With solving services like DeathByCaptcha and AntiCaptcha, it takes seconds to solve them. It costs something like $1.90 per 1,000 successfully solved captchas using human typers and OCR. It can easily be rolled into your code with a few lines.
If websites can't trust that their users are authentic they will probably institute even more intrusive checks.
I haven't been optimistic about the future of technology for a while now. :'(
Essentially, the manufacturer of the device + operating system will generate a unique signature per each device, and web browsers will be able to access it.
From what I understood, each TPM has a unique private/public key pair (Endorsement Key (EK)), and then this key is certified by the manufacturer of the TPM.
From there, you can generate a Attestation Keys, and these keys are signed by the EK.
https://security.stackexchange.com/questions/235148/whats-th...
So essentially, at the end of the day, Chromium would ask the TPM for attestation, and it would act as a unique Device ID.
Then they can allow only a selected list of TPM manufacturers certificates, to prevent emulators for example.
TL;DR: Chromium on Linux would ask the TPM chip for a signature, and each TPM chip has a different signature from the moment it is out of the factory.
The real thing is the gating of every kind of information exchange and treatment in the hands of a few entities, that get the power to say who will participate on those activities and doing exactly what.
That is, the complete elimination of the freedom of association and initiative from our society. At least around any one of those that involve computers.
The lost of privacy is a rounding error.