I use Adblock, Ghostery and Privacy Badger.
I went to login to my Indie Gala account and they threw one of the new Google Captcha things at me.
It was blocked by the EFF’s Privacy Badger. I had to allow the tracking to be allowed to access products I had bought.
Because the stupid damn captcha was so distorted I kept getting it wrong. In the end it asked me to copy and paste code:
They are using the new captcha. The one that is friendly to humans. Yeah, right.
Someone reverse engineered their new code, posted it to Github and posted it to Hacker News. Google asked them to take it down. They complied. Screw Google – as I had a Github account I copied it.
This isn’t just a captcha. It tracks. From the HN thread:
Google servers will receive and process, at least, the following information:
Execution time, timezone
Number of click/keyboard/touch actions in the iframe of the captcha
It tests the behavior of many browser-specific functions and CSS rules
It checks the rendering of canvas elements
Likely cookies server-side (it’s executed on the www.google.com domain)
And likely other stuff…
I hate spam. I hate spammers. But I despise Google even more.
So when the NSA or GCHQ comes up in the news, just remember that Google does more and with less oversight.