From a9f7877d8e21abe29c9d2a9a18efee81350f1790 Mon Sep 17 00:00:00 2001 From: humanacollaborator Date: Sat, 6 Mar 2021 15:36:06 -0500 Subject: [PATCH] improve formatting --- gitlab-dot-com.md | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/gitlab-dot-com.md b/gitlab-dot-com.md index f6edef1..fd67ecc 100644 --- a/gitlab-dot-com.md +++ b/gitlab-dot-com.md @@ -89,6 +89,7 @@ consequently [FSF criteria C3][fsfCriteria] is unmet. gitlab.com, so they have a hand in the oppression of their own contributors). +----- Regarding the last item above, a user was simply trying to edit an existing message that they had already posted and a CAPTCHA was forced on them. There are several problems with gitlab.com's rampant abuse @@ -103,12 +104,12 @@ of CAPTCHAs: work for humans. The fruits of the human labor does not go to the laborer, but instead hCAPTCHA [pays][cfpaid] CloudFlare a cash reward. Consequently the laborers benefit their oppressor. -1. CAPTCHAs are defeated. Spammers find it economical to use - third-world sweat shop labor for CAPTCHAs while legitimate users - have this burden of dealing with CAPTCHAs that are often broken. -1. hCAPTCHAs compromise security as a consequence of surveillance - capitalism that entails collection of IP address and browser - print. +1. CAPTCHAs are defeated. Spammers find it economical to use + third-world sweat shop labor for CAPTCHAs while legitimate users + have this burden of dealing with CAPTCHAs that are often broken. +1. hCAPTCHAs compromise security as a consequence of surveillance + capitalism that entails collection of IP address and browser + print. * anonymity is [compromised][grcDenanymises] (the article covers reCAPTCHA but hCAPTCHA is vulnerable for the same reasons). * the third-party javascript that hCAPTCHA executes could linger @@ -163,9 +164,10 @@ of CAPTCHAs: -1. Users are forced to execute [non-free javascript][nonfreejs], - thus violating [FSF criteria C0.0][fsfCriteria]. -1. The CAPTCHA requires a GUI, thus denying service to users of text-based clients including the `git` command. +1. Users are forced to execute [non-free javascript][nonfreejs], thus + violating [FSF criteria C0.0][fsfCriteria]. +1. The CAPTCHA requires a GUI, thus denying service to users of + text-based clients including the `git` command. 1. The CAPTCHAs are often broken. This amounts to a denial of service: * E.g.1: the CAPTCHA server itself refuses to give the puzzle saying there is too much activity. * E.g.2: gitlab.com has switched back and forth between Google's reCAPTCHA and hCAPTCHA (by *Intuition Machines, Inc.*) but at the moment they've settled on hCAPTCHA. Both have broken and both default to access denial in that event: