←back to thread

CAPTCHAs are over (in ticketing)

(behind.pretix.eu)
204 points pabs3 | 5 comments | 25 May 25 00:37 UTC | HN request time: 0.201s | source
1. nikolayasdf123 ◴[25 May 25 02:36 UTC] No.44085128[source]
how about on-device biometrics?

most of traffic is from mobile devices anyways. they have biometrics (e.g. Apple FaceID, fingerprint). they also have DeviceCheck (Apple Hardware + Apple servers) integrity checks of device/binary that is making requests. it is also free and private.

why using this technology is not part of conversation? seems like utmost strongest guarantees and perfect fit?

replies(3): >>44085863 #>>44085919 #>>44088243 #
2. moneywaters ◴[25 May 25 05:53 UTC] No.44085863[source]
Yeah that's good solution
3. politelemon ◴[25 May 25 06:06 UTC] No.44085919[source]
It is not "free" as you must buy such a device, nor is it most of traffic, and its privacy is questionable. A solution to the problem area here needs to cater to people outside the HN echo chamber.
replies(1): >>44085982 #
4. nikolayasdf123 ◴[25 May 25 06:24 UTC] No.44085982[source]
As a developer or website or app, I don't need to buy a device. User has to buy it, as it is theirs device. And chances are, they are on the iphone or other apple device already. And if not, they are on Android, which has comparable biometrics options.

Are you claiming that owners of websites have to purchase laptops for their website visitors?

And are you claiming that Apple has worser privacy than Android? or ... holdon, there is nothing else (Huawei is out of the question, and MSFT/Symbian does not exist anymore)

this is crazy talk. what are you even saying?

5. arp242 ◴[25 May 25 14:49 UTC] No.44088243[source]
So how would this work in concrete terms? How will this stop bad-faith actors who will go out of their way to abuse/fake things? How does it solve the "BAP theorem"? You can't just sprinkle a term like "on-device biometrics" and declare that solves it.