LQ needs to review the security of your connection frustrating delays
LQ Suggestions & FeedbackDo you have a suggestion for this site or an idea that will make the site better? This forum is for you.
PLEASE READ THIS FORUM - Information and status updates will also be posted here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: native install of Parrot Home Edition 5.0 Debian (no security tools) 64 bit, KDE, 5.14.0-9parrot1,
Posts: 872
Original Poster
Rep:
@Whoever owns LQ or manages it
Can we get an update as to Admin's solution to this thread's issue? What's been done so far and what is going to be done can we get an update from forum owners?
Can we get an update as to Admin's solution to this thread's issue? What's been done so far and what is going to be done can we get an update from forum owners?
Who owns this forum? Is this a for-profit forum?
Look back up the thread for comments from Jeremy. That is the closest thing to what you are asking for, and he IS the authority here.
He does not owe us exact code or settings, and were I him I would be seriously reluctant to disclose those details. That said he has always been responsive, informative, and very reasonable. (MUCH more than I would be, I can be rather a jerk when pressed.)
In this case he adjusted his side to try to avoid the issues mentioned. Obviously he cannot change Cloudshare or your ISP (Or Onion) but what he can do to help he has done. Now is a time for testing and reporting any change in the behavior.
That's a scraper site! It's because of these scraper bots stealing data (I assume for training AIs) that organisations like clownflare exist to plague honest users like us. They will find ways around all barriers. We are the ones who end up suffering from their effects.
Support LQ and it's choice of host by simply using an "approved" browser...
OK, I use firefox. That's approved, isn't it? I've never used tor. But I still get served with capchas and other rubbish when I try to help some poor soul with a scripting problem.
OK, I use firefox. That's approved, isn't it? I've never used tor. But I still get served with capchas and other rubbish when I try to help some poor soul with a scripting problem.
Don't worry, be happy. Nothing is perfect (but me).
OK, I use firefox. That's approved, isn't it? I've never used tor. But I still get served with capchas and other rubbish when I try to help some poor soul with a scripting problem.
Okay, so much for my blind shootings in the dark!
Not a fan of Mozilla, so only have chrome (on android tablet) and Vivaldi on pc (Windows/Slackware)... at least using these to access LQ I've never been bothered with logging or captcha issues.
That's quite a narrow selection, isn't it?
Perhaps we could get a list of "approved" browsers? Or better, what exactly is causing the problems?
Post #51 tells about it. That has been my experience. I knew that cloudflare was fingerprinting, and did not like a fake user agent. It likes even less a user agent reporting an operating system different than what one is using. But, not always. It depends on what is between the code tags.
I knew that python with urllib/requests needs to report a browser like request header to access a cloudflare page.
Post #51 explains what is happening quite well. I don't mean to use their product, but what cloudflare is doing and why.
As far as firefox on a linux machine, without a user agent change, without beeing on a tor node, with scripts turned on, no script or add blockers, and it still kicks you out...
I can usually post to LQ, in a web browser with images, scripts, plugins, DnsPrefetch, java, XSS Auditing Enabling, cross site cookies, turned off. And pretending to be an iPhone.
const char* agent = "Mozilla/5.0 (iPhone; CPU iPhone OS 16_2 "
"like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) "
"CriOS/113.0.5359.112 Mobile/15E148 Safari/604.1";
Post #51 tells about it. That has been my experience. I knew that cloudflare was fingerprinting, and did not like a fake user agent. It likes even less a user agent reporting an operating system different than what one is using.
Hm. What kind of security is it? that means faking user agent and os is pointless. Or the browser is not secure enough?
Faking use agent has always been pointless for those web sites that fingerprint you. It can get you a different web page delivered to you from servers that deliver different web page formats depending on what user agent you send.
Different lighter page. Less busy, fewer scripts, lower bandwidth, faster loading. That's the only reason that I do it. Someone like Hazel that has limited bandwidth could benefit from that.
Also, if you are wanting the page source to parse, different agent will get you different source code.
Turning javascript off is better than a particular user agent. But not all web sites will work without it. LQ will.
Since anyone can say anything, I'll take screengrabs.
A little webkit2gtk 2.40.1 browser with images - javascipt on, With a stock webkit2gtk user agent. Browser opened to http://127.0.0.1:8100
Code:
ncat -klp 8100 -v
Ncat: Version 7.93 ( https://nmap.org/ncat )
Ncat: Listening on :::8100
Ncat: Listening on 0.0.0.0:8100
Ncat: Connection from 127.0.0.1.
Ncat: Connection from 127.0.0.1:57288.
GET / HTTP/1.1
Host: 127.0.0.1:8100
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.4 Safari/605.1.15
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Connection: Keep-Alive
Open iftop in a terminal, Clear out the browsers cache, and open newegg.com. https://0x0.st/HN32.png
Ok, this time a qt5-webengine 5.15.13 browser with images - javascipt on. With a mobile user agent. Browser opened to http://127.0.0.1:8100
Code:
ncat -klp 8100 -v
Ncat: Version 7.93 ( https://nmap.org/ncat )
Ncat: Listening on :::8100
Ncat: Listening on 0.0.0.0:8100
Ncat: Connection from 127.0.0.1.
Ncat: Connection from 127.0.0.1:43388.
GET / HTTP/1.1
Host: 127.0.0.1:8100
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/113.0.5359.112 Mobile/15E148 Safari/604.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Open up iftop in terminal again. Clear the browsers cache, then load newegg. https://0x0.st/HN3_.png
10.6MB to load the opening page with the desktop agent, 4.4MB with the mobile agent.
And it's lighter all the way through. What you can't do is navigate all the way to purchase with it. As soon as newegg starts checking you, when you get to the payment page, you are kicked out. You'll need to report a real linux/chrome user agent to make it through payment.
You are good until "they" start examining you. I use it for bandwidth saving and a more enjoyable experience browsing the web.
Quote:
Or the browser is not secure enough?
Different web browser engines get a different response, using the same user agent. Haven't tried them all but, webkit, webengine, gecko, plaemoon, get different responses from the same web site, with the same fake user agent. You can see from the posts above, they report different headers. And you can manipulate that too. The different browser engines definitely interact with a web server differently.
You say more or less secure. They are using different ssl, tls, the way they use session cookies...long subject, and I'm an amateur.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.