• activistPnk@slrpnk.netOPM
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      11 months ago

      By default, Cloudflare blocks access to the following groups of people:

      • users whose ISP uses CGNAT to distribute a limited range of IPv4 addresses (this generally impacts poor people in impoverished regions)
      • the Tor community
      • VPN users
      • users of public libraries, and generally networks where IP addresses are shared
      • privacy enthusiasts who will not disclose ~25% of their web traffic to one single corporation in a country without privacy safeguards
      • blind people who disable images in their browsers (which triggers false positives for robots, as scripts are generally not interested in images either)
      • the permacomputing community and people on limited internet connections, who also disable browser images to reduce bandwidth which makes them appear as bots
      • people who actually run bots – Cloudflare is outspokenly anti-robot and treats beneficial bots the same as malicious bots

      When excluded people attempt to access a Cloudflare-jailed website, we get a page that simply says:

      www.inhabitat.com
      www.inhabitat.com needs to review the security of your connection before proceeding.
      Please unblock challenges.cloudflare.com to proceed.
      

      It just sits there in an endless loop of brokenness. We used to get CAPTCHAs which were usually broken. CF changed their CAPTCHA service from Google reCAPTCHA to hCAPTCHA (because CF profits from your labor when you solve an hCAPTCHA). But it seems hCAPTCHA was abandoned… probably much the crowd who is wise enough to find themselves in the excluded group are also wise enough to refuse to solve CAPTCHAs. I don’t imagine that many people would tolerate solving a CAPTCHA for ~25% of the sites they encounter.