Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

If you are using TOR, and not accepting cookies, they are going to have no way of knowing that you are the same user who just solved the CAPTCHA. Every request is going to appear to be from a new user.

If you do everything you can to prevent google from knowing who you are, don't be surprised when they behave like they don't know who you are.



Tor Browser accepts session cookies. It won't have an established google identity, but it fully supports a temporary "solved the captcha" identity.


> The problem immediately goes away if you let google track you

I took that to mean they were blocking cookies


What prevents a botnet from sharing that same session cookie?


A botnet doesn't need Tor in the first place. And you can limit the use of a single captcha solution. It's not much different from the problem of a legitimate google account being borrowed by a bot.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: