[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] CloudFlare blog post



On 3/31/2016 1:04 PM, Andreas Krey wrote:
On Thu, 31 Mar 2016 11:27:24 +0000, Joe Btfsplk wrote:
...

They said that automatically providing cloudflared sites with
onion addresses would make it easier to detect nonmalicious
tor use, but I wonder why they expect that the bad guys don't
immediately use the onion instead of the plain site as well.
I don't see how bad guys just wouldn't adapt.  They always do.
Users != Traffic.
Yes - what does that have to do w'/ Cloudflare blocking Tor?

His statement(s) & reasoning about blocking Tor still seem strange.  As
they say, "follow the money trail."  "Money trumps all other reasons /
motives."
Tell that the authors of the software this mailing list is for.
Tor is non-profit. They also don't use trackers. It's different with For-profit sites.
Tracking is not cloudflare's business, it's the business of the site owner.
Yes & no. It's the business of the trackers, who pay the sites. Some sites need / want help rejecting "unprofitable" users / traffic, that trackers won't pay them for. e.g., by using Cloudflare's unsolvable captchas to exclude Tor users. How did Google became the giant it is? By NOT collecting data, tracking users - not using it for advertising or selling the data? Tracking users & collecting data, building profiles is huge business. TBB makes that much harder. It's not hard to conclude that's why some sites don't want TBB users taking resources, though not the only reason they may have.
Can't sites tell the difference in actions of crawlers & real users?
Not as easily as just using cloudflare as a front.
Exactly my point. Maybe you got that & were reinforcing it? If some sites didn't want to exclude TBB, they wouldn't allow Cloudflare serving unsolvable captchas. If they're serving the same unsolvable captchas to *all* browsers, they wouldn't have any traffic.

Maybe Tor devs could meet w/ some of the sites and / or Cloudflare, to see actual data showing 94% of Tor traffic malicious. And see if it's remotely possible to do anything about it. Or, if it's just a made up number & not the real reason Cloudflare is blocking Tor. Because I'm not sure the problem will go away anytime soon.

We could file a class action suit for discrimination against "freedom to choose a browser." I think it's in the constitution.
Crawlers would immediately get smart and stretch their requests out?


Yes, but once a site detects crawlers repeatedly trying to access far more content than most any real user, they could put a halt. But if an exit has 1 crawler & 99 real users, the whole exit gets blocked. Unless the site / Cloudflare - whom ever - uses finer detection (fingerprinting, etc.) to block only certain requests from an exit - if that's possible. I doubt they want to go to the trouble, as TBB users hurt their business anyway, from a tracking stand point.
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk