There are no perfect solutions. In the arms race to protect against abuse, I'll take the solution that's more accessible, particularly to people that are discriminated against by CAPTCHAs, such as deafblind people.
I would actually be on-board with such things if this were against abuse but it's not -- it's preemptively assigning blame, since my copy of Firefox is not modified in any way except uBO but CF loves to captcha it. The other stories in every one of these captcha threads, and the majority of the CloudFlare announcements at all, demonstrate this isn't isolated to "oops, our bad" but a systemic problem
If I were DDoS-ing some site, I deserve every ban I get, but just browsing via the provided navigation links on the site shouldn't "pardon our interruption" or gatekeep
Interesting. I wonder what other factors you might have going against you causing CF to captcha you - I have my Firefox loaded up with almost every ad-blocking, privacy, and anti-fingerprinting extension I could think of, but I rarely get CAPTCHAs.
Yes, and that's my point: it's not action that the user can take to resolve accusations, and it's not because of abusive behavior it's just `response.status(200 if random.randbool() else 403)`
Ah yes, the classic "we care about security and privacy so much that we're going to force you to enable the biggest exploit vectors" move; classic Cloudflare:)
It's not a race when you arm both sides, as cloudflare did by hosting known abusers for years, working hard to shield them from the consequences of their actions.
