[tor-bugs] #24607 [Circumvention/BridgeDB]: CAPTCHAs on BridgeDB seem to be getting more difficult
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Feb 4 00:24:53 UTC 2020
#24607: CAPTCHAs on BridgeDB seem to be getting more difficult
-------------------------------------------------+-------------------------
Reporter: alison | Owner: phw
Type: defect | Status:
| assigned
Priority: Medium | Milestone:
Component: Circumvention/BridgeDB | Version:
Severity: Normal | Resolution:
Keywords: anti-censorship-roadmap-november, | Actual Points:
s30-o22a2 |
Parent ID: #31279 | Points: 5
Reviewer: | Sponsor:
| Sponsor30-must
-------------------------------------------------+-------------------------
Comment (by phw):
Replying to [comment:9 phw]:
> * Google provides a [https://developers.google.com/recaptcha/docs/v3
reCAPTCHA v3 API], which returns an anomaly score in the interval [0, 1]
for each request, without any kind of friction. Ignoring for now that this
is a Google service, it may be an option for BridgeDB's HTTPS distributor
but not for moat or email.
[[br]]
In theory, we may even be able to set up a reverse proxy for Google's
CAPTCHA API, so Google doesn't get to see requests directly from our
users. The NSA [https://news.ycombinator.com/item?id=22226148 apparently
set up such a system].
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24607#comment:15>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list