[tor-talk] Tor and Google error / CAPTCHAs.

meejah meejah at meejah.ca
Mon Oct 3 18:06:41 UTC 2016


Alec Muffett <alec.muffett at gmail.com> writes:

> 2) In my experience the "blocking" that companies do to Tor (and similar)
> is 100% grounded in the threats from spam, scraping, testing phished
> credentials, and other forms of bad behaviour.

A lot of it is just by accident, too, I think: many Cloudflare customers
seem not to know that they have to "do something" (change an option) to
not by default "block" Tor users (i.e. give them a CAPTCHA).

...and e.g. at shared hosting or similar companies, individual web sites
likely have no idea that they are blocking Tor users (i.e. if the hoster
decided to block Tor, for whatever reason).

So often a friendly note saying "did you know you're disallowing Tor
users?" goes a long way...

> People who are responsible for compliance are really good to get "on your
> side" if you are trying to make better affordance for Tor within a company:
> if you can build a system for them that says:
>
>     "This connection is coming from a Tor exit node, That connection is
> not."

There is a DNS-based system for this already, from Tor Project. But I
guess you mean making this work for "internal" systems at whatever
company?

-- 
meejah


More information about the tor-talk mailing list