[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Google and Tor.

On Wed, 25 Aug 2010 20:04:01 -0700
Mike Perry <mikeperry@xxxxxxxxxx> wrote:

> I also question Google's threat model on this feature. Sure, they want
> to stop people from programmatically re-selling Google results without
> an API key in general, but there is A) no way people will be reselling
> Tor-level latency results, B) no way they can really expect determined
> competitors not to do competitive analysis of results using private IP
> ranges large enough to avoid DoS detection, C) no way that the total
> computational cost of the queries coming from Tor can justify denying
> so many users easy access to their site.

If Tor exit nodes were allowed to bypass Google's CAPTCHA, someone
could put up a low-bandwidth Tor exit node and then send their own
automated queries directly to Google from their Tor exit's IP.

Robert Ransom

Attachment: signature.asc
Description: PGP signature