Cloudflare ends CAPTCHA challenges for Tor users

Cloudflare launched today a new service named the “Cloudflare Onion Service” that can distinguish between bots and legitimate Tor traffic. The main advantage of this new service is that Tor users will see far less, or even no CAPTCHAs when accessing a Cloudflare-protected website via the Tor Browser.

The new Cloudflare Onion Service needed the Tor team to make “a small tweak in the Tor binary,” hence it will only work with recent versions of the Tro Browser –the Tor Browser 8.0 and the new Tor Browser for Android, both launched earlier this month.

Tor users who are dead tired of seeing an endless stream of Google reCAPTCHAs when accessing a Cloudflare-protected site are advised to update to one of these two versions.

TechRepublic: How to enable DNS over TLS in Android Pie

The new Cloudflare Onion Service is also free for all Cloudflare customers and can be enabled by switching on the “Opportunistic Encryption” option under the Crypto tab of the Cloudflare dashboard.

opportunistic-encryption.png

Tor users have been complaining about seeing too many CAPTCHAs when accessing a Cloudflare-protect site for years now. In February 2016, Tor Project administrators went as far as to accuse Cloudflare of “sabotaging Tor traffic” by forcing Tor users to solve CAPTCHA fields ten times or more, in some cases.

Cloudflare responded to accusations a month later, claiming the company was only showing CAPTCHAs because 94 percent of all Tor traffic was either automated bots or originating from malicious actors.

CNET: How to change your DNS and (maybe) take the internet back

Half a year later, in October 2016, Cloudflare started looking into methods of removing CAPTCHAS for Tor users. Their first foray was the Challenge Bypass Specification and a Tor Browser extension, but that project didn’t go too far.

The company’s engineers chose another path, building on a feature called Opportunistic Encryption, that they introduced in September 2016.

In a blog post today, the Cloudflare team explained how they used this feature, together with a custom Proxy Protocol header, HTTP/2, and a few other tools to create the Cloudflare Onion Service, a system capable of distinguishing between good and bad Tor users, and allowing the good Tor traffic to flow to Cloudflare-protected sites without hassling users with annoying “street signs” CAPTCHA challenges.

Related coverage:

READ MORE HERE