So using bots as an excuse, everyone will have a money trail to access websites? This sounds almost as bad as having to use a digital ID, age verification, etc... and Cloudflare is involved? If I can spot most of the bots I think they should be able to just block them rather than shaking people down to access a website. Am I misunderstanding this?
Also, "Privacy Pass"? If a person paid for it then it can be traced back to said person by the CDN. There always turns out to be a way to reverse magic math. Or is the cost computation? Computation cost does not affect botters as proven by all the different computation heavy javascript challenges people have tried to deploy. Their threads jump all over the place. Most thread activity stopped in Dec 25, with a couple short threads hanging off that in March and April. I am perfectly fine not accessing any websites that participate in this. Obviously I can't speak for other people on this matter.
I propose the inverse. Block all the bots and require botters to pay for tokens to access bot friendly end-points for websites if those websites opt in with zero privacy for the botters. Make the botters log into CF and pay up front with a credit card to get credits/tokens/whatever. If they get abusive they lose credits. If they are posting and flooding illegal crap to websites they lose all of their credits. If they are posting to multiple accounts on social media to sway politics they lose all their credits no this is not protected speech. Increase the number of tokens spent if the CDN has to make non cache requests back to the origin. Straight up, all bot transactions are on the CDN. No privacy tokens, nothing in regular peoples browsers. Every request from a bot through a CDN needs to have a header that says they are a bot. Site operators that need not deal with bots can pay a small fee for a Cloudflare Bot-Neutralizing Account (New lowest cost tier) or optionally allow low-rate, slow-rate bot access. If a website is getting too many requests they can respond to a bot-header request with 429 too fast to slow the bots down or 444 to outright stop them. Those already paying for a higher tier account in Cloudflare should get the enhanced bot limiting and blocking features.
So using bots as an excuse, everyone will have a money trail to access websites? This sounds almost as bad as having to use a digital ID, age verification, etc... and Cloudflare is involved? If I can spot most of the bots I think they should be able to just block them rather than shaking people down to access a website. Am I misunderstanding this?
Also, "Privacy Pass"? If a person paid for it then it can be traced back to said person by the CDN. There always turns out to be a way to reverse magic math. Or is the cost computation? Computation cost does not affect botters as proven by all the different computation heavy javascript challenges people have tried to deploy. Their threads jump all over the place. Most thread activity stopped in Dec 25, with a couple short threads hanging off that in March and April. I am perfectly fine not accessing any websites that participate in this. Obviously I can't speak for other people on this matter.
I propose the inverse. Block all the bots and require botters to pay for tokens to access bot friendly end-points for websites if those websites opt in with zero privacy for the botters. Make the botters log into CF and pay up front with a credit card to get credits/tokens/whatever. If they get abusive they lose credits. If they are posting and flooding illegal crap to websites they lose all of their credits. If they are posting to multiple accounts on social media to sway politics they lose all their credits no this is not protected speech. Increase the number of tokens spent if the CDN has to make non cache requests back to the origin. Straight up, all bot transactions are on the CDN. No privacy tokens, nothing in regular peoples browsers. Every request from a bot through a CDN needs to have a header that says they are a bot. Site operators that need not deal with bots can pay a small fee for a Cloudflare Bot-Neutralizing Account (New lowest cost tier) or optionally allow low-rate, slow-rate bot access. If a website is getting too many requests they can respond to a bot-header request with 429 too fast to slow the bots down or 444 to outright stop them. Those already paying for a higher tier account in Cloudflare should get the enhanced bot limiting and blocking features.