back to article CloudFlare shows Tor users the way out of CAPTCHA hell

CloudFlare has backed up its promise to get rid of the CAPTCHAs that Tor users complain discriminate against them. The content distribution network's (CDN's) hated CAPTCHAs make browsing an unhappy experience for Tor users by offering rather too many challenges. Worse yet, they drop a cookie on validated users' browsers and …

  1. tiggity Silver badge

    nonce field - unfortunate choice of name

    Given what some TOR users might possibly be viewing

    I'm assuming they are unaware of UK slang terms

    1. djack

      Re: nonce field - unfortunate choice of name

      I never fail to giggle at it, but 'nonce' is a long established term in the fields of crypto based authentication. It is just a random blob of data that is generated on demand. basically it is unique and unpredictable so it can be used to establish a challenge for proof of possession of a key and a differentiator between different transactions.

      As the actual value is irrelevant I guess that the name comes from a contraction of nonsense.

      1. Ben Tasker Silver badge

        Re: nonce field - unfortunate choice of name

        > As the actual value is irrelevant I guess that the name comes from a contraction of nonsense.

        I've always assumed being a throwaway its just a contraction of "n" and "once"

        Not sure though

        1. Dr Spork
          Thumb Up

          Re: nonce field - unfortunate choice of name

          Indeed, "n" being usual mathematical abbreviation for "a number"

          A "nonce" is a number [used] once.

          1. brotherelf
            Trollface

            Re: nonce field - unfortunate choice of name

            So should we feel lucky they didn't name it a nuonce? Ba-dum-tish!

            1. Anonymous Coward
              Coat

              Re: nonce field - unfortunate choice of name

              Here's your coat

  2. Steven Roper

    About bloody time

    It's not only Tor users that are afflicted with this scourge - VPN users get hit with it as well. Given that in Australia VPN use is practically mandatory thanks to Brandis' snoop laws, Cloudflare's fucking captchas have made surfing the internet a trip through hell.

    I got to the point where, every time I faced one, I would deliberately spend at least 5 minutes reporting one after another as having no valid solution, just for the fun of screwing with their system. After my complaints to Cloudflare went unanswered, I found that posting this act as a suggestion on 4chan seemed to popularise this kind of attack. I wonder if the resultant mess this would have made of their captcha system being flooded with false invalidity reports had an effect on their decision to find another solution!

    1. Anonymous Coward
      Pirate

      Re: About bloody time

      Try it with JS off: They make them longer and deliberately undecipherable then. The [data mining and/or NSA front] bastards.

      Not convinced this "solution" is much of an improvement either. A fucking plugin?!?!?!!!one

      Seems like some committee somewhere has spent a long time carefully contriving a gratuitously Machiavellian pseudosolution.

  3. Anonymous Coward
    Anonymous Coward

    Fuck CAPTCHAs & the sites that use them.

    A blind person can't use the visual ones for obvious reasons, & the audio ones are often impossible to listen to such that you can't understand what the fuck they're trying to say in them. "Was that Bat? Cat? Hat? Chat? The warble tone in the background screws it up!"

    And because THEY have created a challenge that only sight or hearing unimpaired people can deal with, suddenly the fact that I'm disabled means I'm no longer Human as far as the site is concerned.

    Fuck that & fuck them. I fire off an angry email to the site's maintainer telling them of this artificial & discriminatory barrier, & why they need an ass kicking from anyone & everyone they have similarly disparaged.

    If your CAPTCHA can be thwarted by a reasonably sofisticated ChatBot but not a Disabled person, then you're not keeping out the very elements you think are misusing your system.

    *Extremely rude gesture involving a blind cane, a hearing aid, & an Assistive Technology device*

  4. Anonymous Coward
    Anonymous Coward

    We all know how to hack a hosts file

    So just lookup the IP behind the cloudflare set up.

    http://www.crimeflare.com/cfs.html

  5. Mahhn

    no trust

    Sites should host their own content.

    I have no trust.

    Go to a website, notice that you're connected to 25+ different IPs because the author is lazy or selling you out. Pisses me off.

  6. allthecoolshortnamesweretaken

    "Bling signature scheme ..." ?

    Fabulous!

  7. Anonymous Coward
    Anonymous Coward

    picture guessing

    I just need a script to bypass the captchas on KissAnime, so my bulk downloader will work again.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020