[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tor-talk] do Cloudfare captchas ever work?



Thanks for the helpful replies.

On 6/22/2015 9:36 AM, Çağıl P. Şesto wrote:
"A cdn like clouldflare can track you very easy over various exits, tor currently has 1115 relays that are exits, its possible to mark all of them "malicious" on a blacklist-providers sensor in 15-30 minutes."
Is that actually true?  (they can track you over various exits)
Is that what the design document says? https://www.torproject.org/projects/torbrowser/design/#privacy

But, many Tor Browser users seem to question allowing all scripts by default - including 3rd party.
For browser / computer security, as much as anything.

As I understand (roughly paraphrasing), the thinking on allowing JS is,
- many sites won't work fully (or at all) without JS. Certainly, captchas won't.
- if all users have JS enabled, no one stands out.
- Tor Browser design protects against privacy (possibly anonymity) issues like cross domain tracking.

On the _latter point_, I'm not as technically advanced as many on this list, to fully understand ALL subtleties in the design document.

"Anyway, funny is pirates are using cloudflare too..."
Please explain?

mansour moufid wrote:

"Sometimes I wonder if it's really Cloudflare, or some bad exit node
running a CAPTCHA solving business."

Mansour, to what end would they run a captcha solving business?
If they were, I don't understand how they'd benefit.





--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk