{"id":107111,"date":"2026-05-22T00:12:29","date_gmt":"2026-05-21T22:12:29","guid":{"rendered":"https:\/\/www.infokuryr.cz\/n\/?p=107111"},"modified":"2026-05-21T12:10:31","modified_gmt":"2026-05-21T10:10:31","slug":"rick-findlay-svet-internetu-se-deli-na-schvalene-a-neschvalene-lidi","status":"publish","type":"post","link":"https:\/\/www.infokuryr.cz\/n\/2026\/05\/22\/rick-findlay-svet-internetu-se-deli-na-schvalene-a-neschvalene-lidi\/","title":{"rendered":"Rick Findlay: Sv\u011bt internetu se d\u011bl\u00ed na schv\u00e1len\u00e9 a neschv\u00e1len\u00e9 lidi"},"content":{"rendered":"
<\/div>\n
\n
\n

V roce 2023 Google po\u017e\u00e1dal o povolen\u00ed k uzav\u0159en\u00ed otev\u0159en\u00e9ho webu, byl odm\u00edtnut \u2013 a nyn\u00ed jednodu\u0161e vydal tot\u00e9\u017e jako aktualizaci produktu, o kter\u00e9 nikdo nehlasoval.<\/span><\/strong><\/p>\n

V roce 2023 Google navrhl n\u011bco, co se naz\u00fdvalo \u201eIntegrita webov\u00e9ho prost\u0159ed\u00ed\u201c. My\u0161lenka spo\u010d\u00edvala v tom, \u017ee webov\u00e9 str\u00e1nky by mohly p\u0159ed ud\u011blen\u00edm p\u0159\u00edstupu zkontrolovat, zda v\u00e1\u0161 prohl\u00ed\u017ee\u010d b\u011b\u017e\u00ed na hardwaru certifikovan\u00e9m spole\u010dnost\u00ed Google. Mozilla se proti tomu postavila.<\/span><\/p>\n

Spole\u010dnost Brave uvedla, \u017ee tuto funkci nikdy nevyd\u00e1. Vivaldi varoval: \u201eJak\u00fdkoli prohl\u00ed\u017ee\u010d, kter\u00fd se rozhodne tuto funkci neimplementovat, by ji\u017e nebyl pova\u017eov\u00e1n za d\u016fv\u011bryhodn\u00fd a jak\u00fdkoli web pou\u017e\u00edvaj\u00edc\u00ed toto API by mohl u\u017eivatele takov\u00fdch prohl\u00ed\u017ee\u010d\u016f odm\u00edtnout.\u201c<\/span><\/p>\n

Google n\u00e1vrh b\u011bhem n\u011bkolika m\u011bs\u00edc\u016f st\u00e1hl. Ve\u0159ejnost vyhr\u00e1la.<\/span><\/p>\n

O t\u0159i roky pozd\u011bji v\u0161ak na konferenci Cloud Next ’26 Google ozn\u00e1mil \u201eFraud Defense\u201c \u2013 propagovanou jako dal\u0161\u00ed v\u00fdvoj reCAPTCHA. Pou\u017e\u00edv\u00e1 stejn\u00e9 rozhran\u00ed Play Integrity API. Vy\u017eaduje stejn\u00fd hardware certifikovan\u00fd spole\u010dnost\u00ed Google a prov\u00e1d\u00ed stejnou atestaci za\u0159\u00edzen\u00ed. Rozd\u00edl je v tom, \u017ee tentokr\u00e1t se Google nikoho neptal. Nebyl proveden \u017e\u00e1dn\u00fd standardiza\u010dn\u00ed proces ani ve\u0159ejn\u00e9 hodnocen\u00ed. Str\u00e1nka s po\u017eadavkem byla jednodu\u0161e spu\u0161t\u011bna a Fraud Defense byla zavedena nap\u0159\u00ed\u010d st\u00e1vaj\u00edc\u00ed instala\u010dn\u00ed z\u00e1kladnou reCAPTCHA, kter\u00e1 \u010d\u00edt\u00e1 v\u00edce ne\u017e 14 milion\u016f dom\u00e9n.<\/span><\/p>\n

Standardiza\u010dn\u00ed proces, kter\u00fd zastavil WEI, existoval z velmi specifick\u00e9ho d\u016fvodu: zabr\u00e1nit jedin\u00e9 spole\u010dnosti v rozhodov\u00e1n\u00ed o tom, kdo m\u016f\u017ee pou\u017e\u00edvat otev\u0159en\u00fd web. Google na\u0161el \u0159e\u0161en\u00ed. Jednodu\u0161e uvedl na trh stejn\u00fd mechanismus jako komer\u010dn\u00ed produkt.<\/span><\/p>\n

Jak v\u00e1s reCAPTCHA penalizuje, pokud nejste z\u00e1kazn\u00edkem Googlu<\/span><\/strong><\/h3>\n
\"\"<\/figure>\n

Hodnocen\u00ed je manipulov\u00e1no po l\u00e9ta. reCAPTCHA v3 p\u0159i\u0159azuje ka\u017ed\u00e9mu n\u00e1v\u0161t\u011bvn\u00edkovi sk\u00f3re rizika mezi 0,0 a 1,0. Technologi\u010dt\u00ed konzultanti, kte\u0159\u00ed syst\u00e9m testovali, zjistili, \u017ee prohl\u00ed\u017ee\u010de p\u0159ihl\u00e1\u0161en\u00e9 k \u00fa\u010dtu Google konzistentn\u011b dost\u00e1valy n\u00edzk\u00e9 sk\u00f3re rizika, zat\u00edmco stejn\u00e9 webov\u00e9 str\u00e1nky, ke kter\u00fdm se p\u0159istupovalo p\u0159es Tor nebo VPN, byly klasifikov\u00e1ny jako vysoce rizikov\u00e9.<\/span><\/p>\n

P\u0159ihl\u00e1\u0161en\u00ed do Googlu a t\u00edm p\u0159ed\u00e1n\u00ed dat z va\u0161eho prohl\u00ed\u017ee\u010de sledovac\u00edmu syst\u00e9mu Googlu je pova\u017eov\u00e1no za d\u016fkaz, \u017ee jste \u010dlov\u011bk. Ochrana va\u0161eho soukrom\u00ed je naopak br\u00e1na jako zn\u00e1mka toho, \u017ee byste mohli b\u00fdt bot.<\/span><\/p>\n

Ka\u017ed\u00fd, kdo n\u011bkdy pou\u017e\u00edval VPN, to v\u00ed z vlastn\u00ed zku\u0161enosti. Pokud z\u016fstanete p\u0159ihl\u00e1\u0161eni ke sv\u00e9mu \u00fa\u010dtu Google, reCAPTCHA v\u00e1s provede jedin\u00fdm kliknut\u00edm nebo dokonce bez jak\u00e9hokoli ov\u011b\u0159en\u00ed. Pokud se ale odhl\u00e1s\u00edte, p\u0159epnete na Firefox nebo aktivujete blokov\u00e1n\u00ed sledovac\u00edch za\u0159\u00edzen\u00ed, za\u010dnou h\u00e1danky. Opakuj\u00ed se. Jsou \u010d\u00edm d\u00e1l t\u011b\u017e\u0161\u00ed. N\u011bkdy nikdy nekon\u010d\u00ed.<\/span><\/p>\n

U\u017eivatel\u00e9 VPN za\u017e\u00edvaj\u00ed n\u011bco je\u0161t\u011b hor\u0161\u00edho, proto\u017ee IP adresy VPN server\u016f sd\u00edlej\u00ed tis\u00edce lid\u00ed. Chov\u00e1n\u00ed n\u011bkolika m\u00e1lo u\u017eivatel\u016f po\u0161kozuje reputaci cel\u00e9 adresy. IP adresy VPN se \u0161patnou reputac\u00ed zp\u016fsobuj\u00ed m\u00edru selh\u00e1n\u00ed CAPTCHA v 80 a\u017e 100 procentech \u2013 a to v\u010detn\u011b slo\u017eit\u011bj\u0161\u00edch h\u00e1danek.<\/span><\/p>\n

Roz\u0161\u00ed\u0159en\u00ed pro ochranu soukrom\u00ed, jako je uBlock Origin nebo Privacy Badger, mohou zcela naru\u0161it skripty reCAPTCHA. V\u00fdsledkem jsou nekone\u010dn\u00e9 smy\u010dky, kde se ov\u011b\u0159en\u00ed st\u00e1v\u00e1 nemo\u017en\u00fdm \u2013 bez ohledu na to, kolik p\u0159echod\u016f pro chodce spr\u00e1vn\u011b identifikujete.<\/span><\/p>\n

Obt\u00ed\u017enost reCAPTCHA se zvy\u0161uje nep\u0159\u00edmo \u00fam\u011brn\u011b tomu, kolik toho o v\u00e1s Google v\u00ed. P\u0159esn\u011b tak je syst\u00e9m navr\u017een.<\/span><\/p>\n

Lid\u00e9, kter\u00fdch se to skute\u010dn\u011b dot\u00fdk\u00e1<\/span><\/strong><\/h3>\n

V\u00fdzkumn\u00edci, kte\u0159\u00ed prohledali cel\u00fd adresn\u00ed prostor IPv4, zjistili, \u017ee 1,3 milionu webov\u00fdch str\u00e1nek odm\u00edt\u00e1 p\u0159ipojen\u00ed ze zn\u00e1m\u00fdch v\u00fdstupn\u00edch uzl\u016f s\u00edt\u011b Tor. P\u0159ibli\u017en\u011b 3,67 procenta z 1 000 nejv\u00fdznamn\u011bj\u0161\u00edch webov\u00fdch str\u00e1nek blokuje u\u017eivatele s\u00edt\u011b Tor p\u0159\u00edmo na \u00farovni aplikace. V\u00fdzkumn\u00edci dosp\u011bli k z\u00e1v\u011bru, \u017ee u\u017eivatel\u00e9 s\u00edt\u011b Tor jsou \u201efakticky odsouv\u00e1ni na \u00farove\u0148 druho\u0159ad\u00fdch ob\u010dan\u016f na internetu\u201c.<\/span><\/p>\n

Dokonce i samotn\u00e1 dokumentace Toru tento probl\u00e9m uzn\u00e1v\u00e1. Webov\u00e9 str\u00e1nky interpretuj\u00ed kombinovan\u00fd provoz v\u00fdstupn\u00edch rel\u00e9 jako podez\u0159el\u00fd a reaguj\u00ed CAPTCHA, do\u010dasn\u00fdmi bloky nebo varov\u00e1n\u00edmi o \u00fadajn\u011b infikovan\u00e9m provozu. Nic z toho neodr\u00e1\u017e\u00ed, co dan\u00fd u\u017eivatel skute\u010dn\u011b ud\u011blal.<\/span><\/p>\n

Lid\u00e9, kte\u0159\u00ed se na Tor nejv\u00edce spol\u00e9haj\u00ed, jsou novin\u00e1\u0159i pracuj\u00edc\u00ed pod nep\u0159\u00e1telsk\u00fdmi vl\u00e1dami, disidenti a ob\u011bti dom\u00e1c\u00edho n\u00e1sil\u00ed, kte\u0159\u00ed cht\u011bj\u00ed komunikovat, ani\u017e by byli sledov\u00e1ni. Anonymn\u00ed komunikace je z\u00e1chrann\u00fdm lanem pro lidi, jejich\u017e p\u0159\u00edstup k internetu je kontrolov\u00e1n st\u00e1ty, kter\u00e9 by jim ubl\u00ed\u017eily, kdyby jej pou\u017e\u00edvali voln\u011b. Syst\u00e9my CAPTCHA s nimi v\u0161ak zach\u00e1zej\u00ed stejn\u011b jako s automatizovan\u00fdmi botnety.<\/span><\/p>\n

Ochrana proti podvod\u016fm jde je\u0161t\u011b d\u00e1l. Str\u00e1nka s po\u017eadavky spole\u010dnosti Google p\u0159esn\u011b specifikuje, kter\u00fd hardware je pro nov\u00e9 kontroly QR k\u00f3d\u016f zp\u016fsobil\u00fd. Telefony s Androidem vy\u017eaduj\u00ed slu\u017eby Google Play verze 25.41.30 nebo nov\u011bj\u0161\u00ed.<\/span><\/p>\n

Tento po\u017eadavek se nevztahuje na za\u0159\u00edzen\u00ed Android, ze kter\u00e9ho byl odstran\u011bn Google. GrapheneOS, zabezpe\u010den\u00e1 verze syst\u00e9mu Android pou\u017e\u00edvan\u00e1 nad\u0161enci do ochrany soukrom\u00ed, nem\u016f\u017ee proj\u00edt kontrolami integrity Play vy\u017eadovan\u00fdmi organizac\u00ed Fraud Defense. Tot\u00e9\u017e plat\u00ed pro LineageOS, CalyxOS a jak\u00e9koli vlastn\u00ed ROM, kter\u00e9 odstra\u0148uj\u00ed vrstvu propriet\u00e1rn\u00edho softwaru spole\u010dnosti Google.<\/span><\/p>\n

Firefox pro Android se ani neobjevuje v seznamu podporovan\u00fdch prohl\u00ed\u017ee\u010d\u016f od Googlu. Postoj Mozilly k atestaci za\u0159\u00edzen\u00ed byl jasn\u011b vyj\u00e1d\u0159en ji\u017e v roce 2023 a od t\u00e9 doby se nezm\u011bnil. U\u017eivatel\u00e9 mobiln\u00edho prohl\u00ed\u017ee\u010de, kter\u00fd je nejv\u00edce \u0161etrn\u00fd k soukrom\u00ed, jsou ve v\u00fdchoz\u00edm nastaven\u00ed z ov\u011b\u0159en\u00e9ho p\u0159\u00edstupu vylou\u010deni.<\/span><\/p>\n

U\u017eivatel\u00e9 iOS na druhou stranu testem projdou bez probl\u00e9m\u016f, ani\u017e by museli instalovat jak\u00fdkoli software od Googlu. Pokud by po\u017eadavek skute\u010dn\u011b slou\u017eil k bezpe\u010dnostn\u00edm \u00fa\u010del\u016fm, p\u0159\u00edstup spole\u010dnosti Apple ji\u017e dokazuje, \u017ee atestace za\u0159\u00edzen\u00ed funguje i bez propriet\u00e1rn\u00edho bal\u00ed\u010dku od Googlu. Skute\u010dnost, \u017ee u\u017eivatel\u00e9 Androidu pot\u0159ebuj\u00ed konkr\u00e9tn\u011b Slu\u017eby Google Play, ukazuje, o co ve skute\u010dnosti jde.<\/span><\/p>\n

Hierarchie<\/span><\/strong><\/h3>\n

Syst\u00e9m, kter\u00fd Google vybudoval, vytv\u00e1\u0159\u00ed hierarchii p\u0159\u00edstupu k webu \u2013 a stoj\u00ed za to jasn\u011b uv\u00e9st, kdo kde stoj\u00ed.<\/span><\/p>\n

Na vrcholu seznamu jsou u\u017eivatel\u00e9 p\u0159ihl\u00e1\u0161en\u00ed k \u00fa\u010dt\u016fm Google, kte\u0159\u00ed pou\u017e\u00edvaj\u00ed Chrome a prohl\u00ed\u017eej\u00ed internet prost\u0159ednictv\u00edm soukrom\u00e9 dom\u00e1c\u00ed IP adresy. T\u00e9m\u011b\u0159 nikdy nevid\u00ed CAPTCHA. Pod nimi jsou b\u011b\u017en\u00ed u\u017eivatel\u00e9, kte\u0159\u00ed ob\u010das mus\u00ed lu\u0161tit h\u00e1danky a vid\u00ed norm\u00e1ln\u00ed obrazov\u00e9 m\u0159\u00ed\u017eky. Pod nimi jsou u\u017eivatel\u00e9 VPN, kte\u0159\u00ed jsou neust\u00e1le kontrolov\u00e1ni, proto\u017ee jejich sd\u00edlen\u00e9 IP adresy byly trvale ozna\u010deny.<\/span><\/p>\n

U\u017eivatel\u00e9 uv\u00e1d\u011bj\u00ed, \u017ee v\u00edce CAPTCHA na relaci je nyn\u00ed standardem. Na konci seznamu jsou lid\u00e9, kte\u0159\u00ed pou\u017e\u00edvaj\u00ed Tor, maj\u00ed chytr\u00e9 telefony s de-googlov\u00e1n\u00edm, pou\u017e\u00edvaj\u00ed Firefox s nastaven\u00edm proti otisk\u016fm prst\u016f nebo pou\u017e\u00edvaj\u00ed prohl\u00ed\u017ee\u010de, kter\u00e9 odm\u00edtaj\u00ed sledovac\u00ed soubory cookie.<\/span><\/p>\n

Pro tyto u\u017eivatele se zku\u0161enosti pohybuj\u00ed od nekone\u010dn\u00fdch smy\u010dek CAPTCHA a\u017e po \u00fapln\u00e9 pozastaven\u00ed \u00fa\u010dt\u016f. Fraud Defense to transformuje do \u00fapln\u00e9ho vylou\u010den\u00ed z webov\u00fdch str\u00e1nek, kter\u00e9 syst\u00e9m pou\u017e\u00edvaj\u00ed.<\/span><\/p>\n

Soukrom\u00ed je penalizov\u00e1no a zve\u0159ejn\u011bn\u00ed osobn\u00edch \u00fadaj\u016f je odm\u011bn\u011bno bezprobl\u00e9mov\u00fdm p\u0159\u00edstupem. Star\u00fd syst\u00e9m trestal u\u017eivatele, kte\u0159\u00ed si dbali na soukrom\u00ed, slo\u017eit\u011bj\u0161\u00edmi h\u00e1dankami. Fraud Defense je nyn\u00ed dok\u00e1\u017ee zcela zablokovat.<\/span><\/p>\n

