Thanks for the info, I am a Private Internet Access customer and didn't realise til now. I now feel disgusted and will definitely be switching to another provider when my subscription ends. Luckily I only use it for Linux ISOs and changing region for streaming services so not much to spy on.

I really wish everyone would use semantic HTML wherever possible. The gains for accessibility are huge.

Take a JS dialog or pop-up menu, for example. You would think it would be easy for everyone to use, but a screen reader user might not even be aware that it’s there in the first place. Even when they do, they still need to find it in a linear and possibly very cluttered representation of the page. It could be right next to the "open menu" button, at the bottom of the page, or somewhere else entirely. The menu/dialog could also disappear as soon as they move the focus in an attempt to find it!

These are all things I put up with regularly.

I think anything that makes accessibility easier for developers is a good thing, especially if it just works without having to think about accessibility.

Just put tailscale [1] on all of your devices and forget about the problem. It may be technically a vpn but it's much easier to use.

[1] https://tailscale.com/

You will have nothing but trouble, but it will sound great, even when blasting Spotify ads at you on your spotify premium subscription.

I hate my sonos setup now. It sounds great, but everything else has got worse since I bought them. The Sonos connect isn't supported by s2, the latency of changing volume got worse to the point that it is way too loud before you even notice it changing, There is something completely broken between Spotify/Sonos/Alexa making it only play Spotify free through sonos even though I have a subscription.

Then there's the things that were always shit, like no low latency streaming except through the analogue inputs on the Sonos connect and a closed protocol blocking open source improvements.

recaptcha audio challenge is just a few words (in English) that you have to enter. Might be easier in some circumstances? You can press CTRL to repeat the audio.

I like it myself. If I have to use CAPTCHA that is, I can't stand it on principle!

Accessibility isn't special treatment! As I said before I would never provide proof of identity to simply access a website.

> Accessibility isn't special treatment!

Perhaps not in all cases, but it can be. This article is literally about special treatment for accessibility purposes.

It's of course debatable if this is how things should be, but that's another discussion.

I am perfectly happy with having to prove that I am blind to get my bus pass, but if It was necessary to access a website I would just not use that site. Lets hope it never gets that bad. There's always Anticaptcha to fall back on, but I hate their business model.

And audio Captchas are in English. I suppose blind people who don't speak English or have any kind of hearing difficulty don't deserve accessibility.

Can you have them translated into your native language? I mean I imagine if your using Google from a different country, it might take notice. Maybe it doesn't apply to reCAPTCHA, Google can be stupid like that!

I am also blind. hCaptcha is the worst. Their stupid cookie expires so I have to go through their getting an email to set the cookie almost every time I encounter one. It's a horrendous UX, especially when using different devices and browsers. I imagine others just give up instead of dealing with the crap. They shouldn't use the word accessibility when their whole service is the exact opposite.

The bots can probably solve them easier than blind people anyway, or they can outsource them to third world workers for next to nothing. E.G. Anticaptcha [0]:

> Starting from 0.5USD per 1000 images, depending on your daily spending volume

[0] https://anti-captcha.com/

Believe me, hCaptcha isn't much better even if you're not blind! They show me minuscule images which are barely distinguishable from each other. It manages to be much worse than reCaptcha, which is some achievement.

I'm not blind, but do have visibility issues. I can get by on my phone with maxed text size, etc. The pictures for hcaptcha are horrible... I keep having to zoom in and out. It's almost as bad as modals that flow off screen.

It sucks more when you work in the space and take a lot of care to usability. It's not that hard most of the time.

i have the complete opposite experience. im not blind but i use tor. vpns and non spyware browser which is probably worse lol google captcha most of the time sends me into a loop that does not stop and always fails regardless how right i am for +3 minutes. meanwhile hcapcha lets me pass if i simply correctly fill out 1-3 captchas.

What's the best captcha regarding accessibility?

None.

There are no "best" version of captcha. I've worked on several large scale projects where captcha was floated and then quickly abandoned in favor of other methods like Honeypot or using other methods to weed out bots and other 3rd party agents.

If you have to use captcha the least worst are probably reCaptcha V2 and hCaptcha for accessibility.

What were the chosen choices? Curious to know

By far the most effective way to prevent bots is to charge for an account or service. Facebook, for example, banned billions of bots. At just 1 dollar an account, such a situation would be completely untenable. Not to mention most views are worth fractions of a cent - paying for bots wouldn't be a return on investment, so nobody would do it.

Bots are an inherent problem with free, advertisement-fueled web. If you want to get rid of them, it's trivial, but requires an re-understanding of how we use the web.

I'm OK with reCAPTCHA, but uh... Just not a fan of Google!! I'm an expert reCAPTCHA solver.

Brave PoW captcha maybe? Because it requires no input/interaction from the user.

I don't understand why POW solutions aren't more popular.

I don't think there is any PoW that results in acceptable performance for the user (especially on mobile) while also making the cost for an attacker high enough to deter them.

Even renting the compute on AWS, it only costs $0.01 per minute for the equivalent of a decent desktop computer (c8g.4xlarge). While an attacker will likely either use a botnet, or hardware better suited for solving the PoW than the hardware the user is using.

Though CAPTCHAs don't really work well anymore either, since solving services are quite cheap. Recaptcha is nowadays primarily based on other factors, like IP reputation, susceptibility to google tracking, and behavioral scoring.

Most people engage with web content on relatively low powered machines. If you tune them to be tolerable on a 4 year old mid-range android device, there isn't much cost incurred on a threadripper.

I'd never heard of them before getting them while using Brave search sometimes, I'm not sure I entirely understand how they work and differentiate between a bot and human.

They don't differentiate. They just make it too expensive to be worth paying for the resources required to carry out a spam attack at any meaningful scale.

Oh that makes sense, neat way of doing it. Basically adds a delay while also costing CPU resources.

First of all, why should I want them to set a cooky on my system? I don't want them to do that. Yeah, I do use session cookies. However, I shouldn't have to have a company set one on my system to get around their stupid CAPTCHA!! In other words, I shouldn't have to disclose anything to them. I could be an AI for all they care.