[tor-talk] A multi-layer proof of work system to solve the Tor/CloudFlare problem?

Fabio Pietrosanti (naif) - lists lists at infosecurity.ch
Wed Jan 27 08:44:51 UTC 2016



On 1/26/16 10:58 AM, Pickfire wrote:
> On Mon, Jan 25, 2016 at 09:09:37PM +0100, Cain Ungothep wrote:
>>> That way a normal web client, normally browsing a website, would not be
>>> impacted from end-user experience, but any automated system (the ones
>>> causing
>>> problems to Cloudflare)
>>
>> Why can't people separate Tor from Tor Browser in their minds?  Tor is a
>> network transport.  Not all Tor users are lusers sitting behind Tor
>> Browser,
>> clicking things.
> 
> Nice speech, I don't use Tor browser, I use Tor for almost every
> application. I would like to automate a link checker for it, but the
> useless Cloudflare broke my script to check broken links.

At first Tor is mostly used by Tor Browser, it's probably a marginal
part of users that use Tor without Tor Browsers.

By the way whatever you are using for server-side script automation, a
Javascript interpreter with server-side node.js or other JS interpreter
used from other languages, can replicate exact JS-Pow functionality
possibly implemented by CloudFlare and executed by Tor Browser.

It doesn't change anything w.t.r. to the problem that need to be
addressed and that this idea would propose to address, that's a
fundamentally different approach trying to identify an automated way to
fight against automated scanners.

Fabio


More information about the tor-talk mailing list