Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Friday April 10 2020, @06:54AM   Printer-friendly
from the automated-turing-test dept.

Cloudflare dumps Google's reCAPTCHA, moves to hCaptcha as free ride ends (and something about privacy):

Cloudflare on Wednesday said it is ditching Google's reCAPTCHA bot detector for a similar service called hCaptcha out of concerns about privacy and availability, but mostly cost.

The network services biz said it initially adopted reCAPTCHA because it was free, effective, and worked at scale. Some Cloudflare customers, however, have expressed reservations about having data sent to Google.

Google's reCAPTCHA v3, used on about 1.2m websites, provides a way for web publishers to present puzzles called CAPTCHAs (completely automated public Turing test to tell computers and humans apart) that can usually, but not always, distinguish automated website interaction from human engagement. The point of presenting such challenges is to keep bots from registering fake accounts and conducting other sorts of online abuse.

In a blog post, CEO Matthew Prince and product manager Sergi Isasi observed that while Google is an advertising business and Cloudflare is not, Cloudflare nonetheless reconciled itself to Google's privacy policy even if it made some customers wary.

The biz also has also been concerned about the availability of reCAPTCHA in China, given that Google services are intermittently blocked there. China is home to about a quarter of the world's internet users so a significant number of people could be unable to access websites barricaded behind inaccessible reCATPCHA puzzles.

Prince and Isasi note that Cloudflare has had some issues with this in China and elsewhere. But over the past decade, this hasn't been enough to warrant action.

Finally, earlier this year, Google told Cloudflare it plans to begin charging for reCAPTCHA, a service it has previously offered for free because the answers people provide improve its services and machine learning systems.

In an email to The Register, a Google spokesperson said there's no charge for reCAPTCHA unless you exceed one million queries per month or 1,000 API calls per second.

Faced with the prospect of paying millions for a service it offered at no charge to customers, Cloudflare decided something had to be done.

"That was finally enough of an impetus for us to look for a better alternative," said Prince and Isasi.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Insightful) by maxwell demon on Friday April 10 2020, @07:03AM (5 children)

    by maxwell demon (1608) on Friday April 10 2020, @07:03AM (#980768) Journal

    Cloudflare on Wednesday said it is ditching Google's reCAPTCHA bot detector for a similar service called hCaptcha out of concerns about privacy and availability, but mostly cost.

    If they really cared about privacy, they would have stopped using it long ago. It's not as if Google just recently started collecting data.

    But of course, if they decide to move away from it anyway, it's nice marketing to claim that they do it at least in part due to privacy concerns.

    --
    The Tao of math: The numbers you can count are not the real numbers.
    Starting Score:    1  point
    Moderation   +4  
       Insightful=4, Total=4
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   5  
  • (Score: 5, Insightful) by canopic jug on Friday April 10 2020, @07:52AM (1 child)

    by canopic jug (3949) Subscriber Badge on Friday April 10 2020, @07:52AM (#980770) Journal

    Yep, that's it in a nutshell:

    Finally, earlier this year, Google told Cloudflare it plans to begin charging for reCAPTCHA, a service it has previously offered for free because the answers people provide improve its services and machine learning systems.

    Google probably reckons that sites have become dependent enough on their CAPTCHA service that they can charge for it a second time. The first time being all the data mining that it enables.

    Eventually they'll pull something nasty with GMail, too. They already charge organizations and business for custom deployment, that only makes sense for custom work, but that still operates using the established open standards for e-mail and interoperates with all other systems. That is, you can still send mail to or from GMail accounts without going through a bridge or converter. However, some of the gimmicks they try to promote these days in regards to mail are dependent on the mail staying withing Google's control for its whole life cycle. The self-destructing message function they tried a couple of years ago is one example. That exemplifies the risk I see with them that if they get enough of the market then they can force changes to the protocols themselves or just plain replace them with proprietary ones.

    --
    Money is not free speech. Elections should not be auctions.
    • (Score: 2) by driverless on Sunday April 12 2020, @05:23AM

      by driverless (4770) on Sunday April 12 2020, @05:23AM (#981432)

      I hope Google keeps charging for it and more sites finally dump it. At the moment I have to have a pile of Google Javascript crap enabled everywhere or about half the Internet breaks because every second site that you sign into uses Google's crap to keep bots out. Not even Recaptcha but their anti-bot tech, which means you have to keep Javascript enabled for a pile of Google domains that you could otherwise safely block off.

  • (Score: 0) by Anonymous Coward on Friday April 10 2020, @12:15PM

    by Anonymous Coward on Friday April 10 2020, @12:15PM (#980788)

    Right, Cloudfare is doing this for financial reasons but trying to get some zero effort positive publicity out of it.

    That said, anything that takes money out of Big Brother Google's pockets is good by me.

  • (Score: 2) by takyon on Friday April 10 2020, @02:58PM (1 child)

    by takyon (881) <reversethis-{gro ... s} {ta} {noykat}> on Friday April 10 2020, @02:58PM (#980821) Journal

    Cloudflare and privacy. Wew.

    I guess it would increase privacy somewhat if Cloudflare ran a CAPTCHA service itself instead of contracting with a third party. But CAPTCHAs are probably not long for this world anyway. The bots are getting too good.

    --
    [SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
    • (Score: 1, Insightful) by Anonymous Coward on Saturday April 11 2020, @02:42AM

      by Anonymous Coward on Saturday April 11 2020, @02:42AM (#980998)

      hCAPTCHA has used their infrastructure since the startup formed, from the looks of their Medium blog. If anything, this setup is even better for Cloudflare. They get a paying customer, a finger to point when it goes wrong, and the ability to directly track users anyway.