[tor-talk] Tor and Google error / CAPTCHAs.
Alec Muffett
alec.muffett at gmail.com
Mon Oct 3 15:16:12 UTC 2016
On 3 October 2016 at 15:43, <blobby at openmailbox.org> wrote:
>
> But a point might be: tor exit nodes are public but SOCKS proxies are not.
> Unless you tell me otherwise, I don't think there are centralized databases
> of SOCKS proxies.
>
Let me make an even more generalised statement:
"There are centralised databases of {many IPs or Subnets which appear to
emanate badness, aggregated across the experiences of many companies}"
Here is just one of many, and this one at least is open to participation:
https://www.facebook.com/notes/protect-the-graph/understanding-online-threats-with-threatdata/1438165199756960/
- and there are many more, often closed.
Now my suspicion is that you will say: not the point. People will be
> messing around with said SOCKS proxies (the aforementioned scraping for
> example) and hence it's irrelevant whether there's an accessible record
> that said IP is a SOCKS proxy. Yes?
>
Given the assertion I make above, and the evidence that I provide for it, I
believe my responding to this is moot?
> Just one more point: one can use http://www.ip-score.com/ to check
> whether an IP is on any blacklists.
I daresay it checks _some_ of them, I don't know how often, plus - you know
- companies are at liberty to do their own tracking of badness and come to
their own conclusions.
I've occasionally found proxies that are 100% clean. Yet still I get asked
> for a CAPTCHA when using them.
Yes. I've been trying in the last few emails to dispel the notion that
there are any "hard and fast", absolute, 100% correct for all time, rules
about this sort of thing. Evidently I have not yet succeeded. :-)
TL;DR : it is pointless and verges upon stupidity to attempt to draw
conclusions about spamfighting behaviour on the basis of
small-to-even-medium-size amounts of experiential reporting.
Perhaps you were carrying around a tainted cookie from some previous
attempt?
Perhaps one of the systems "burped"?
I cannot tell you why, and without a reproducable case the platform in
question probably will not be able to tell you why, either.
> This is, I suspect, because http://www.ip-score.com/
...and that's my point.
You/we are all speculating.
Why bother? Speculating will not actually change anything.
If we want to have a better experience when using <WEBSITE> over Tor, what
needs to happen is for <WEBSITE> to:
a) learn to value the people who use <WEBSITE> over Tor, and...
b) do some work on behalf of the people who use <WEBSITE> over Tor
All that speculation does is stoke the whining and pseudoscience of "enable
this, disable that, stack a proxy atop/beneath the other, it must be
something to do with geolocation".
Perhaps it _is_ something to do with geolocation - today. Tomorrow it
might be something else entirely. On wednesday perhaps a gang of Ukrainian
scraper-noobs will burn your favourite SOCKS relay and it will go onto the
"naughty list" for a month, as a result - and then another company might
take a copy of that part of the IP reputation database and sell it to a
bunch of banks and newspapers as "fresh security data" for six months,
propagating the hassle.
So: do you want to waste time speculating about who told what, when, and
why, and reverse-engineering flaky databases of IP reputation and
blocklists?
Or would you prefer to work to get better access through engagement?
The latter strikes me as far more constructive.
- alec
--
http://dropsafe.crypticide.com/aboutalecm
More information about the tor-talk
mailing list