Cloudfare Capchas Make Being A Tor User Hard

This has become more and more of an issue over the last year.

I normally use firefox configured to use the tor service as proxy along with noscript so that i can control which sites are allowed to execute js and when. From what i understand, cloudfare is like a reverse proxy, so that any sites served by cloudfare get the request first, and you cannot go directly to the site you are trying to go. The internet is not what it used to be, today you have to wait for http requests to be shuffled between numerous entities before finally being served, which normally happens very quickly, unless CloudFare happens to challenge you with a capcha (google does this too).

I diligently enter the capchas and am quite good at it, but the capchas can be quite hard sometimes, and get stuck in a loop where it makes me try over and over again even though i know i got it right! Sometimes i have to kill and restart the tor process in order to get through, but normally it will eventually let you.

More recently, occasionally the cloudfare capcha will be followed by a box that requires that you copy and past the test back in the box, which doesn't seem to have to pasted in any particular way except being a contiguous string. It doesn't seem to matter if the string you paste is inserted as a substring inside the original text.

I'm not quite sure what the point of this challenge (the copy/paste) is except to make it more difficult for humans, as computers are quite proficient at copying strings and could easily be beaten by a computer program (as long as you get past the first capcha first though).

It's not every time that i get challenged, it seems some IP addresses get challenged and some don't. I'm not sure if cloudfare challenges IP addresses associated with known tor exit nodes or has other criteria, but it's quite apparent that cloudfare has the ability to log web traffic associated with quite a large amount of sites on the internet.

All of this capcha challenge nonsense seems to me to just be another way to discourage anonymity by making it inconvenient (and a pain in the ass), hopefully so inconvenient that many users will get frustrated and change their proxy settings to be more "transparent". I'm not giving in.

Entities on the internet do not need to get this much power or scope like this. Individual sites should be able to ban IP addresses or implement whatever security of course, but one entity shouldn't have this much control (and this much power to correlate).

What do they want me to do when i get sick of capcha's ... go to the library and try to setup a proxy server on one of the machines ??

 

I don't reccomend using google over tor if at all possible. I would say strictly use Startpage.

They have good reasons for doing this. There aren't nearly as many exit nodes as there are tor users. That means at any given time, google.com could be hit by 200 requests from one IP. To protect themselves against bot's flooding their services, they use CAPTCHA's.

If one were able to reliably solve those Turing tests, one could become famously wealthy.

http://scikit-learn.org/stable/supervised_learning.html#supervised-learning

 

I can't even reliably solve them and I'm human. I imagine they would up the ante and make some shit that was even harder.

 

Cloudfare sucks......

Every site I have seen using them HAS PROBLEMS!!


And Im not sure about the security of letting them see everything! (Especially on sites like survivalistboards?styleid=1 and davidicke.com/forum)

 

it's supposed to provide unmatched security for any sites served by cloudfare. it's more or less a reverse proxy server (well, really a whole bunch of probably virtual servers in the "cloud") that like any proxy server hides details of the internal network or subnetwork except instead of forwarding http requests on to the outside, a reverse proxy receives requests from external sources and then forwards them to the server.

nothing wrong with reverse proxies, they increase security and efficiency by distributing the workload among many machines that actually serve the content and also provide caching ability for frequently accessed data so that work is taken off the servers from fetching it each time.

the privacy concerns i have mostly involve the implementation of security, and the future implementation. it doesn't seem to be friendly to tor users, when large number of users share a single IP address. i suppose script kiddies using tor to attack sites give tor users a bad name and eventually those IP addresses become associated with abuse. some people might feel that anonymity isn't worth typing captcha's all the time and just surrender all of the information over.

the other thing about cloudfare is that it's not like a website using their own reverse proxy where they have many servers behind it, a very large amount of sites use cloudfare so statistics can be collected on users between all of those sites, it makes tracking that much easier.

the best we can do is to minimize the amount we are tracked, by learning all we can, and using good habits. not letting ten thousand cookies build up on our computers. the only way to totally beat it would be to never use a web account more than once, and never visit more than one site with one IP address so they can't build up patterns because if they can match the pattern of behavior they can determine if it's the same person or not, even if they have differnt IP addresses. they may not have a name for that person, but after long enough and crunching enough data they could probably narrow it down to that.

 

No but Cloudfare has all kinds of problems!!!!!

WHY DOES EVERY SITE I AM ON WHO USES THEM ALWAYS HAVE ALL KINDS OF PROBLEMS?? (Sites that dont use them do not (Or not nearly as much anyway))

 

using a proxy server ur even more likely to be made to solve one of those Turing tests.