[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] CloudFlare blog post

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] CloudFlare blog post
From: Joe Btfsplk <joebtfsplk@xxxxxxx>
Date: Wed, 30 Mar 2016 15:19:09 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 30 Mar 2016 16:19:26 -0400
In-reply-to: <20160330150151.GD3164@xxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <20160330132105.GA8024@xxxxxxxxxxxxxxxxxx> <20160330150151.GD3164@xxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Windows NT 6.0; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0

On 3/30/2016 10:01 AM, Philipp Winter wrote:

I also wonder how effective your CAPTCHAs really are. Deep learningtechniques suggest that bots are about to become just as good, or evenbetter, at solving CAPTCHAs than people. Therefore, I wonder if a longterm solution should also center around the question if thedistinction between people and machines is still meaningful.

The bots couldn't be much worse at solving some sites' captchas than me.
Can't get worse than 0% success (on some sites).

I'm not so sure on some sites, they're not just jacking w/ TBB users.Sometimes, when the solution is quite clear, it reports entries as wrong- multiple times.When that happens a couple of tries, I just leave - assume they don'twant me (Tor) there. In TBB or Firefox, if it's not a "must see" site,I often immediately close the tab when cloudflare captcha shows.

While on other sites, I get right in w/ TBB - sometimes when captchasare difficult. Of course, you have to allow JS & sometimes a fewtrackers besides the site & Cloudflare (it seems).Most sites make money off the trackers. If the trackers can't followTBB users from site to site (per their business model), what incentivedo the sites have for allowing TBB users?Or why would the trackers pay sites for the traffic due to from TBB,when they can't gather the same valuable data as avg users in unhardenedbrowsers?For sites worried about making $, it makes perfect sense to me why theywouldn't want TBB users taking resources.

At times, Cloudflare or some sites may say, "Gee, whiz - we're notblocking TBB intentionally. We're working on a solution."But I don't buy that 100%. It's possibly just a politically correctexcuse vs. saying, "We can't track you around the globe / make $, so wedon't want you taking up bandwidth or other resources (like site techsupport, etc.).

And for all the other sites that don't use Cloudflare (or otherunsolvable captchas), but don't block TBB, if _"90+% of all Tor trafficattempts something malicious_," then how in the world do all those sitesstay in business / stay up & running? Unless hackers have vendettasagainst only certain sites or high value targets, which is why they hireCloudflare in the 1st place.

--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] CloudFlare blog post
  - From: Andreas Krey

References:
- [tor-talk] CloudFlare blog post
  - From: Martijn Grooten
- Re: [tor-talk] CloudFlare blog post
  - From: Philipp Winter

Prev by Author: Re: [tor-talk] Crowd Sourced Protest Of Cloudflare
Next by Author: Re: [tor-talk] CloudFlare blog post
Previous by thread: Re: [tor-talk] CloudFlare blog post
Next by thread: Re: [tor-talk] CloudFlare blog post
Index(es):
- Author
- Thread