Google and Tor.

Robert Ransom rransom.8774 at gmail.com
Thu Aug 26 03:28:18 UTC 2010


On Wed, 25 Aug 2010 20:04:01 -0700
Mike Perry <mikeperry at fscked.org> wrote:

> I also question Google's threat model on this feature. Sure, they want
> to stop people from programmatically re-selling Google results without
> an API key in general, but there is A) no way people will be reselling
> Tor-level latency results, B) no way they can really expect determined
> competitors not to do competitive analysis of results using private IP
> ranges large enough to avoid DoS detection, C) no way that the total
> computational cost of the queries coming from Tor can justify denying
> so many users easy access to their site.

If Tor exit nodes were allowed to bypass Google's CAPTCHA, someone
could put up a low-bandwidth Tor exit node and then send their own
automated queries directly to Google from their Tor exit's IP.


Robert Ransom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20100825/b89bf515/attachment.pgp>


More information about the tor-talk mailing list