Cloudflare launched today a new service named the "Cloudflare Onion Service" that can distinguish between bots and legitimate Tor traffic. The main advantage of this new service is that Tor users will see far less, or even no CAPTCHAs when accessing a Cloudflare-protected website via the Tor Browser.
The new Cloudflare Onion Service needed the Tor team to make "a small tweak in the Tor binary," hence it will only work with recent versions of the Tor Browser --the Tor Browser 8.0 and the new Tor Browser for Android, both launched earlier this month.
Tor users who are dead tired of seeing an endless stream of Google reCAPTCHAs when accessing a Cloudflare-protected site are advised to update to one of these two versions.
Also: Cloudflare IPFS Gateway boosts decentralized website development | 220.127.116.11: Cloudflare's new DNS attracting 'gigabits per second' of rubbish | Cloudflare emerges triumphant in Blackbird patent lawsuit | Cloudflare snaps up Neumob to boost mobile app speeds
The new Cloudflare Onion Service is also free for all Cloudflare customers and can be enabled by switching on the "Onion Routing" option under the Crypto tab of the Cloudflare dashboard.
Tor users have been complaining about seeing too many CAPTCHAs when accessing a Cloudflare-protect site for years now. In February 2016, Tor Project administrators went as far as to accuse Cloudflare of "sabotaging Tor traffic" by forcing Tor users to solve CAPTCHA fields ten times or more, in some cases.
Cloudflare responded to accusations a month later, claiming the company was only showing CAPTCHAs because 94 percent of all Tor traffic was either automated bots or originating from malicious actors.
Half a year later, in October 2016, Cloudflare started looking into methods of removing CAPTCHAS for Tor users. Their first foray was the Challenge Bypass Specification and a Tor Browser extension, but that project didn't go too far.
The company's engineers chose another path, building on a feature called Opportunistic Encryption, that they introduced in September 2016.
TechRepublic: How to enable DNS over TLS in Android Pie
In a blog post today, the Cloudflare team explained how they used this feature, together with a custom Proxy Protocol header, HTTP/2, and a few other tools to create the Cloudflare Onion Service, a system capable of distinguishing between good and bad Tor users, and allowing the good Tor traffic to flow to Cloudflare-protected sites without hassling users with annoying "street signs" CAPTCHA challenges.
Previous and related coverage:
Cyber attacks and malware are one of the biggest threats on the internet. Learn about the different types of malware - and how to avoid falling victim to attacks.
This simple advice will help to protect you against hackers and government surveillance.
Whether you're in the office or on the road, a VPN is still one of the best ways to protect yourself on the big, bad internet.
If you can't answer these basic questions, your security could be at risk.
Retired US Air Force cyber-security expert shares his thoughts on the future of critical infrastructure security.
Researchers turn ordinary WiFi devices in rudimentary scanners that can identify potentially dangerous objects hidden inside bags or luggage.