Cloudflare reCAPTCHA De-anonymizes Tor Users

rysiek rysiek at hackerspace.pl
Mon Aug 1 14:06:26 PDT 2016

Previous message: metro
Next message: Scanning the Dark Web with Python (was Re: cypherpunks Digest, Vol 37, Issue 101)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dnia wtorek, 19 lipca 2016 05:42:17 CEST grarpamp pisze:
> Each click on one of the images in the puzzle generates a total of
> about 50 packets between Tor user's computer and the Cloudflare's
> server (about half are requests and half are real-time responses from
> the server.)

Hummm, but what if JS is turned off (is anyone using Tor with JS turned on?). 
Not defending CloudFlare here (not a fan of centralised services like this), 
just wondering.

In fact, just tested it in the Tor Browser with JS disabled (as it is by 
default). No traffic was generated upon clicking on images -- only after 
hitting "submit".

Not much better, but a bit better nonetheless, I guess.

-- 
Pozdrawiam,
Michał "rysiek" Woźniak

Zmieniam klucz GPG :: http://rys.io/pl/147
GPG Key Transition :: http://rys.io/en/147
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 931 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20160801/92df146b/attachment-0002.sig>

Previous message: metro
Next message: Scanning the Dark Web with Python (was Re: cypherpunks Digest, Vol 37, Issue 101)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the cypherpunks mailing list