CloudFlare: 94 Percent of Tor Traffic Is Automated or Malicious
▻http://news.softpedia.com/news/cloudflare-94-percent-of-tor-traffic-is-automated-or-malicious-50241
“Based on data across the CloudFlare network, 94% of requests that we see across the Tor network are per se malicious,” CloudFlare wrote yesterday. “That doesn’t mean they are visiting controversial content, but instead that they are automated requests designed to harm our customers.”
This includes a large amount of comment spam, requests from vulnerability scanners, ad click fraud, content scraping, and login scanning.
CloudFlare admits that it does track and mark Tor exit node IP addresses and it also assigns them higher threat scores. Because the Tor Browser includes user anti-fingerprinting protection, and because CloudFlare says that it respects the project’s goal of providing anonymity to its users, it has no alternative than to show CAPTCHAs to users coming from a Tor-based IP.
[...]
Additionally, CloudFlare also wants the Tor Project to start using SHA256 for generating .onion addresses. More of its clients could thus create .onion versions for their legitimate sites, where they could redirect Tor traffic and where CloudFlare wouldn’t have to display its CAPTCHAs, which in recent weeks have been failing at an astonishing high rate.