[tor-talk] How do tor users get past the recapacha and it's super short 2min exemption

[David Niklas]

On Wed, 11 Jul 2018 18:50:48 -0700
Dave Warren <dw at thedave.ca> wrote:
> On Wed, Jul 11, 2018, at 09:32, Lara wrote:
> > On Wed, 11 Jul 2018, at 16:01, Nathaniel Suchy wrote:  
> > > I hate Cloudflare and what they’re doing to Tor users.  
> > 
> > Luckily Cloudflare, Google, Facebook do not hate you or the other Tor 
> > Users. Talking about being unfair.  
> 
> Several Cloudflare staff members have commented that they do support
> tor and have taken steps to enable tor users to have better experiences
> than would naturally happen as a result of their automated abuse
> prevention systems were left to score tor users based entirely on
> behaviour alone. One such example is that their "Is this a browser or a
> bot?" JavaScript takes the tor browser bundle's behaviour into account
> and doesn't penalize the browser for lacking any features which are
> normally disabled.
> 
> However there is a larger than average amount of abuse from tor exits,
> and this abuse returns intermittently the longer an exit has been
> around so their automation does learn to treat tor IPs with suspicion.
> It also means using non-standard browsers (Such as an iOS project) are
> more likely to fail the "Is this a browser" test resulting in a full
> CAPTCHA.

Perhaps you could tell them (or tell me how to tell them), that I am
legit. I get the full Captcha every time.
They *really* need to increase the timeout.

> To their credit, they do make it easy for site operators to approve tor
> traffic in a more general way (by treating tor as a separate country in
> their whitelisting system). 
 
That is useful, is there an instruction that I can point authors to?

Thanks