Closed mk-pmb closed 3 months ago
if this is a defense against malicious modification
No, that was something else and is totally unrelated. CF is about DDOS protection really.
Thanks for the clarification. I guess a read-only mirror on a hidden service could still help, as it would make the clear web OSM and TOR OSM have independent attack surfaces. DDoS on just that mirror might not be as attractive a goal for attackers. Is that something the operations team might be interested in, or should that be a project for independent privacy activists? If it's a funding problem, I might be able to gather some people who would donate specifically for making OSM available via TOR.
If you’re interested in running your own (search?) services, there’s really nothing stopping you from doing so. You don’t need permission from anyone, and don’t even have to talk to operations. Many people and companies are doing that already.
Thanks for the encouragement! Indeed it seems like it may be a lot easier today than when I checked a few years ago. I even found the "Using OpenStreetMap offline" wiki page. I'll try and roll my own then.
Hello OSM Team! First, thanks for your great work! I hope this is the right place to ask, as it was suggested to someone else in this forum thread.
A few moments ago, I was trying to figure out where a place is (https://www.openstreetmap.org/search?query=keyword) and found that I'm now banned for my privacy choices, i.e. using TOR. Years ago, when I had still hope about this, I tried stuff like pleading with Cloudflare support or even solving their CAPTCHAs. Until their CAPTCHA hate got to a point where my answers were no longer sufficient even when I enlisted the help of seven(!) human the friends who were all convinced I was kidding, but they soon discovered that yes, really, even after about 20 attempts where we all agreed on the solution, we still were not accepted to be humans. We were human enough for the government, but not for Cloudflare.
The claim about checking human-ness is the biggest insult in all of this anyway. I don't even need a robot arm as in the video. All they really want is a browser with no privacy. Then, even sending "tab tab space" software-emulated keystrokes will work. Without any CAPTCHA.
From the forum thread, it seems that the switch to CloudFlare was a reaction to "vandalism". I don't know exactly what happened, since the thread there started to derail very quickly, and I stopped reading. However, from what I have read there, it seemed to be about malicious modifications.
So, if this is a defense against malicious modification, could we maybe still allow all read access?
The thread also linked this Tutorial by CloudFlare themselves which I don't exactly understand, because it rambles about avoiding exit nodes and lowering threat scores, but, as usual for CloudFlare's propaganda, avoids mentioning the concept of read access vs. write access. Someone seems to have created a tutorial on GitHub also, but that seems to be the same just with pictures.
I hope (and assume) the overblocking was an accident and you didn't mean to participate in Cloudflare's hate of grouping privacy enthusiasts as non-human.
I'd love if you could grant read access even to people whose write access you (probably rightfully) fear.
PS: If there is worry about exit nodes pretending to be the real OSM, it could help to set up a hidden service for a read-only OSM.