this post was submitted on 20 Mar 2025
381 points (99.7% liked)
Open Source
34914 readers
508 users here now
All about open source! Feel free to ask questions, and share news, and interesting stuff!
Useful Links
- Open Source Initiative
- Free Software Foundation
- Electronic Frontier Foundation
- Software Freedom Conservancy
- It's FOSS
- Android FOSS Apps Megathread
Rules
- Posts must be relevant to the open source ideology
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
- !libre_culture@lemmy.ml
- !libre_software@lemmy.ml
- !libre_hardware@lemmy.ml
- !linux@lemmy.ml
- !technology@lemmy.ml
Community icon from opensource.org, but we are not affiliated with them.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Proof of work is what those modern captchas tend to do I believe. Not useful to stop creating accounts and such, but very effective to stop crawlers.
Have the same problem at work, and Cloudflare does jack shit about it. Half that traffic uses user agents that have no chance to even support TLS1.3, I see some IE5, IE6, Opera with their old Presto engine, I've even seen Netscape. Complete and utter bullshit. At this point if you're not on an allow list of known common user agents or logged in, you get a PoW captcha.
If I was a bot author intent on causing misery I'd just use the user agent from the latest version of Firefox/Chrome/Edge that legitimate users would use.
It's just a string controlled by the client at the end of the day and I'm surprised the GPT and OpenAI bots announce themselves in it. Associating meaning on the server side is always going to be problematic if the client can control the value
Yeah but Tor's doesn't require JavaScript, so you dont have to block at-risk users and opress them further