155
Cloudflare is free of CAPTCHAs; Turnstile is free for everyone (blog.cloudflare.com)
submitted 2 years ago* (last edited 2 years ago) by simple@lemm.ee to c/technology@lemmy.ml
20 comments fedilink hide all child comments

I've actually noticed this in some websites the past ~two months. It's neat to have a captcha that finally doesn't need slowly clicking images to pass through.

all 22 comments
sorted by: hot top controversial new old
[-] redcalcium@lemmy.institute 72 points 2 years ago

Second, we find that a few privacy-focused users often ask their browsers to go beyond standard practices to preserve their anonymity. This includes changing their user-agent (something bots will do to evade detection as well), and preventing third-party scripts from executing entirely. Issues caused by this behavior can now be displayed clearly in a Turnstile widget, so those users can immediately understand the issue and make a conscientious choice about whether they want to allow their browser to pass a challenge.

Those of you that browse the internet with JS disabled (e.g. using NoScript), the time of reckoning has finally come. A huge swatch of internet will no longer be accessible without enabling javascript.

[-] red@sopuli.xyz 23 points 2 years ago* (last edited 2 years ago)

As a web developer who's worked in the industry for 16 years, every snowflake requiring me to work harder to support their "choices" is just an annoyance. I get wanting to reduce tracking etc, but in all honesty, the 0.0X% of users running tons of blockers and JS off are in reality just easier to track, in comparison to hiding in the mass of regular users who might be running an ad blocker (or nothing).

As long as your browser is making requests, you'll never be invisible.

The change needs to come from regulation level imho.

[-] LufyCZ@lemmy.world 13 points 2 years ago

Couldn't agree more.

It's great you can do it and you're free to, but not using javascript often means revamping the whole codebase and making everything 5x more complicated.

Which just won't happen to make 6 users happy

[-] red@sopuli.xyz 7 points 2 years ago* (last edited 2 years ago)

Amen. We do provide text versions though, but a few JS-blocking users have complained about having a barebones experience.

[-] DarkenLM@kbin.social 11 points 2 years ago

but a few JS-blocking users have complained about having a barebones experience.

Well no shit, have they ever wondered why the language was created in the first place?

[-] red@sopuli.xyz 3 points 2 years ago

It's a god damn funny though.

[-] sik0fewl@kbin.social 14 points 2 years ago

Ya, I feel like disabling Javascript should not be "beyond standard practice".

[-] Cheradenine@sh.itjust.works 8 points 2 years ago

Mull with RethinkDNS on mobile, 'cool, so the internet just became less accessible'.

[-] red@sopuli.xyz 2 points 2 years ago

[-] jsdz@lemmy.ml 24 points 2 years ago

I just tested my favourite cloudflare-blocked site and it still hangs on "verifying the security of your connection" in my figerprinting-resistant browser profile.

[-] library_napper@monyet.cc 3 points 2 years ago

Yeah I get infinite loops on half the Internet. It's infuriating and should be illegal for them to deny my as a customer just because they can't track me

[-] stifle867@programming.dev 15 points 2 years ago

How does any of this fit into the reality that you can pay $1 per 1000 captchas for a real, actual human to solve them? It seems like so much effort is put into this cat&mouse narrative with bot makers, ignoring the reality that sometimes labour is actually much cheaper.

[-] LufyCZ@lemmy.world 9 points 2 years ago

It's about creating at least a small barrier for not-very motivated people.

If a script kiddie wants to create a couple accounts and spam a bit, paying for and integrating such a service might just discourage them from actually taking the time.

Just a small cost if you're dedicated though, for sure

[-] hedgehog@ttrpg.network 4 points 2 years ago

Given that it gets rid of captchas, it neatly evades that issue.

Their goal wasn’t to improve bot blocking, though, but to deter real people less and bots just as much, and it seems they’ve achieved that.

[-] makeasnek@lemmy.ml 6 points 2 years ago

Cloudflare MITMs a good portion of internet traffic. They can even see inside SSL tunnels for most websites you visit. It's an absolute privacy nightmare.

[-] iso@lemy.lol 4 points 2 years ago

But how it works? I don't see any explanation on the post nor CF web site. It looks magical.

this post was submitted on 07 Oct 2023
155 points (100.0% liked)

Technology

37617 readers
188 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.

Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.

Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 6 years ago
MODERATORS
MinutePhrase@lemmy.ml