On Wed, 25 Aug 2010 20:04:01 -0700 Mike Perry <mikeperry@xxxxxxxxxx> wrote: > I also question Google's threat model on this feature. Sure, they want > to stop people from programmatically re-selling Google results without > an API key in general, but there is A) no way people will be reselling > Tor-level latency results, B) no way they can really expect determined > competitors not to do competitive analysis of results using private IP > ranges large enough to avoid DoS detection, C) no way that the total > computational cost of the queries coming from Tor can justify denying > so many users easy access to their site. If Tor exit nodes were allowed to bypass Google's CAPTCHA, someone could put up a low-bandwidth Tor exit node and then send their own automated queries directly to Google from their Tor exit's IP. Robert Ransom
Attachment:
signature.asc
Description: PGP signature