\u010c\u00e1st sledov\u00e1n\u00ed, o kter\u00e9 Google nemluv\u00ed<\/span><\/strong><\/h3>\n

\u00dasp\u011b\u0161n\u00e9 kontroly proti podvod\u016fm ode\u0161lou spole\u010dnosti Google sign\u00e1l: Toto certifikovan\u00e9 za\u0159\u00edzen\u00ed v tuto chv\u00edli nav\u0161t\u00edvilo tuto webovou str\u00e1nku. Za\u0159\u00edzen\u00ed se stabiln\u00ed hardwarovou identitou generuje trval\u00fd identifik\u00e1tor, kter\u00fd p\u0159e\u017eije hranice relac\u00ed, p\u0159epnut\u00ed prohl\u00ed\u017ee\u010de a re\u017eimy soukrom\u00e9ho prohl\u00ed\u017een\u00ed. Spole\u010dnost, kter\u00e1 ur\u010duje, kter\u00fd hardware je legitimn\u00ed, sou\u010dasn\u011b shroma\u017e\u010fuje pr\u016fb\u011b\u017en\u00fd protokol o tom, kter\u00e9 webov\u00e9 str\u00e1nky tento hardware na otev\u0159en\u00e9m webu nav\u0161t\u011bvuje.<\/span><\/p>\n

Toto je nad r\u00e1mec sb\u011bru dat, kter\u00fd reCAPTCHA ji\u017e provedla. Francouzsk\u00fd \u00fa\u0159ad pro ochranu osobn\u00edch \u00fadaj\u016f CNIL zjistil, \u017ee reCAPTCHA shroma\u017e\u010fuje IP adresy, soubory cookie, kter\u00e9 Google um\u00edstil do za\u0159\u00edzen\u00ed v posledn\u00edch \u0161esti m\u011bs\u00edc\u00edch, a seznam plugin\u016f prohl\u00ed\u017ee\u010de \u2013 a \u017ee tato data jsou pou\u017e\u00edv\u00e1na k \u00fa\u010del\u016fm nad r\u00e1mec \u010dist\u011b bezpe\u010dnostn\u00edch.<\/span><\/p>\n

Podm\u00ednky slu\u017eby spole\u010dnosti Google informuj\u00ed spole\u010dnosti pou\u017e\u00edvaj\u00edc\u00ed reCAPTCHA, \u017ee syst\u00e9m shroma\u017e\u010fuje informace o hardwaru a softwaru a p\u0159en\u00e1\u0161\u00ed je spole\u010dnosti Google k anal\u00fdze \u2013 a \u017ee je jejich odpov\u011bdnost\u00ed o tom u\u017eivatele informovat a z\u00edskat jejich souhlas.<\/span><\/p>\n

reCAPTCHA tak\u00e9 nastavuje trval\u00e9 soubory cookie, kter\u00e9 umo\u017e\u0148uj\u00ed sledov\u00e1n\u00ed nap\u0159\u00ed\u010d weby. Podle sm\u011brnice o soukrom\u00ed a elektronick\u00fdch komunikac\u00edch a GDPR to vy\u017eaduje v\u00fdslovn\u00fd p\u0159edchoz\u00ed souhlas. Pokud u\u017eivatel soubory cookie odm\u00edtne, skript reCAPTCHA by se nem\u011bl na\u010d\u00edst \u2013 co\u017e v\u0161ak ni\u010d\u00ed funk\u010dnost formul\u00e1\u0159\u016f na webov\u00fdch str\u00e1nk\u00e1ch, kter\u00e9 jej pou\u017e\u00edvaj\u00ed. U\u017eivatel\u00e9 jsou nuceni vym\u011bnit soukrom\u00ed za p\u0159\u00edstup \u2013 mechanismus souhlasu, kter\u00fd nespl\u0148uje po\u017eadavek GDPR na svobodn\u011b ud\u011blen\u00fd souhlas.<\/span><\/p>\n

Mechanismus QR k\u00f3du k tomu v\u0161emu p\u0159id\u00e1v\u00e1 hardwarovou identifikaci za\u0159\u00edzen\u00ed. Syst\u00e9m, kter\u00fd ov\u011b\u0159uje, \u017ee jste \u010dlov\u011bk, z\u00e1rove\u0148 ov\u011b\u0159uje va\u0161e za\u0159\u00edzen\u00ed, va\u0161i polohu a va\u0161i identitu \u2013 pro reklamn\u00ed spole\u010dnost.<\/span><\/p>\n

Probl\u00e9m s boty, kter\u00fd Fraud Defense ne\u0159e\u0161\u00ed<\/span><\/strong><\/h3>\n

