As an end-user reCaptcha causes me so much frustration. It is often blocked by either Firefox or Privacy Badger, and I usually only realise it's blocked after I've filled out a long form and tried to submit it. Then I need to unblock it and reload the page which often will either reset the form or lose the state of the page. And then, I'm almost always presented with the crazy "select storefronts" choices.
I think the language in the issue is warranted in this case...
Terrible language to criticize or submit a bug of a product.
I agree the recaptcha can be frustrating, but the user must also understand the underlying reasons. For instance, your ISP and VPN plays a huge role why you keep getting it.
As an ecommerce developer I appreciate recaptcha. And we should also appreciate it is free. If hate it too much, why use it?
> As an ecommerce developer I appreciate recaptcha. And we should also appreciate it is free.
It's not free, it's a part of Google's worldwide data collection machine.
Actually, for medium to small websites recaptcha is not even necessary, a simple question, even stupid ("who is the author of the famous book by Hemingway?") is far more useful because it doesn't lose the user's time. You know, if they get annoyed, they might not place the order.
It depends. If you have a service that is likely to be targeted by specialized bots because you provide something valuable that they can abuse (like storage, e-mail sending capability etc.), and you don't care that much about your users, reCaptcha is currently one of these solutions that mostly work.
For everything else, you can easily use your own solution and it's likely to work like a charm. You can even include it in JS on the client as it doesn't matter if it's obvious for a human. Some simple oneliners will do, even if you work with a stock solution like Prestashop or Wordpress.
In my experience, e-commerce spam is mostly fake customer-service requests and sometimes orders made by some typical bots with links to Russian and Chinese websites. It's enough to do one simple check an they're gone as the people who run these bots don't care about your website in particular, they just want to spam the whole internet and they won't bother modifying the code just for one website. They won't even know the bots were stopped by your oneliner.
Well, in my case no one cares. Their systems are 1000% connected with google already. Google Ads (adsense, adwords)integration on ecommerce is far more intrusive, they have the complete data. Most websites do not care about Google taking their data. They use Analytics, Tag Manager, Search Console, Gsuite are just to name a few. I don't think I've ever met any company without google analytics already installed, before or after the project.
I kind of hate hackernews for this neverending google data collection circlejerk.
I think the language in the issue is warranted in this case...