Hacker News new | past | comments | ask | show | jobs | submit login

This shouldn’t be necessary. We changed our handling of Tor so long ago that I’ve forgotten how long go it was.

If you are using the Tor Browser Bundle you should not see a CAPTCHA. If you do please report it to us.




I'm seeing the CAPTCHA a lot with the Brave Browser Tor Tab. You might want to reach out to the developers to make their Tor Tab be treated the same as the Tor Browser Bundle.


OK. I don't like that. I messaged the team about this.


That's what I thought. However, using Tor browser in Whonix, I've recently faced Google CAPTCHAs that require scripting to pass. For both account creation and login.

In future, I'll report CAPTCHAs with Tor browser to Cloudflare. But I can imagine that other CDNs use Google CAPTCHAs, so I'll check for that first.


As someone who sees it constantly on sites using Cloudflare....

Tails doesn't work for this.

Tor Browser Bundle does.

Correct?


Yeah tails was so broken with CloudFare I had to give up on it. Many sites showed the annoying captcha and, if you got past that, still refused to show content because it was presumably served from a separate domain. If you looked at source and copied the urls to the images and tried to open them directly you got another CloudFare captcha.


What's special about Tor Browser Bundle? What would I need to configure to use it with another browser?


Privacy Pass. https://privacypass.github.io/


How does Privacy Pass work exactly, to not enable spammers and other malicious bots?


There's a pretty good write up on how it works here: https://blog.cloudflare.com/cloudflare-supports-privacy-pass...


This is great, why isn't this part of the default Tor Browser Bundle?


As I understand it, it is part of the default Tor Browser Bundle. The problem is for people using other browsers with Tor.


I couldn't see it in the list of extensions there. I saw a ticket filed that said that there are various arguments against including it, one of them being that it's not the responsibility of the user to install some extension in order to get unblocked, it's the responsibility of the provider to not block users.


Shouldn't see it at all, or shouldn't see it more than once per session?


Shouldn't see it at all.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: