Project ideas from Hacker News discussions.

Google broke reCAPTCHA for de-googled Android users

Original Article

Hacker News Discussion

📝 Discussion Summary (Click to expand)

5 Dominant Themes inthe Discussion

#	Theme	Representative Quote
1	reCAPTCHA has become a forced attestation that blocks non‑Google devices	“I just take my business elsewhere… eventually I’ll probably just stop using technology at all.” — ranger_danger
2	Shared/rotating ISP IPs cause frequent false‑positive blocks	“My ISP regularly changes everyone’s IP, and I apparently share an ISP with people who suck, so I get flagged just trying to do all sorts of normal things.” — ranger_danger
3	Static‑IP or VPN work‑arounds (e.g., Cloudflare WARP) are a temporary fix	“whenever I can’t access a website for various stupid blocks… I fire up cloudflare warp and walk right through it.” — chrisjj
4	Regulatory/Antitrust pressure is seen as the only way to curb Google’s dominance	“The fact that this works, as well as cloudflare having a literal web scraping tool available as another product, honestly makes my blood boil.” — titularcomment
5	Community coping: moving to self‑hosted services, using GrapheneOS, or switching banks	“I have not been able to visit AliExpress for months now… I guess my ISP allocates static IPs from a separate pool, and probably my IP block neighbors are better behaved.” — retired

All quotations are taken verbatim from the HN comments and are enclosed in double quotes with the respective author attribution.

🚀 Project Ideas

Residential IP Rotator as a Service (ResiPass)

Summary

Eliminates captcha loops caused by IP blocks by rotating real residential IPs from a community‑sourced pool.
Value: Provides stable, non‑datacenter IPs that bypass Cloudflare and similar blocks while preserving user anonymity.

Details

Key	Value
Target Audience	Users blocked by IP‑based restrictions (e.g., Etsy, Delta, Discord) and services needing reliable access
Core Feature	Multi‑hop NAT + WireGuard VPN that cycles residential IPs every few minutes, auto‑retrying captchas
Tech Stack	Go microservices, WireGuard, Docker, PostgreSQL
Difficulty	Medium
Monetization	Revenue-ready: Tiered subscription ($5 /mo basic, $15 /mo premium)

Notes

Many HN users cite “Cloudflare WARP” as the only workaround; ResiPass would be a dedicated alternative.
Can be wrapped in a browser extension that automatically switches IPs when a captcha fails.

OpenVerify API

Summary

Provides an open‑source attestation endpoint that accepts signatures from any OS (GrapheneOS, Lineage, Windows) via cross‑signature verification.
Value: Removes Google Play Services lock‑in, allowing alternative OS users to access sites that require attestation.

Details

Key	Value
Target Audience	Alternative Android users, privacy‑focused developers, security researchers
Core Feature	REST API that verifies device attestation tokens signed by FIDO2/CBOR standards
Tech Stack	Node.js, PostgreSQL, WebAuthn libraries
Difficulty	Medium
Monetization	Hobby (community‑driven, optional sponsorship)

Notes

Mirrors frequent HN frustration about “Google using attestation to lock out non‑Google OSes.”
Could become a de‑facto standard alternative to reCAPTCHA for sites seeking honest verification.

BlockBypass – Crowdsourced Blocklist & Fallback Router#Summary

Aggregates reports of blocked sites and automatically creates alternate access paths (e.g., Tor hidden services, proxy endpoints) for users.
Value: Keeps essential services (health, banking, education) reachable when primary sites deploy captcha blocks.

Details

Key	Value
Target Audience	End users encountering “Sorry, you have been blocked” pages, especially on government or medical portals
Core Feature	Browser extension that detects blocked pages and transparently switches to fallback endpoints
Tech Stack	Python (Flask), React, Decentralized DNS (IPFS/Handshake)
Difficulty	Low
Monetization	Hobby

Notes

Directly addresses HN comments about being “soft‑locked out” of critical services.
Potential to grow into a community‑maintained resource cited in discussions on regulation.

ZeroKnowledge Verifier (ZKV)

Summary

Implements browser‑side zero‑knowledge proofs that prove “I am a human” without revealing device fingerprints.
Value: Allows sites to replace reCAPTCHA with privacy‑preserving challenges that still deter bots.

Details

Key	Value
Target Audience	Web developers of forms, ticket sales, login portals currently using reCAPTCHA
Core Feature	Client‑side ZKP library (circom compiled to WASM) that produces a proof verifiable by a lightweight server endpoint
Tech Stack	Rust → WASM, Solidity/Plonk verifier running on Node/Cloudflare Workers
Difficulty	High
Monetization	Revenue-ready: Pay‑per‑verification (~$0.0005 per proof)

Notes

Echoes HN threads discussing “remote attestation” as invasive; ZKV offers a cryptographically sound alternative.
Could be open‑sourced and marketed as a drop‑in reCAPTCHA replacement for privacy‑conscious sites.

StaticIP Leasing Marketplace (StaticLease)

Summary

Marketplace for leasing static residential IPs from vetted ISPs that are not on known blocklists, enabling persistent access.
Value: Solves recurring IP bans for users who lose service due to shared‑IP reputation attacks.

Details

Key	Value
Target Audience	Power users, small businesses, researchers needing uninterrupted IP reputation
Core Feature	Platform matching users with vetted static IP providers; handles renewal and reputation monitoring
Tech Stack	Django, PostgreSQL, GeoIP DB, Stripe payments
Difficulty	Medium
Monetization	Revenue-ready: $10 /mo per IP lease, volume discounts

Notes

Directly reflects HN anecdotes about buying static IPs from ISPs to avoid captcha blocks.
Could attract regulatory attention and become a commercial service for “uncapped” internet access.