cross-posted from: https://lemmy.ml/post/47972724
i encountered this for the first time today while attempting to read something on archive.today.
i confirmed that decoding the qrcode using a computer and following the URL it contains is insufficient; the error it gave directed me here which is what the linked screenshot is of.
the old type of captcha remains available too, for now:
Verifying you have a phone doesn’t verify that you’re human.
Just like Recaptchas haven’t been a challenge to bots for a long time. Still, we had to deal with this shit. Makes you wonder if it’s just a stupid fucking pretext… 🤔
Isn’t it training for AI and automated cars?
Used to be, yeah. But this part of computer vision has been a solved problem for a while now. Captchas still remained for the sole purpose of annoying the living fuck out of people like you and me. Well, until Google figured out Captchas could be weaponised for (gestures) whatever this is.
How so?
Android emulators exist and are usable by bots.
So they SS the QR code, scan it and continue?
Something like that. Emulators also give the ability to emulate cameras using pictures or video feeds.
They just need to set up a Google play equipped emulator, set the picture as simulated camera input and put in the inputs to the emulator (also automatable)
Sheesh
May have to stream a video of the screen into a scanner app, but shouldn’t be difficult anyway.
One of the forms of digital ID in use in my country now has a new way to use it, which the government websites use now. You always needed a mobile device for this one anyway (phone holds the private keys and you have to enter the PIN 1 or PIN 2 depending on whether you’re authenticating or authorizing something), but it used to be that you could enter your ID code and get prompted for the PIN (with a verification number to make sure you’re responding to the prompt you think you’re responding to), now it’s either on-device from the default browser to the app, OR on desktop you have to scan a QR code that’s a moving target, it changes a couple of times a second so you couldn’t send a screenshot to someone else to scan. This is meant to prevent scams where someone gets you to just enter your PIN over a phone call.
I don’t know if the google thing is similar though or if it’s a static QR there.
My cat once jumped on keybard and wrote “ghfhghgghhfjgfhf” on Discord chat. The first non-human with acces to computer.
Well, I doubt your cat could scan QR codes
Discord?! Computers are a lot older than Discord! Cats have been jumping on keyboards since forever.