Jump to content

Web Browser + Proxomitron Reborn + PtronGUI --- A How-To Guide


Recommended Posts


Here's what JJoe has posted over at TUOPF when the raybuck site came up -

So far, I must have the Proxomitron in bypass mode to get past the cloudflare captcha.
Once my browsers 'see' the site 'direct', they move to http2, brotli compression, or maybe some other form of transmission that the Proxomitron can't filter for some of the files, which reduces filtering drastically. If I force things back to The Proxomitron, I'm back to the captcha. I haven't had the time or desire to figure this out yet.

I kinda need to wait for JJoe on this one but I'll keep digging as part of my learning curve.

Link to comment
Share on other sites

Basically from what has been gathered thus far, these Cloudfare captcha's are being encountered because Proxomtron blocks several browser "fingerprints" and the Cloudfare servers don't know "who or what" we are so they force a captcha.

So those of you that bend over backwards to prevent your browser's "fingerprint", visit one of those three web sites listed above - if you can access them without having to solve a "captcha", then you have not prevented your browser's "fingerprint" and that Cloudfare server basically knows "who" you are.  Maybe not you out of 3 million.  But they do have you narrowed down to a few thousand.

Edited by NotHereToPlayGames
Link to comment
Share on other sites

7 hours ago, Ben Markson said:

Could anyone confirm that going to https://support.cloudflare.com triggers Cloudflare's "We are checking your browser..." protection?

For me this happens if I have Proxomitron set to intercept SSL traffic whereas if I have it disabled then there is no challenge and I arrive on the support page. Toggling off the various filters makes no difference.

Yup, same here.

6 hours ago, NotHereToPlayGames said:

So far, I must have the Proxomitron in bypass mode to get past the cloudflare captcha.

I use the hCaptcha accessibility cookie to skip pecking at images. Needs e-mail to get it once, then just bookmark the link they send you and use it to renew the cookie (it expires each day).

Link to comment
Share on other sites

2 hours ago, NotHereToPlayGames said:

Basically from what has been gathered thus far, these Cloudfare captcha's are being encountered because Proxomtron blocks several browser "fingerprints" and the Cloudfare servers don't know "who or what" we are so they force a captcha.

So, to preserve CloudFlare's security model I have to compromise my security. Gee thanks. Perhaps Proxomitron could eventually broadcast either a generic fingerprint, or a randomly changing fingerprint.

1 hour ago, RainyShadow said:

I use the hCaptcha accessibility cookie to skip pecking at images. Needs e-mail to get it once, then just bookmark the link they send you and use it to renew the cookie (it expires each day).

I don't like cookie solutions. I routinely remove all cookies and always remove them on browser exit. Still, the cookie thing is interesting. Proxomitron can spoof cookies on the fly. What does one of these hCaptcha accessibility cookies look like? A Proxomitron cookie need never expire. :D

Ben.
 

Link to comment
Share on other sites

27 minutes ago, Ben Markson said:

So, to preserve CloudFlare's security model I have to compromise my security. Gee thanks. Perhaps Proxomitron could eventually broadcast either a generic fingerprint, or a randomly changing fingerprint.

I don't like cookie solutions. I routinely remove all cookies and always remove them on browser exit. Still, the cookie thing is interesting. Proxomitron can spoof cookies on the fly. What does one of these hCaptcha accessibility cookies look like? A Proxomitron cookie need never expire. :D

Ben.
 

Bingo!

I've asked the "fake fingerprint" question over at TUOPF.  I'm hoping that JJoe or amy might have some insight.

Link to comment
Share on other sites

From the reading/research I've done thus far, if you have ever, in your entire life, solved a "captcha" (grid of pics where you select certain images) to access any web page, then your "fingerprint" is on file forever.

Which kinda tells me it's "too late" for any of us to try to prevent our computer from being "fingerprinted", because it already has been fingerprinted.

I still hope that us Proxomitron users can find a way to "fake" our 'fingerprint'.

Edited by NotHereToPlayGames
Link to comment
Share on other sites

5 hours ago, NotHereToPlayGames said:

it's "too late" for any of us to try to prevent our computer from being "fingerprinted", because it already has been fingerprinted.

Not the case with Dixel's starter . It generates a new hardware ID and fake fingerprint each time your start your browser . I don't know about the one he gave you (which version) , but should also be doing the same thing . If not , there's a newer one. Try visit such websites and see what happens . I always get a captcha if I turn the advanced privacy setting on in the starter , and even if I solve that captcha , it asks me again because it can't make a proper fingerprint . As far as I know , from what he told me , they fingerprint you by your videocard first . And then by your driver , CPU , RAM size , system and vendor . All that should match with what the browser reports . No matches : captcha again . 

Link to comment
Share on other sites

I don't , I just ignore such websites. They can go and screw themselves . Less money for them , it's as simple as that. In the end , what's their goal ? To sell goods or to track us ?

And again , not a problem for the Dixel's starter (can change your fake ID with a given interval or not change at all , just allow to generate it once). 

Link to comment
Share on other sites

3 hours ago, NotHereToPlayGames said:

No offense.  But until Dixel makes his "starter" PUBLIC and NOT by "invitation only", then I really don't give a rat's butt what it does!

Again, "no offense".  "To each their own."

What does it have to do with "offence" ? It seems you mention this word pretty often . It's just a talk , a casual talk. You have your right to disagree . But facts are facts . If many people have it , the chance of it being reverse engineered by google is higher and higher . What good would it be then ? Do what you please , I'm fine with it . Just tried to explain about the fingerprinting.

Link to comment
Share on other sites

54 minutes ago, D.Draker said:

the chance of it being reverse engineered by google is higher and higher

That's just ludicrous, plain and simple.  Undo paranoia.  "To each their own."

Google doesn't care!  Period!  And to think otherwise is kind of a false ego on one's own "project".

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.


×
×
  • Create New...