[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #24607 [Circumvention/BridgeDB]: CAPTCHAs on BridgeDB seem to be getting more difficult



#24607: CAPTCHAs on BridgeDB seem to be getting more difficult
-------------------------------------------------+-------------------------
 Reporter:  alison                               |          Owner:  phw
     Type:  defect                               |         Status:
                                                 |  assigned
 Priority:  Medium                               |      Milestone:
Component:  Circumvention/BridgeDB               |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  anti-censorship-roadmap-november,    |  Actual Points:
  s30-o22a2                                      |
Parent ID:  #31279                               |         Points:  5
 Reviewer:                                       |        Sponsor:
                                                 |  Sponsor30-must
-------------------------------------------------+-------------------------

Comment (by phw):

 Replying to [comment:9 phw]:
 > * Google provides a [https://developers.google.com/recaptcha/docs/v3
 reCAPTCHA v3 API], which returns an anomaly score in the interval [0, 1]
 for each request, without any kind of friction. Ignoring for now that this
 is a Google service, it may be an option for BridgeDB's HTTPS distributor
 but not for moat or email.
 [[br]]
 In theory, we may even be able to set up a reverse proxy for Google's
 CAPTCHA API, so Google doesn't get to see requests directly from our
 users. The NSA [https://news.ycombinator.com/item?id=22226148 apparently
 set up such a system].

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24607#comment:15>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs