Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
nialv7 6 days ago

Obviously the developer of Anubis thinks it is bypassing: https://github.com/TecharoHQ/anubis/issues/978

debugnik 6 days ago | parent [-]

Fair, then I obviously think Xe may have a kinda misguided understanding of their own product. I still stand by the concept I stated above.

rhaps0dy 6 days ago | parent [-]

latest update from Xe:

> After further investigation and communication. This is not a bug. The threat actor group in question installed headless chrome and simply computed the proof of work. I'm just going to submit a default rule that blocks huawei.

scratchyone 6 days ago | parent [-]

this kinda proves the entire project doesn't work if they have to resort to manual IP blocking lol

troyvit 6 days ago | parent | next [-]

It doesn't work for headless chrome, sure. The thing is that often, for threats like this to work they need lots scale, and they need it cheaply because the actors are just throwing a wide net and hoping to catch it. Headless chrome doesn't scale cheaply so by forcing script kiddies to use it you're pricing them out of their own game. For now.

Aachen 5 days ago | parent | prev [-]

Doesn't have to be black or white. You can have a much easier challenge for regular visitors if you block the only (and giant) party that has implemented a solver so far. We can work on both fronts at once...

1gn15 5 days ago | parent [-]

The point is that it isn't "implementing a solver", it's just using a browser and waiting a few seconds.

Aachen 4 days ago | parent [-]

That counts as something that can solve it, yes. Apparently there's now exactly one party in the world that does that (among the annoying scrapers that this mechanism targets). So until there are more...