Oper\u00e1to\u0159i bot\u016f mohou jednodu\u0161e nam\u00ed\u0159it kameru na obrazovku a naskenovat QR k\u00f3d. Jedn\u00e1 se o trivi\u00e1ln\u00ed automatizaci s vyu\u017eit\u00edm b\u011b\u017en\u00e9ho hardwaru. Telefon s Androidem, kter\u00fd spl\u0148uje po\u017eadavky Play Integrity, stoj\u00ed kolem 30 dolar\u016f. Pro profesion\u00e1ln\u00ed farmy bot\u016f, kter\u00e9 nakupuj\u00ed za\u0159\u00edzen\u00ed ve velk\u00e9m, se jedn\u00e1 o zanedbateln\u00fd v\u00fddaj.<\/span><\/p>\n

Lid\u00e9, kter\u00e9 Fraud Defense efektivn\u011b vylu\u010duje, jsou u\u017eivatel\u00e9 dbaj\u00edc\u00ed na soukrom\u00ed, majitel\u00e9 chytr\u00fdch telefon\u016f, kter\u00e9 byly vygoogleny, u\u017eivatel\u00e9 s\u00edt\u011b Tor a lid\u00e9 \u017eij\u00edc\u00ed v represivn\u00edch st\u00e1tech. Pr\u00e1v\u011b tyto skupiny jsou nejm\u00e9n\u011b pravd\u011bpodobn\u00e9, \u017ee budou provozovateli botnet\u016f. Skute\u010dn\u00ed provozovatel\u00e9 bot\u016f jednodu\u0161e nesou dodate\u010dn\u00e9 n\u00e1klady a pokra\u010duj\u00ed v pr\u00e1ci.<\/span><\/p>\n

Existuje je\u0161t\u011b jeden probl\u00e9m, kter\u00fd s boty nesouvis\u00ed. Bezpe\u010dnostn\u00ed experti varuj\u00ed, \u017ee u\u017eivatel\u00e9 sotva rozli\u0161\u00ed mezi legitimn\u00edmi QR k\u00f3dy Google CAPTCHA a phishingov\u00fdmi QR k\u00f3dy. Syst\u00e9m u\u010d\u00ed lidi reflexivn\u011b skenovat k\u00f3dy pro p\u0159\u00edstup na webov\u00e9 str\u00e1nky. Phishingov\u00e9 \u00fatoky s QR k\u00f3dy se do za\u010d\u00e1tku roku 2026 v\u00edce ne\u017e zdvojn\u00e1sobily. Google vytvo\u0159il syst\u00e9m, kter\u00fd usnad\u0148uje phishing, ale nedok\u00e1\u017ee zastavit boty, proti kter\u00fdm m\u00e1 bojovat.<\/span><\/p>\n

Evropa to v\u00ed u\u017e dlouho<\/span><\/strong><\/h3>\n

Komise pro ochranu osobn\u00edch \u00fadaj\u016f (CNIL) rozhodla, \u017ee reCAPTCHA umo\u017e\u0148uje Googlu prov\u00e1d\u011bt anal\u00fdzy, kter\u00e9 jdou nad r\u00e1mec pouh\u00e9ho zaji\u0161t\u011bn\u00ed ov\u011b\u0159en\u00ed, a ulo\u017eila pokuty spole\u010dnostem, kter\u00e9 ji pou\u017e\u00edvaly bez \u0159\u00e1dn\u00e9ho souhlasu. Bavorsk\u00fd st\u00e1tn\u00ed \u00fa\u0159ad pro dohled nad ochranou osobn\u00edch \u00fadaj\u016f shledal, \u017ee nedostate\u010dn\u00e1 transparentnost Googlu ohledn\u011b toho, jak\u00e9 \u00fadaje reCAPTCHA skute\u010dn\u011b shroma\u017e\u010fuje, prakticky znemo\u017e\u0148uje dodr\u017eov\u00e1n\u00ed p\u0159edpis\u016f o ochran\u011b osobn\u00edch \u00fadaj\u016f, proto\u017ee provozovatel\u00e9 webov\u00fdch str\u00e1nek nemohou informovat u\u017eivatele o \u010dinnostech zpracov\u00e1n\u00ed \u00fadaj\u016f, kter\u00fdm sami pln\u011b nerozum\u00ed.<\/span><\/p>\n

P\u0159enosy dat na americk\u00e9 servery jsou v rozporu s rozhodnut\u00edm ve v\u011bci Schrems II. N\u011bkolik evropsk\u00fdch \u00fa\u0159ad\u016f ve Francii, Rakousku a Bavorsku ji\u017e podniklo kroky proti implementac\u00edm reCAPTCHA.<\/span><\/p>\n

