[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance
#18361: Issues with corporate censorship and mass surveillance
------------------------------------------+--------------------------
Reporter: ioerror | Owner: tbb-team
Type: enhancement | Status: new
Priority: High | Milestone:
Component: Tor Browser | Version:
Severity: Critical | Resolution:
Keywords: security, privacy, anonymity | Actual Points:
Parent ID: | Points:
Sponsor: |
------------------------------------------+--------------------------
Comment (by lhi):
Replying to [comment:66 toruser2016]:
>
> Never attribute to malice that which is adequately explained by
stupidity
>
Reading their comments here, I have come to understand that some of them
really don't care.
I view the CAPTCHAs as a reminder that something is very amiss in the web.
No amount of PR or whitewashing can quell my strong reservations about
some company being in a position to MITM large swathes of the web. This is
a bad situation, and I appreciate being reminded of it nearly every time I
browse the web.
This nonwithstanding, thanks jgrahamc for finally agreeing to provide the
simple option for their data sources, I mean "free customers", to
whitelist Tor, and investigating long-standing problems with the CAPTCHAs.
The ZK "human bit" proof discussion is no good. No good at all. Increasing
attack surface by weighing down client software with functionality that
serves no discernible purpose for the user - just artificial complications
to reduce accessibility and serve the crazy whims of some self-important
company - is a horrible idea.
I hope no Tor developers will provide free labor (as cypherpunks lucidly
characterized the idea) to build contorted and expensive solutions to
someone else's perceived needs.
As people have already correctly stated, all requests are negotiated by
bots, not humans. It is no one's busness whether some person attends the
process. Attempting to ascertain this in some way or other is
surveillance-think. What if I want to retrieve some page via cron job, for
example. Not "legitimate"?
I have, by the way, always found it a demeaning and insulting attitude
towards humans that we are being asked by rooms full of servers (which
handle enormous amounts of requests and should be able handle the few
extra ones coming from Tor exits without breaking an electronic sweat,
honestly) to solve puzzles. I am very angry about this attitude btw
because my time is infinitely more valuable than your servers'.
Btw trac.torproject.org made me solve google CAPTCHAs, some of which
didn't work. Way to go ...
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18361#comment:68>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs