fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software. If you wish to join, contact us for an invite.

Administered by:

Server stats:

11K
active users

Marko Saric

I like it when even Cloudflare starts to de-Google-ify.

"We recently migrated from Google's reCAPTCHA to the independent hCaptcha. It helps address a privacy concern inherent to relying on a Google service..."

blog.cloudflare.com/moving-fro

@markosaric hCaptcha is arguably worse than reCaptcha with providers being paid some kind of crypto for using it. And we are talking Cloudflare here they're trying to show as much captcha as possible multiple times per page. Plus a11y concerns.

@nesc I am not really sure: cloudflare is a man-in-the-middle and I thought their encryption layer is corrupted... right? 🤔

@markosaric well done. Now they only have to address a privacy concern inherent to relying on their own service 😄 👓 👍

@markosaric Well written article. I'm building my own website, so I liked some of the advices.

@markosaric

You should disable the Web Application Firewall or change your web hosting provider.

@cuniculus hmm weird. is this on my blog or?

@markosaric

Yep, your blog, when visiting using Tor Browser.

@cuniculus thanks for letting me know. i know that they do some blocking of spam traffic/attempts automatically but i didn't know that it would affect tor too. sorry about that

@cuniculus @markosaric It's not needed to disable WAF, whitelisting Tor is enough. Cloudflare assigns the two-letter "country" code T1 for Tor.

@niconiconi @markosaric

Cloudflare rarely blocks Tor Browser, but that WAF block message is coming from his web host's WAF, not from Cloudflare.

I'm not going to defend Google or their captcha, but... reading hCaptcha web, i can't find any info about which use they will do of the human-trained AI data they harvest. Mainly, the same concern as with Google's Captcha.
And that's setting aside the use of it that CloudFlare will do...

@markosaric
#Cloucflare ditching #reCAPTCHA is a positive thing, but are they still using a system that allows the development of #selfDriving vehicles?

From what we can see, Cloucflare are just as bad as #Google, if not worse.

This #hCaptcha could also indicate that Google have completed the #machineLearning component, and so have given the greenlight for Cloucflare to end the arrangement.

We've not had a chance to understand hCaptcha.

We're cautious about feeding data to Cloucflare too.

@markosaric so the real reason is "we were missing out on the Chinese market and we want more coins"

@markosaric I already saw that change and I love it 👍 I've been a Cloudflare user for many years and their free service is great 👍 But I always had a problem with them showing anti-privacy Google captchas to my users while I did everything to optimize the privacy for my users.Google sucks 👎 The new Captcha provider looks very good.I started using it in my forms even before Cloudflare started using their service.So far I'm quite happy with their service 👍