Reakc\u00ed spole\u010dnosti Google, ozn\u00e1menou v dubnu 2026, bylo form\u00e1ln\u00ed za\u0159azen\u00ed se mezi zpracovatele dat, co\u017e m\u011blo organizac\u00edm nomin\u00e1ln\u011b poskytnout v\u011bt\u0161\u00ed kontrolu nad u\u017eivatelsk\u00fdmi daty. Data v\u0161ak nad\u00e1le proud\u00ed infrastrukturou Googlu. Provozovatel\u00e9 webov\u00fdch str\u00e1nek nyn\u00ed nesou riziko GDPR za syst\u00e9m, jeho\u017e postupy v oblasti nakl\u00e1d\u00e1n\u00ed s daty nemohou pln\u011b ov\u011b\u0159it. Google p\u0159esunul pr\u00e1vn\u00ed riziko na sv\u00e9 z\u00e1kazn\u00edky \u2013 ani\u017e by zm\u011bnil samotn\u00fd datov\u00fd kan\u00e1l.<\/span><\/p>\n

Alternativy, kter\u00e9 nikdo nepou\u017e\u00edv\u00e1<\/span><\/strong><\/h3>\n

Cloudflare Turnstile nab\u00edz\u00ed neviditeln\u00e9 ov\u011b\u0159ov\u00e1n\u00ed bez atestace za\u0159\u00edzen\u00ed a bez z\u00e1vislosti na Googlu. Pou\u017e\u00edv\u00e1 soukrom\u00e9 p\u0159\u00edstupov\u00e9 tokeny a spolupracuje s v\u00fdrobci za\u0159\u00edzen\u00ed na ov\u011b\u0159ov\u00e1n\u00ed za\u0159\u00edzen\u00ed bez nutnosti shroma\u017e\u010fov\u00e1n\u00ed nebo ukl\u00e1d\u00e1n\u00ed samotn\u00fdch dat. Je zdarma.<\/span><\/p>\n

Syst\u00e9my Proof-of-Work, jako je Friendly Captcha nebo ALTCHA, p\u0159edstavuj\u00ed kryptografick\u00e9 v\u00fdzvy, kde v\u00fdpo\u010detn\u00ed n\u00e1klady rostou s objemem. Jeden \u010dlov\u011bk plat\u00ed zanedbatelnou cenu. Bot farmy s tis\u00edci soub\u011b\u017en\u00fdch relac\u00ed na druhou stranu \u010del\u00ed exponenci\u00e1ln\u011b rostouc\u00edm v\u00fdpo\u010detn\u00edm n\u00e1klad\u016fm. Nep\u0159en\u00e1\u0161\u00ed se \u017e\u00e1dn\u00fd hardwarov\u00fd identifik\u00e1tor a \u017e\u00e1dn\u00e1 certifika\u010dn\u00ed autorita nerozhoduje o tom, kdo z\u00edsk\u00e1 p\u0159\u00edstup.<\/span><\/p>\n

Tyto syst\u00e9my dokazuj\u00ed, \u017ee jste \u010dlov\u011bk, ani\u017e by vy nebo va\u0161e za\u0159\u00edzen\u00ed museli reklamn\u00ed spole\u010dnosti identifikovat va\u0161i toto\u017enost. Rozd\u00edl oproti ochran\u011b proti podvod\u016fm je z\u00e1sadn\u00ed.<\/span><\/p>\n

P\u0159ij\u00edm\u00e1n\u00ed takov\u00fdch alternativ je st\u00e1le pomal\u00e9 \u2013 z pochopiteln\u00fdch d\u016fvod\u016f. reCAPTCHA ovl\u00e1d\u00e1 zhruba 85 procent trhu s CAPTCHA a je integrov\u00e1na do v\u00edce ne\u017e p\u011bti milion\u016f webov\u00fdch str\u00e1nek. Webov\u00ed v\u00fdvoj\u00e1\u0159i nad\u00e1le pou\u017e\u00edvaj\u00ed reCAPTCHA, proto\u017ee je to standard, proto\u017ee se bezprobl\u00e9mov\u011b integruje do reklamn\u00edho, analytick\u00e9ho a cloudov\u00e9ho ekosyst\u00e9mu spole\u010dnosti Google a proto\u017ee se p\u0159echod jev\u00ed jako riskantn\u00ed \u2013 i kdy\u017e jsou alternativy technicky a pr\u00e1vn\u011b lep\u0161\u00ed.<\/span><\/p>\n

Vzor<\/span><\/strong><\/h3>\n

Distribuce obsahu \u0159\u00edzen\u00e1 AMP, c\u00edlen\u00ed reklamy \u0159\u00edzen\u00e9 Privacy Sandboxem a ochrana p\u0159ed podvody nyn\u00ed kontroluj\u00ed, kdo v\u016fbec z\u00edsk\u00e1 p\u0159\u00edstup k webu. V\u0161echny tyto produkty roz\u0161i\u0159uj\u00ed roli Googlu jako\u017eto str\u00e1\u017ece st\u00e1le v\u011bt\u0161\u00edch \u010d\u00e1st\u00ed z\u00e1kladn\u00ed internetov\u00e9 infrastruktury.<\/span><\/p>\n

Vivaldiho varov\u00e1n\u00ed z roku 2023 pozoruhodn\u011b dob\u0159e zest\u00e1rlo. Pokud by se atestace stala standardem, pak \u201ejak\u00fdkoli prohl\u00ed\u017ee\u010d, kter\u00fd toto neimplementuje, by ji\u017e nebyl pova\u017eov\u00e1n za d\u016fv\u011bryhodn\u00fd a jak\u00fdkoli web pou\u017e\u00edvaj\u00edc\u00ed toto API by mohl u\u017eivatele takov\u00fdch prohl\u00ed\u017ee\u010d\u016f odm\u00edtnout.\u201c<\/span><\/p>\n

Google by mohl vy\u017eadovat, aby webov\u00e9 str\u00e1nky pou\u017e\u00edvaj\u00edc\u00ed reklamy Google implementovaly ochranu proti podvod\u016fm \u2013 a jak\u00fdkoli prohl\u00ed\u017ee\u010d nebo opera\u010dn\u00ed syst\u00e9m, kter\u00fd tuto ochranu nespl\u0148uje, by byl efektivn\u011b zlikvidov\u00e1n.<\/span><\/p>\n

Web se d\u011bl\u00ed na certifikovan\u00e1 a necertifikovan\u00e1 za\u0159\u00edzen\u00ed. U\u017eivatel\u00e9, kte\u0159\u00ed dbaj\u00ed na soukrom\u00ed, jsou odsunuti do druh\u00e9 t\u0159\u00eddy, kde slu\u017eby miz\u00ed jednodu\u0161e proto, \u017ee odm\u00edtli provozovat propriet\u00e1rn\u00ed software od reklamn\u00ed spole\u010dnosti.<\/span><\/p>\n

Skute\u010dnou ot\u00e1zkou nikdy nebylo, zda web pot\u0159ebuje ochranu p\u0159ed boty. Samoz\u0159ejm\u011b, \u017ee ano. Skute\u010dnou ot\u00e1zkou je, zda ochrana p\u0159ed boty skute\u010dn\u011b vy\u017eaduje p\u0159ed\u00e1n\u00ed trval\u00e9ho hardwarov\u00e9ho identifik\u00e1toru pro ka\u017ed\u00e9ho u\u017eivatele internetu na sv\u011bt\u011b jedin\u00e9 spole\u010dnosti \u2013 kdy\u017e ji\u017e existuj\u00ed alternativy, kter\u00e9 to nevy\u017eaduj\u00ed.<\/span><\/p>\n<\/div>\n<\/div>\n

\n
\n

Zdroj<\/span><\/a><\/span><\/h3>\n

 <\/p>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

V roce 2023 Google po\u017e\u00e1dal o povolen\u00ed k uzav\u0159en\u00ed otev\u0159en\u00e9ho webu, byl odm\u00edtnut \u2013 a…<\/p>\n","protected":false},"author":2,"featured_media":107112,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[7],"tags":[317,647,1503,1988],"_links":{"self":[{"href":"https:\/\/www.infokuryr.cz\/n\/wp-json\/wp\/v2\/posts\/107111"}],"collection":[{"href":"https:\/\/www.infokuryr.cz\/n\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infokuryr.cz\/n\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infokuryr.cz\/n\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infokuryr.cz\/n\/wp-json\/wp\/v2\/comments?post=107111"}],"version-history":[{"count":0,"href":"https:\/\/www.infokuryr.cz\/n\/wp-json\/wp\/v2\/posts\/107111\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infokuryr.cz\/n\/wp-json\/wp\/v2\/media\/107112"}],"wp:attachment":[{"href":"https:\/\/www.infokuryr.cz\/n\/wp-json\/wp\/v2\/media?parent=107111"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infokuryr.cz\/n\/wp-json\/wp\/v2\/categories?post=107111"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infokuryr.cz\/n\/wp-json\/wp\/v2\/tags?post=107111"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}