[tor-talk] do Cloudfare captchas ever work?
joebtfsplk at gmx.com
Tue Jun 23 00:15:24 UTC 2015
Thanks for the helpful replies.
On 6/22/2015 9:36 AM, Çağıl P. Şesto wrote:
> "A cdn like clouldflare can track you very easy over various exits,
> tor currently has 1115 relays that are exits, its possible to mark all
> of them "malicious" on a blacklist-providers sensor in 15-30 minutes."
Is that actually true? (they can track you over various exits)
Is that what the design document says?
But, many Tor Browser users seem to question allowing all scripts by
default - including 3rd party.
For browser / computer security, as much as anything.
As I understand (roughly paraphrasing), the thinking on allowing JS is,
- many sites won't work fully (or at all) without JS. Certainly,
- if all users have JS enabled, no one stands out.
- Tor Browser design protects against privacy (possibly anonymity)
issues like cross domain tracking.
On the _latter point_, I'm not as technically advanced as many on this
list, to fully understand ALL subtleties in the design document.
"Anyway, funny is pirates are using cloudflare too..."
mansour moufid wrote:
"Sometimes I wonder if it's really Cloudflare, or some bad exit node
running a CAPTCHA solving business."
Mansour, to what end would they run a captcha solving business?
If they were, I don't understand how they'd benefit.
More information about the tor-talk