[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] How do tor users get past the recapacha and it's super short 2min exemption

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] How do tor users get past the recapacha and it's super short 2min exemption
From: Dave Warren <dw@xxxxxxxxxx>
Date: Wed, 11 Jul 2018 18:50:48 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 11 Jul 2018 21:51:01 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=thedave.ca; h= content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; bh=StRpU2/lpVMmioZfa5hA+Y8ofYcI2 sydojVleDd805g=; b=jruhAebT+R16IihNL6734qWm1gAoaJ6rtTTroCYxCjl5m 7VWMzwTkwOmzjSVOpKepXqAwc4i/mqDJ3vn0SsLVbvB3Af63B9txUmV0zncrwQh6 iW0pQ5GboztwSgQpa/xv3h6CuKbKS+z/Sf/5lISnys6nxrpyXYw/5wtAyZEn5bli jGa8QYWQ+mCXZ8nD0k8BMksHOA4/ytT8ufSZ7XQTbk79YtS9TNEk1FSAg0KS5YlD LQbB/Fi/2bUztBi53XFOHcHFrkIgt9rtzwuI4Fwca9aWlOSBTKzR2AX3s3hEeFhG XL19E6t6a51vZyWhZmqzCDAaVcgKXaSladbWZSdUg==
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=StRpU2 /lpVMmioZfa5hA+Y8ofYcI2sydojVleDd805g=; b=L14cAT1b98Y3vwyyuKJ//Q 5VHV30LAW8f2/0eANzqICs4+kVGYFStt4DKz7vDGZOPoVSJzns3tuo2UKgVRIR64 7AeocuYRt1alzJyAD0UDXC3EY1gsLokRDw2pG66egmauhdBoq23pS5qtuR27fvYy OdzPRDYSmYTcOjwRm94e9hksydzoHsqKzWrgyiwoGDq5jgdquUOaK5zqbpEnqD35 y0UyDHhzDSsAlHbs3eghNutdViL4qQjSutmD4iU7zHVKOvOPgLyDfIgh9xvlCnml T3FxgtK9Zq4VvJI33OD0Qrnnw2YVcGp8EPVahaaqG0iHKaBUgHRIm+ebnrTUoUdA ==
In-reply-to: <1531326756.1861182.1437476120.2539FD96@webmail.messagingengine.com>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <mailman.5.1531137602.27274.tor-talk@lists.torproject.org> <20180710081234.1b22ad43@Phenom-II-x6.niklas.com> <1531231194.2945508.1435992288.074BCA5D@webmail.messagingengine.com> <6a54fc93-59fa-bbff-0a06-fef6600842f3@riseup.net> <20180711083320.GA2432@moria.seul.org> <CAFWeb9Jmv62Gfh6wSUO0DBFOoe+WMNqZqmEm+9+NU++OZQ+NuQ@mail.gmail.com> <18b1f399-bfbd-099f-f058-c7e11f27969a@riseup.net> <CAKNc95Hyu-wJ=FOMQpZOvNJR9YrMcnXcyPcrySC4L31ynooGCQ@mail.gmail.com> <1531326756.1861182.1437476120.2539FD96@webmail.messagingengine.com>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

On Wed, Jul 11, 2018, at 09:32, Lara wrote:
> On Wed, 11 Jul 2018, at 16:01, Nathaniel Suchy wrote:
> > I hate Cloudflare and what they’re doing to Tor users.
> 
> Luckily Cloudflare, Google, Facebook do not hate you or the other Tor 
> Users. Talking about being unfair.

Several Cloudflare staff members have commented that they do support tor and have taken steps to enable tor users to have better experiences than would naturally happen as a result of their automated abuse prevention systems were left to score tor users based entirely on behaviour alone. One such example is that their "Is this a browser or a bot?" JavaScript takes the tor browser bundle's behaviour into account and doesn't penalize the browser for lacking any features which are normally disabled.

However there is a larger than average amount of abuse from tor exits, and this abuse returns intermittently the longer an exit has been around so their automation does learn to treat tor IPs with suspicion. It also means using non-standard browsers (Such as an iOS project) are more likely to fail the "Is this a browser" test resulting in a full CAPTCHA.

To their credit, they do make it easy for site operators to approve tor traffic in a more general way (by treating tor as a separate country in their whitelisting system). 

I'm not suggesting that Cloudflare couldn't do more/better, but they could also outright blacklist tor trivially or intentionally make the experience much more negative, but based on their statements they have made minor changes to try and improve the user experience without causing their customers grief. And based on their results (the Onion browser on iOS suddenly went from a "always blocked" to "Only occasionally blocked" shortly after I bought up the topic and provided them with a link to it). 

It is an imperfect world. This is part of why I use TBB for random legitimate things, specifically to increase the amount of "This is just a regular 'ol user, doing regular 'ol normal web things on Tor".

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] How do tor users get past the recapacha and it's super short 2min exemption
  - From: Lara

References:
- Re: [tor-talk] How do tor users get past the recapacha and it's super short 2min exemption
  - From: David Niklas
- Re: [tor-talk] How do tor users get past the recapacha and it's super short 2min exemption
  - From: Lara
- Re: [tor-talk] How do tor users get past the recapacha and it's super short 2min exemption
  - From: Mirimir
- Re: [tor-talk] How do tor users get past the recapacha and it's super short 2min exemption
  - From: Roger Dingledine
- Re: [tor-talk] How do tor users get past the recapacha and it's super short 2min exemption
  - From: Alec Muffett
- Re: [tor-talk] How do tor users get past the recapacha and it's super short 2min exemption
  - From: Mirimir
- Re: [tor-talk] How do tor users get past the recapacha and it's super short 2min exemption
  - From: Nathaniel Suchy
- Re: [tor-talk] How do tor users get past the recapacha and it's super short 2min exemption
  - From: Lara

Prev by Author: Re: [tor-talk] .onion eat http 413 errors
Next by Author: Re: [tor-talk] How do tor users get past the recapacha and it's super short 2min exemption
Previous by thread: Re: [tor-talk] How do tor users get past the recapacha and it's super short 2min exemption
Next by thread: Re: [tor-talk] How do tor users get past the recapacha and it's super short 2min exemption
Index(es):
- Author
- Thread