[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] do Cloudfare captchas ever work?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] do Cloudfare captchas ever work?
From: Lars Luthman <mail@xxxxxxxxxxxxxxx>
Date: Sat, 20 Jun 2015 13:35:49 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 20 Jun 2015 07:42:35 -0400
In-reply-to: <5584E032.6060001@xxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <5584E032.6060001@xxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

On Fri, 2015-06-19 at 22:38 -0500, Joe Btfsplk wrote: 
> Does anyone have any meaningful success rate with Cloudfare captchas in 
> Tor Browser?
> 
> Using default browser installation & settings?
> I so  rarely have success, that I immediately close tabs for sites 
> presenting Cloudfare.
> Even when the puzzle is clearly legible (rarely), it still doesn't work.
> Not for me - with default TBB settings or even allowing 1st party 
> cookies from the target site.
> 
> If others have even partial success, what's the secret?
> Getting a different exit relay/ exit country / exit IPa?

That's the only way that ever works for me. Or turning Javascript on,
but I don't want to do that for HTTP sites.

With Javascript on you usually get easier captchas that often let you
through when you get them right. With Javascript off you get the
captchas that look like the names of Lovecraftian deities distorted
through non-Euclidean geometries that are difficult even for us humans
to solve, and even when you definitely solve them you aren't allowed
through but just get presented with another captcha, and another, and
another, ad infinitum.

Switching to different exits helps, but you often have to switch 10 - 20
times in a row before you hit an exit relay that Cloudflare in their
benevolent wisdom has deemed good enough to be allowed to view the web.
And even then you usually just get a few minutes before the gate is
slammed shut and you're back with the captchas.

I suspect that the new exit-switching feature in Tor Browser has made it
slightly worse by putting more load on the few exits that are allowed
through at any given time, making it more likely that Cloudflare will
think it's some sort of DoS attack or automated scraper and block it.
Cloudflare has essentially broken the web for Tor users.

For some reason web proxies like hidemyass.com never seem to be blocked
by Cloudflare so one (annoying) solution is to use one of those with Tor
Browser.

--ll

Attachment: signature.asc
Description: This is a digitally signed message part

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] do Cloudfare captchas ever work?
  - From: Joe Btfsplk
- Re: [tor-talk] do Cloudfare captchas ever work?
  - From: Lars Luthman

References:
- [tor-talk] do Cloudfare captchas ever work?
  - From: Joe Btfsplk

Prev by Author: Re: [tor-talk] Matryoshka: Are TOR holes intentional?
Next by Author: Re: [tor-talk] do Cloudfare captchas ever work?
Previous by thread: Re: [tor-talk] do Cloudfare captchas ever work?
Next by thread: Re: [tor-talk] do Cloudfare captchas ever work?
Index(es):
- Author
- Thread