in

Google Cloud Fraud Defence is just WEI repackaged (privatecaptcha.com)

707 points by ribtoks · 67 days ago · 365 comments on HN

Article summary

Google Cloud Fraud Defense is a new system that uses device attestation to verify the legitimacy of devices accessing websites, which has raised concerns about privacy and the potential for Google to control access to the open web. The system is similar to a previously proposed mechanism called Web Environment Integrity, which was withdrawn due to objections from standards bodies. The new system uses a QR code challenge that requires a certified device to prove human presence. Critics argue that this system could be used to track users and exclude those who use non-certified devices or browsers.

Main themes

  • Device attestation
  • Privacy concerns
  • Google's control over the web
  • Alternative solutions
  • Regulation and legislation
  • Corporate power and accountability

What commenters say

  • Google's Cloud Fraud Defense is a threat to user privacy and an attempt to control access to the open web.
  • The system is vulnerable to bypassing and will not effectively prevent bots or fraud.
  • A collective boycott of Google's services is necessary to prevent the company from abusing its power.
  • Regulation and legislation are needed to prevent companies like Google from exploiting their power and violating user privacy.
  • Alternative solutions, such as open-source alternatives and decentralized systems, are necessary to counter Google's dominance.
  • The use of device attestation and AI-powered systems will inevitably lead to a loss of privacy and autonomy for users.
  • Governments are complicit in the exploitation of user data and should be held accountable for their failure to regulate companies like Google.
  • Breaking up large corporations like Google is necessary to promote fair competition and protect user rights.