Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Trust the World's Fastest VPN with Your Internet Security & Freedom - A Lifetime Subscription of PureVPN at 88% off. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Comment Re:Identifying the user?? (Score 5, Informative) 54

To be specific, let me quote the spec:

The current Cloudflare CAPTCHA simply places a cookie allowing you to access the website. Since Cloudflare controls the origins, it could currently correlate user sessions across multiple circuits using these cookies. This is a gap in the Tor Browser threat model- the design explicitly ignores linking within a session by malicious first parties, but Cloudflare has effectively first-party control over a large proportion of the web.

Our design is an improvement over this state of affairs. Since the CAPTCHA service only sees blinded nonces, Cloudflare cannot link a CAPTCHA solution session to a given redemption request. Since each token is used only once, in contrast to a cookie, the tokens themselves cannot be used to link requests.

Comment My Chrome must-haves (Score 1) 195

AdBlock Plus.
HTTPS Everywhere.
Desktop Notifications for StackExchange.
Chrome extension source viewer (allows examining extensions and apps without installing them).
Kicktraq (shows funding graphs embedded in the header of Kickstarter page)
RSS Subscription Extension + The Old Reader Notifier (disclosure: I maintain that one)
A few self-written extensions for Fallen London browser game.

Slashdot Top Deals

Their idea of an offer you can't refuse is an offer... and you'd better not refuse.