The developer in me hates what #CloudFlare's anti-bot checks are turning the web into. As a blind person, I'm occasionally frustrated at having to obtain an accessibility cookie to bypass the CAPTCHA. My inclusive design/accessibility professional side hates that those cookies have to be obtained in a way that doesn't fully respect privacy.
But simply as a human, what I find most objectional of all is CloudFlare's "Checking if the site connection is secure" messaging. That sounds like a good thing; how nice that this site is looking out for my protection as a humble web user! When in fact, my activity and circumstances are being checked against an arbitrary set of requirements and baseline-level metrics, to determine if I have the right to go where I want to go. It has nothing to do with security, and everything to do with information lockdown.
Of course, CloudFlare's lawyers probably signed off on this copy as being just close enough to the truth. They are checking that the site connection is secure... against bad actors. Which they may very well find to be you if they can't prove your human nature beyond reasonable doubt, so watch out.
@jscholes That bloody cookie never actually works for me because it requires you use cookie settings that are actually hard to achieve even with exceptions in most reasonable browsers. I can exclude the HCaptcha domain all I like, still doesn't work. And it can't possible work with all these electron apps that embed it! They should make the text captcha required.
@jscholes It thoroughly breaks my enjoyment of fanfiction in the way that I like, as a result. I can mitigate it in an annoying way, but I shouldn't feel like I have to.
@FreakyFwoof Exactly! Almost as bad as when I paste a particular author's fanfic URLs into FicHub, and it tells me that they personally asked for the ability to download their work to be removed from the tool. Their free, text-based work, itself stemming from somebody else's copyrighted material. Get out of here with that shit.
@jscholes @FreakyFwoof That's super weird, you'd think authors would want their work to spread as much as possible. It's not like they're charging by the copy or even benefiting from advertising.
@modulux @jscholes @FreakyFwoof Part of that is because others might upload it pretending it's theirs, and get the kudos and comments and engagement that the person who wrote it should be getting. Plagiarism is a problem.
But having it available for personal use shouldn't be made so difficult!
@shadyspotlight @jscholes @FreakyFwoof Ok, that makes sense. I just don't know how much forbidding downloads helps with that, since people can copy and paste from the websites. I guess it does make it a little more convenient.
@shadyspotlight I have no time for plagiarism. As you say, unauthorised reposting can starve the original creator of community engagement, result in edits not being propagated, etc.
When it comes to downloaders, though, FicHub is not the only game in town; some websites like AO3 even have a native download feature that authors cannot disable. Failing the ability to download a work, people bent on copying it will just take it from their browser.
And so much like the CloudFlare features that prompted this thread, trying to prevent fanfiction downloads is mostly security theatre that harms readership more than it helps writers. Heck, somebody particularly vindictive, upon realising that their download rights are being negated, may treat that as fuel for the fire, making reposting more likely. I don't endorse such behaviour, but I'd certainly consider it if I was an author. As the comma-heavy sentences before this one make clear, I am not one :)
James, my pet peeve is web sites with capchas where I don’t understand the business need for ensuring that it is not a bot. My best guess is that capchas allow web sites to sell advertising based on the count of real human visitors.
You mention Cloudflare, but there are plenty of tech giants that offer seductively useful “free” services. I use services from Cloudflare and Google that save me a ton of time (and some money) when in principle I would feel better self-hosting.
@mark_watson @jscholes The ones that annoy me are the Kobo and Sony sites. In both cases I have logged in with a username and password to an account that has spent money with them for years, but for some reason they seem to want me to go through a CAPTCHA check. Sony is the most annoying because I have TOTP two factor security involved; no bot is going to get past that.
@unchartedworlds@scicomm.xyzI wondered about that "checking" text! Interesting.
@jscholes thank you for mentioning "privacy cookie", I've wondered how the "prove you're human" challenges work for those who can't identify bridges and bicycles in random pictures
For those following along at home I found https://www.hcaptcha.com/accessibility
Looks like you can prove you're human by using the same token on multiple sites and believing it isn't being used to track you from site to site
@jscholes The Cloudflare check has been introduced by the site owners for their own security, so I've always interpreted the message from their perspective rather than mine. That being said, are there any accessibility issues with the Cloudflare captcha alternative? I personally like it (asa user) and could see myself introducing it to sites of my own.
@gunnarsson The accessibility will depend on whether the site is using hCaptcha or CloudFlare Turnstile. With the former, users must obtain an accessibility cookie unless a text-based alternative is allowed by the site owner. This is a problem because:
1. It forces users to provide personal information (an email address to receive the cookie URL), linked to the fact that they require accessibility affordances. This disclosure is not desirable or acceptable to many.
2. The accessibility cookie may not be present in all scenarios where users require it, e.g. in-app browsers.
Even if the textual alternative is enabled, it will not be accessible to 100% of people. As for Turnstile, I don't know how that works and so can't comment.
@jscholes I see, thank you. I was referring to Turnstile, but it was useful to be reminded that it might have accessibility implications in any case. I will investigate.