top | item 33096759

(no title)

When a selenium worker is attached to a pay-for-solution captcha service the infinite loop of captchas that can be solved but don't provide access would be meant to drain you financially. You uncovered a pretty sweet (dark) pattern implemented by Cloudflare to screw bot owners.

This is just #2 and #3 combined.

It sounds like this is working as intended and also wastes your time with un-passable captchas instead of you spending more time trying to figure out how to get around their bot protection.

Another observation here is that you really shouldn't be hacking some scripts on top of your bank login. The banks know this and they are trying everything possible to dissuade you from doing this.

discuss

aasasd|3 years ago

> you really shouldn't

Huh, apparently ‘the war on general computation’, of which Cory Doctorow spoke, won't necessarily be led by Disney and such corporations, but also by people denying others the right to automate the workings of the GUI on one's machine.

(Coincidentally, this practice might also preclude the operation of aeleveny tools—again, as Doctorow noted, ‘there is no known general-purpose computer that can execute all the programs except the naughty ones’. It might be fun to see the faces of the ‘you shouldn't’ folks when they're asked why less-able clients can't use their websites.)

netsectoday|3 years ago

> you really shouldn't be hacking some scripts on top of your bank login

You can hack whatever you want, but from a SECURITY perspective this is horrible and the banks know this. There are secure ways to store credentials for scripts but most people will just hard-code the values or stick them in unencrypted ENV vars. Also, who's fault is it when the bank updates their website and the selenium script does something horribly wrong? Tell me more about Disney...