Comment by marticode
3 hours ago
As a user I do care, because I waste so much time on Cloudflare's "prove you are human" blocking-page (why do I have to prove it over and over again?), and frequently run on websites blocking me entirely based on some bad IP-blacklist used along with Cloudflare.
Unfortunately the internet sucks in 2025.
If you have a site with valuable content the LLM crawlers hound you to no end. CF is basically a protection racket at this point for many sites. It doesnt even stop the more determined ones but it keeps some away.
Yep for anyone unaware of how awful things truly are, look up what a "residential proxy" is. Back in my day we called that a botnet.
And yet half the HN front page every day is promoting LLM stuff.
"The internet sucks", yes, but we're doing it to ourselves.
Would you rather not have LLMs?
3 replies →
Unfortunately the problem isn't just "the internet sucks" it's "the internet sucks, and everyone uses it" - meaning people are not doing stuff offline, and a lot of our lives require us to be online.
I just realized, why don't they have some "definitely human" third party cookie that caches your humanness for 24h or so? I'm sure there's a reason, I've heard third party cookies were less respected now, but can someone chime in on why this doesn't work and save a ton of compute?
Because people will solve the challenge once, and then use the cookie in automation tools. It already happens with shorter expiration cookies.
Thanks, I'm now shaking my head at my naivete :)
https://developers.cloudflare.com/waf/tools/privacy-pass/
Are you really posting this today?
Yes, there are several, and the good one (linked below) lets you use the "humanness" token across different websites without them being able to use it as a tracking signal / supercookie. It's very clever.
https://github.com/ietf-wg-privacypass/base-drafts
https://privacypass.github.io/
I assume that will be for Apple (and eventually Alphabet) to implement via digital IDs linked to real world IDs.
https://www.apple.com/newsroom/2025/11/apple-introduces-digi...
Don't worry, Sam Altman is selling the protection too -- https://en.wikipedia.org/wiki/World_(blockchain)
Congrats, you now know what it's like to be a daily Tor user trying to hit normie sites from exit node IPs xD
Why would anyone be a daily Tor user and trying to hit clear-net sites on top of that? This sounds like a bizarre usecase.
Privacy through uniformity / operational security by routine: if you use Tor for "normie sites", then the fact that someone is using Tor is no longer a reliable proxy for "someone trying to see/do something confidential" and it becomes harder to identify & target journalists, etc. just because they're using Tor.
I hate it as much (and the challenge time seems to be getting longer, 10s lately for me, what the hell?)
But we can all say thank you to all the AI crawlers who hammer websites with impossible traffic.
I mean, it was a problem before AI crawlers with just bots and attacks in general.