← Back to context

Comment by kube-system

3 years ago

Likening packets on the internet to people in a street is not an accurate analogy. The reason people use these solutions is that they're inundated with garbage traffic that is often automated. The internet is more like a street with 5 real people and 1,000 malicious humanoid robots.

8 comments

kube-system

Reply
ipaddr  3 years ago

You get 1005 requests for a file. They are all real requests. You simply send back the data.

You want to determine who is manually asking vs automated so you can ignore requests that aren't manually generated.

  • Wazako  3 years ago

    We are more in the case of adding a turnaround on footpaths to block motorbikes and other 2-wheel scooters. captcha also exists in the real world.

codedokode  3 years ago

Instead of Cloudflare there should be a protocol that would allow host to notify upstream providers that they should reject incoming traffic from specific address ranges. If there was such protocol all Cloudflare business would be zeroed in a minute, but sadly that is not going to happen.

  • warrenm  3 years ago

    >there should be a protocol that would allow host to notify upstream providers that they should reject incoming traffic from specific address ranges

    At the server or datacenter level, it's call a firewall :)

  • kube-system  3 years ago

    Considering that a lot of the internet is still behind a NAT I’m not sure that’s a completely bulletproof solution.

jacquesm  3 years ago

If it needs a checkbox to confirm you're a human then I would say that's a lost battle. A bot would be just as able to click that as I am. And I keep being hit with these over and over again. It's well beyond just annoying, especially when it is sites that I have a long standing relationship with. Which I wonder: are those sites even aware that Cloudflare keeps popping up that check dialog?

  • kube-system  3 years ago

    You are right that scripts can check a checkbox. Which is why the "checkboxes" that cloudflare/recaptcha display to you are not actually checkboxes. They're fingerprinting and behavioral analysis scripts.

account42  3 years ago

There is no reason whasoever you should need to prove you are not a bot in order to view an effectively static website. For interaction you may need anti-spam measures, for viewing no.