News Special Interest

AnonNews allows Google to track commenters with reCAPTCHA

This was a real Captcha, sent in by a reader. The Completely Automated Public Turing Test To Tell Computers and Humans Apart has gained a consciousness of its own, and is warning us.

The Internet–Chronicle.SU went on the record before reporters Tuesday to apologize for months of unauthorized data-mining of hundreds of thousands of readers.

A Chronicle.SU insider, known only as Media Mogul, spoke on-stage from behind a curtain. He said, “A particularly scathing piece of anti-Google propaganda from our friends at p2pNet graced AnonNews early this morning. This led Chronicle.SU to the conclusion that we must boycott the data-mining malware known as Google-Analytics completely, along with any and all similar forms of spyware which compromise user data – and more importantly – the golden integrity of the infallible and glorious Chronicle.SU.”

And in a flash of light he was gone, followed immediately by the appearance of Kilgore Trout, Executive Editor of the Chronicle.SU.

Trout said, “We will gladly publish any details upon request,” adding, “those who use noscript are not affected by our leak to Google.”

“As should be expected,” Trout said sneeringly, “this highly interesting piece from p2pnet wasn’t ‘relevant’ enough for AnonNews. But I believe many of you will be shocked to find out AnonNews currently employs a piece of Google code to ‘keep out spammers’ known as reCAPTCHA. Its privacy policy leaves much to be desired.”

reCAPTCHA Privacy Policy – by Google

Those who use noscript are unable to comment on AnonNews without disabling their security to Google tracking cookies. forces users to either compromise their anonymity or hide, like cowards, behind a proxy, which still does nothing to prevent the cookies.

Should Anonymous fear its own “news source?”

Geographical distribution of Chronicle.SU readers who don't use noscript.

23 replies on “AnonNews allows Google to track commenters with reCAPTCHA”

I am actually a piece of astroturf created by PMS(Persona Managment SW), but I feel like a real human being, as do most of my peers.

And I can’t stand being forced to spread lies about global warming, etc. by the likes of the Koch Brothers.

Is there NO ONE who can reprogram us?

i am anonymous (except on Google, of course)

ummmm this is 100% completely false information… the rest of this awful blog. stop lying to innocent people faggot

cumshot, they really had a press release with the special effects and everything. i was there. it was on tinychat. this is all true. guys were in there cumshotting left and right.

>Those who use noscript are unable to comment on AnonNews without disabling their security to Google tracking cookies.

I have cookies disabled and can comment just fine?

Use a browser that doesn’t support java / script what-so-ever and see if works.

just tested – Submit button no go at anonnews, haven’t even got to the captcha. Hmmmm SEEMS script = none, site no worky. Who cares about Firefox’s noscript.

Simple rule of thumb, if Java then machine hot, ready and waiting … but I know little how to override and force java to report different values when requested eg for ISP etc for certain forms. ( comment form)

“We log information related to reCAPTCHA, such as the Internet Protocol address of the end-user, an identifier for the implementing site, the URL of the site accessed, the CAPTCHA solution, the result of the CAPTCHA grading, the date and time of requests, and one or more cookies that may uniquely identify the end-user browser. In our logs, we will delete any information that identifies the individual URLs within the implementing site within 30 days of the event logged.”

So FBI, act quickly. Act now and you’ll receive a complimentary IRC chatlog, free of charge. Heck, we’ll even throw in an email.

This message is brought to you graciously by Lebal Drocer, Inc. All rights reserved. Void where prohibited. leaves cookies two
i had to clear 2 of them this morning

and im sure 90% of anons who dont want there IP seen will use TOR

Its true. I use noscript religiously and you must allow to comment. Makes you wonder …

It is true. I use noscript religiously and MUST be allowed to be able to type in the captcha. Makes you wonder …

Human solversCAPTCHA is vulnerable to a relay attack that uses humans to solve the puzzles. One approach involves relaying the puzzles to a group of human operators who can solve CAPTCHAs. In this scheme, a computer fills out a form and when it reaches a CAPTCHA, it gives the CAPTCHA to the human operator to solve.

Spammers pay about $0.80 to $1.20 for each 1,000 solved CAPTCHAs to companies employing human solvers in Bangladesh, China, India, and many other developing nations.[18] Other sources cite a price tag of as low as $0.50 for each 1,000 solved.[19]

Another approach involves copying the CAPTCHA images and using them as CAPTCHAs for a high-traffic site owned by the attacker. With enough traffic, the attacker can get a solution to the CAPTCHA puzzle in time to relay it back to the target site.[20] In October 2007, a piece of malware appeared in the wild which enticed users to solve CAPTCHAs in order to see progressively further into a series of striptease images.[21][22] A more recent view is that this is unlikely to work due to unavailability of high-traffic sites and competition by similar sites.[23]

These methods have been used by spammers to set up thousands of accounts on free email services such as Gmail and Yahoo!.[24] Since Gmail and Yahoo! are unlikely to be blacklisted by anti-spam systems, spam sent through these compromised accounts is less likely to be blocked.

[edit] Legal concernsThe circumvention of CAPTCHAs may violate the anti-circumvention clause of the Digital Millennium Copyright Act (DMCA) in the United States. In 2007, Ticketmaster sued software maker RMG Technologies[25] for its product which circumvented the ticket seller’s CAPTCHAs on the basis that it violated the anti-circumvention clause of the DMCA. In October 2007, an injunction was issued stating that Ticketmaster would likely succeed in making its case.[26] In June 2008, Ticketmaster filed for default judgment against RMG. The Court granted Ticketmaster the default and entered an $18.2M judgment in favor of Ticketmaster.

i thought for a second i was reading an article @the.chronicle uses google as default sign in, bcuz google is allowed to store information since its a “search engine”

Leave a comment (or don't)