[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] A multi-layer proof of work system to solve the Tor/CloudFlare problem?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] A multi-layer proof of work system to solve the Tor/CloudFlare problem?
From: Pickfire <pickfire@xxxxxxxxxx>
Date: Tue, 26 Jan 2016 17:58:31 +0800
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 26 Jan 2016 04:58:57 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1453802318; bh=X6hLWz6k0DuNxWkC15BBQsRCnWr3tU1dJzk2eBzlZYI=; h=Date:From:To:Subject:References:In-Reply-To:From; b=sIy8xMm65mtx/TQtnep55htlCHKXAf40mc9s16Q4uFl/rTHvf/AJ+2S0Gz6QM6Wl9 zPT35HdR0aDukpjZPtSXJwtv8PUMindEJybcVL1DrIr/BfUb3CjhHhSs/rp49AMHbD Z0p84PJmS2e5tORYo3e0kbFuUQ7tFn1iY4b46HV8=
In-reply-to: <1484141453752577@xxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <1484141453752577@xxxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Every email client sucks, this one just sucks less.

On Mon, Jan 25, 2016 at 09:09:37PM +0100, Cain Ungothep wrote:

That way a normal web client, normally browsing a website, would not be
impacted from end-user experience, but any automated system (the ones causing
problems to Cloudflare)


Why can't people separate Tor from Tor Browser in their minds?  Tor is a
network transport.  Not all Tor users are lusers sitting behind Tor Browser,
clicking things.


Nice speech, I don't use Tor browser, I use Tor for almost every
application. I would like to automate a link checker for it, but the
useless Cloudflare broke my script to check broken links.

For example I have a system-wide Tor daemon, and I use it for a variety of
different non-interactive things, like news reader updates, automatic source
code fetches, web-api-related requests, and other cronjobs.  I am not the only
one.  Shitflare also affects completely reasonable automatic non-interactive
uses like that.


I do that too, I use Tor for news reader, email client, lightweight
browser, almost everything use Tor, I just don't use transparent
torification for it, I considered it problematic.

In fact the Great Firewall of Shitflare completely fucks every hope of
composability of their clients' web sites.


There is a work to get around that, I plan to do an application to solve
those captcha either by using audio captcha or the picture, there is
actually some ways to solve, I just haven't got the idea yet. (Note:
Those captcha is solve-able by machine not human, it is too hard)

At that stage Cloudflare, instead of using a Captcha, could also
implement an independent Javascript Proof of Work system,


No.  Javascript in the browsers is shit. Shit for security, shit for privacy.
I consider requiring Javascript for fundamental functionality an affront.


I have no comment for Javascript, Tor browser disable that by default,
but I use javascript most of the time.

Maybe it's a bad idea, but the key to be addressed is imho:
- reducing the automated attacks from Tor netwok by increasing it's
costs while leaving intact the end-user experience on Tor Browser


They can actually not use Tor and instead use botnets, botnets is better
and a lot faster than Tor.

--
_____________________________________
< Do what you like, like what you do. >
-------------------------------------
       \   ^__^
        \  (oo)\_______
           (__)\       )\/\
               ||----w |
               ||     ||
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] A multi-layer proof of work system to solve the Tor/CloudFlare problem?
  - From: Fabio Pietrosanti (naif) - lists

References:
- Re: [tor-talk] A multi-layer proof of work system to solve the Tor/CloudFlare problem?
  - From: Cain Ungothep

Prev by Author: Re: [tor-talk] OFTC semi-permanent Tor Blocking
Next by Author: [tor-talk] onion routing MITM
Previous by thread: [tor-talk] A multi-layer proof of work system to solve the Tor/CloudFlare problem?
Next by thread: Re: [tor-talk] A multi-layer proof of work system to solve the Tor/CloudFlare problem?
Index(es):
- Author
- Thread