Dark Dark aka web site is mediated network connection using technologies like Tor and I2P. Used to escape from supervision, whether authoritarian regimes, and powerful forces of justice in the relatively democratic regimes. It enables you to come across as a typical, political dissidents trying to communicate through the Great Firewall of China and seller of drugs, stolen digital identities and weapons. This free online world, however, just do not like the Communists, hawks and NSA, but even advertising giants …
IoError describes the state of affairs as a problem with censorship and mass monitoring by corporations. “There are companies – for example CloudFlare, which de facto act as a global community Toru enemies. They are not inclined to open dialogue, blocking the members of our community on social networks, actively preventing access to Web sites from Toru (in cooperation with the supervisory giants like Google) and honestly run in browsers untrusted million lines of code for the dubious safety gains. ”
Said CloudFlare is prevented by limiting the traffic flowing from Toru as preventing attacks on the CDN (Content Delivery Network – a network for delivering content) and DDoS attacks (flooding the targeted server traffic). Traffic restrictions by CloudFlare (similarly by Google and Yahoo) consists in imposing the cookies and filling CAPTCHA codes to distinguish human visitors from automated robots. This verification is not only annoying and unreliable, often crashes and repeated over and over again. And what is worse, opening the way to the viewing was described, tracked and eventually deanonymizován.
From the discussion Tor Bug Tracker employee CloudFlare just emerged several possible directions, which way would be the solution to protect users Toru before deanonymisation might take. They are
- Warning / multiple choice before entering the service of protected sites. Before entering the protected sites services type CloudFlare visitor should be warned that they are protected by the service that will be subjected to the test human visitor and about it will be collected data, potentially leading to its description, the possible monitoring and deanonymisation. If this visitor did not take, could have more options to choose the type of contact the owners website, browse the web in read-only mode, get a form nacachovanou site etc.
- Create a cookie bearing only bit information I-person associated with the browsing sessions.
In fact, however, they remain still rather Toru users outside the gates zaCAPTCHAovaných sites are still vulnerable to identity disclosure. Nor create a human cookie is not operational in the long term, because even robotic visitors to the site are sent only criminals, while most human traffic today produces datamining.