People who want to browse the web with anonymity using the Tor network are having problems with too many CAPTCHAs that they encounter before gaining access to a site.
CAPTCHAs are the simple security tests or puzzles that are set to prove that the user is indeed a human being and not a robot or software. CloudFlare is the content delivery company behind these restrictive CAPTCHAs.
However, there is a good news for Tor users, this experience may soon be a thing of the past.
CloudFlare announced that they are formulating a way for anonymous Tor users to gain access to websites without in inconvenience of solving CAPTCHAs.
HISTORY OF TOR AND CLOUDFLARE
The Tor network was developed and is operated by the Tor Project. This is a non-profit organization that deals with the development and distribution of free software to help people tackle online surveillance.
The idea behind the Tor network is definitely a noble one that serves human right defenders, diplomats, government officials, and other people who seek freedom from surveillance.
However, the network has always often been used to facilitate malicious and illegal activities.
As such, most content delivery firms including CloudFlare and Akamai block Tor users from accessing important websites.
This is of course, unfair to a percentage of Tor users who is using the network for perfectly lawful activities.
Tor users have been complaining about CloudFlare’s CAPTCHA system that treats each IP address as a single user.
They have also voiced their concern on CloudFlare’s failure to address the interest of the community to have a dialogue with regard to the issue.
Therefore, this recent announcement is a step that is favorable to Tor users.
THE CAPTCHA SYSTEM’S IMPACT ON USABILITY
These are the reasons why Tor users are annoyed by the seemingly simple CAPTCHAs, in many cases the system presents Tor users with a lengthy series of CAPTCHAs that often are very slow, or it seems like it’s on an endless loop. This is intentionally done so that a user may give up.
Sometimes, it will push the user to opt for unsafe browser, thus revealing their location and IP address.
This can be a big risk to some Tor users who need anonymity including human rights activists or those victims of domestic violence.
The ones that are affected the most are those users leaving in a country with a slow internet, that leads to a very negative experience.
This new reform that will be implemented by CloudFlare is a response to the widespread backlash that the firm has received on social media and other online platforms.
This CAPTCHA system has been called a discriminative censorship system on numerous occasions.
David Kaye, UN Special Reporter detailed this internet discrimination in a 2015 report where he affirmed that the Tor network is necessary for the freedom of expression despite its negative aspects.
It is important to note that this CAPTCHA system also affects mobile phone users. Android users with the Android version of Tor browser and Orfox, have also complained about CloudFlare’s endless CAPTCHAs.
THE PROPOSED SOLUTION
CloudFlare has always been aware of this problem for at least three years already. Tor Project Developers claimed that they have discussed the matter with CloudFlare developers both online and in person for more than a year.
However, CloudFlare CEO Mathew Price stated that the firm has always been open to finding an amicable solution without compromising the security of their clients.
This announcement has been long overdue and could be just another strategy to delay the matter. According to CloudFlare authors, the firm aims to solve this issue by employing a system called the Challenge Bypass Specification.
Through this system, authentication tokens called nonces offered via a Tor browser plugin will eliminate the CAPTCHA problem while still protecting other sites from malicious users.
Malicious traffic that has always been automated will be unable to earn these tokens.
Provision of nonces by authentic users will enable anonymous access to important websites. Users will be able to earn a number of tokens for solving a single CAPTCHA.
CloudFlare claims that this feature is not unique to them. Other content delivery firms will be able to implement this with their own policies.
The single CAPTCHA for token option, is not a guarantee that you ca access all websites.
While this feature is still in the works, it will definitely reduce the inconvenience caused by the current security measures.
Latest posts by Richard (see all)
- Wide Range of Job Ads Available on the Dark Web - November 5, 2018
- Continuous Exploit of RDP Pushes FBI to Issue Warning to Potential Targets - October 29, 2018
- Ross Ulbricht’s Fifth Year in Jail - October 10, 2018