It's even worse when you're running a VPN (especially one of the major public ones).
When I see reCAPTCHA I basically give up as sometimes I have to go through 6 or 7 full sets to be let into a site. It's the evil of the internet this.
reCAPTCHA on VPN is difficult, but on the Tor network, they are downright impossible. I've never been able to get past it, even after a few dozen painful attempts. That means Google services are entirely off-limits over Tor, even Search, which is a disgrace.
> That means Google services are entirely off-limits over Tor
If only it was Google services alone. CloudFlare loves serving up a ReCAPTCHA for Tor users before they can even passively read site contents. That hugely expands the damage done.
Install the PrivacyPass Firefox or Chrome extension. It was developed by Cloudflare, Firefox, and Tor in partnership. It has you answer a ReCAPTCHA and using some crypto magic, generate a bunch of CAPTCHA bypass tokens that can't be traced to your specific computer.
The plugin requires "privacy passes". Those passes can be obtained by solving captchas, but when trying to do so, one is greeted with this message about being blocked: https://i.imgur.com/qXJfl6J.png
This sort of breaks tor though, doesn't it? Tor works really well if you stay on the same circuit for a while since it reduces the chances you have a compromised circuit. If you start getting recaptcha to block every exit node except those you control, you essentially have amplified your effective strength on the tor network.
This sounds pretty good, but you still have to pass a captcha in order to get a pass, and sometimes that is impossible (or at least I just give up because I lost interest after 20 puzzles).
If it was developed in conjunction with Tor, how come it doesn't come bundled with the Tor browser or Tails?
So if you're running the wrong combination of addons/VPNs/browser you're denied access to half the web because Big G says so? And now they're aggressively pushing sysadmins to install silent data harvesting scripts on every page of their sites? WTF more will it take to get people interested in breaking up these monopolies?
From what I've seen (and most of it's anecdotal) things do appear to be changing. There are already people who won't go anywhere near Facebook now for personal ethical reasons, and even concerns that it might hurt future career prospects.
Tor users don't want to be running reCAPTCHA at all. There's a few privacy problems for people who run that or other ambitious cross-site snooping. Usual stuff (requests, cookies, JS fingerprinting, etc.), behavioral fingerprinting, and very detailed monitoring of what information you were accessing/reading and possibly even entering.
>You can hardly blame anyone for blocking Tor traffic.
Yes I can and do. It's bad enough that some websites won't let you do certain things over Tor, but preventing access to the website entirely is unacceptable. I made this account and comment entirely over Tor.
I don't see how it's okay to block Tor. That generic claim is made, but how are your spam measures doing if you couldn't handle Tor spam?
>You might not be using it for abuse but a large volume of abuse originates from it.
There is infinitely more ''abuse'' coming from Google, and yet it seems most every page I visit contains Google malware.
On principle, I hold the idea that Tor should be a first-class citizen and not disadvantaged in any way. Notice that Google's ''HTTP/3'' is over UDP, which Tor doesn't work with; I don't find that a coincidence.
> like all IP addresses that connect to our network, we check the requests that they make and assign a threat score to the IP. Unfortunately, since such a high percentage of requests that are coming from the Tor network are malicious, the IPs of the Tor exit nodes often have a very high threat score.
Somehow I doubt most Tor users are really just in it for privacy for general browsing, especially since it's so slow and limited. You can get a VPN for that. Unless you're a total privacy purist, there's not much incentive to use Tor unless you're buying drugs/something else illegal or just curious to look around the dark web.
Tor is free with no signup / cc required. This makes a huge difference, especially for younger users. Did for me back then, at least.
Initially it was slow, yes. But totally fine the last few years for normal browsing and reasonable downloads. Speedtest.net, speedtest.googlefiber & fast.com just now gave me 5, 6 & 10Mbps for whatever server in Ghana i got. Only the high ping causes loading times to still be a bit annoying.
But right now the biggest reason not to use Tor for anything "legit" is the many services blocking you, since indeed most current Tor users are not what those services want and the race to the bottom of Tor will continue, if we haven't reached it already.
Tor is slow if you're used to browse with a 50 MB internet connection speed.
My own connection doesn't go over 1.6MB download speed, and only if the weather is clear and I have the wind in the back.
You can now achieve a 500KB or more speed in most Tor connection, which is enough to have a confortable browsing experience, imo.
The real downside is the google captcha, which happens sometimes to even denie you to solve a captcha in the first place for web pages where there is no user input.
I'm assuming you are not logged into a Google account during this? What happens if you create a throwaway Google account while on Tor? Or is that also impossible?
I find they don't want a phone number if you sign up to youtube and opt to create a new gmail address instead of providing an existing email addr. Whether this works consistently, though ...
