Oh, yes I probably should have included this in the first post on this topic. Since I am in the USA, I have no trust in my ISP. I read the entire Privacy Policy and Terms of Service and know that they are untrustworthy with certainty. So I have my pfSense firewall routing all traffic in my network through a VPN. Yeah, that’s definitely the trigger for lots of these sites, but there’s no other safe option to shop online. The Tor network is absolutely off the table, and I don’t want to setup a VPN on a VPS. Besides keeping my traffic protected from my ISP, I want to share an IP address in order to blend in, rather than setting up essentially a secondary ISP.
I understand. You may be interested to know that @Kyle_Rankin self-hosts their own website and Mastodon instance using Sonic, however it is only available in California.
If you are willing to trust me, I deployed Outline VPN on my VPS Elite from OVHcloud. Under the hood, it uses Shadowsocks to circumvent censorship. I have a few people in my inner circle using it, and I recently used it to bypass ISP and government censorship in order to access Costco.
https://forums.puri.sm/t/open-router-for-home-small-business/22577/22?u=franklyflawless
If you want me to list other web shops that do not have captchas, but provide technological products/services, I can share them in this thread.
It’s not that I don’t trust you specifically, but I don’t want to rely on individuals, rather than established providers. I’ve had my pfSense stable for years now with this setup, and it works well for me. Sites that give me problems because of the VPN server I use are generally just not worth dealing with for me.
Yes, please do. That’s what this topic is all about.
The rest of the list is what I use for configuring the various VPS:
Then there is a (Canadian) website that do not use captchas, but have tons of analytics, trackers, and so on:
Thank you for the contributions.
I have no idea why reCaptcha, captcha and other are still used today. For 3 years now, invisible privacy-respecting 'captchas have been in use on many web sites. They don’t ask the user for input, instead some will use a algorithm that tests the computer/device.
We used invisible captchas to protect the clients on all clients sites. They are seamless and don’t require the user to play silly spot-the-buses games. Maybe that is why with some sites, one doesn’t see the captcha, but doesn’t mean it’s not there.
There are other types of visible cpatchas that respect visitor’s privacy, but clients opt for the invisible ones.
~s
A meager attempt to differentiate real users from bots. You can read more background behind CAPTCHAs from Cloudflare’s various articles and blogs:
Here is a highly relevant quote from the linked blog article:
I hear you.
I think the point was: there are other, non-intrusive, ways of making that differentiation.
I don’t know what the comparative false-positive / false-negative rates are though.
Sure, but I was addressing why CAPTCHAs exist. If there was some sort of discussion prompt about how to problem solve against bots, point it out and I will provide relevant resources towards addressing that too, whether in this thread or a different one.
Sorry if I mislead you, but I have great deal of knowledge about captchas. Google, for years has offered the invisible stalker. But, I underdtand that too collects data.
My point was, that old-style koders using the visual captchas need to upscale their talents and use invisible, non-interfering captchas.
This is strictly my own opinion, that reCaptcha is just one of Googles way of tracking our devices.
Company I worked for refused to let anything that captchas or it’s correct spelling, captures visitor info. There are many analytics that can be churned to the designers/needs /w stalking. IMO
Great, so going back to the topic of this thread, do you know of any online shops that do not use CAPTCHAs?
That’s the worst part. Most web sites don’t implement their own CAPTCHA so they just embed Snoople’s, thereby spreading Snoople’s tentacles into so many web sites. So the experience on some web sites is both disruptive (yet more traffic lights) and invasive (yet more data fed into the Snoopleborg).
Before or after log in? Guest checkout?
For me, CAPTCHAs are a big enough problem to come to my attention as being annoying but not big enough to hunt around for sites that don’t use them.
You just reminded me about eBay: I only use guest checkout on there and never experienced any CAPTCHAs from doing so. If account creation is mandatory, ephemeral email address services can typically be used during the process and may be sufficient in most cases.
No. But I hope you find some decent online shop sites or better still, a list of acceptable non-stalking online shops.
IMO: It’s always the innocent bystanders that pay for security.
~s
I found a resource that is relevant to this topic:
While the website is mainly focused on using cryptocurrencies for transactions without providing personal details, they also have filters for other criteria, such as JavaScript-free websites, so CAPTCHAs dependent on JavaScript will not be used there:
Note that 1984 is not listed on the website, but everything I already mentioned about it within this thread, the broader Purism forums, and the Tor Project Forum are still valid:
Related:
Ruminations about banking - Round Table - Purism community (trust level 0 and up)