Updated on 2022-10-03
Cloudflare has built a service called Turnstile to enable people to securely bypass CAPTCHAs. For Apple users it’ll be even better, allowing you to automatically bypass CAPTCHAs using iOS 16. Apple made this possible with the iOS 16 release, but it required that sites made changes to get it to work. Cloudflare’s new service lets sites avoid that work by just calling an API—and they don’t even have to be a Cloudflare customer. Hell yeah. Killing CAPTCHA annoyance—well done. If you’re trying to make us forget Kiwi Farms, it’s kind of working. Now do cookie popups. Read more:
- iOS 16 Will Let iPhone Users Bypass CAPTCHAs in Supported Apps and Websites
- iOS 16 Feature for Bypassing CAPTCHAs Will Soon Work With Many More Websites
- Cloudflare Turnstile
Overview
Cloudflare has announced the open beta of Turnstile, an alternative to CAPTCHA. Rather than waste users’ time with frustrating clicking exercises, Turnstile “automatically chooses from a rotating suite of non-intrusive browser challenges based on telemetry and client behavior exhibited during a session.”
Note
- I experimented with Turnstile earlier this week, and it looks intriguing enough to install it in a few cases. I do like the privacy focus. So far, my tests look good and implementation was easy enough.
- This could be a welcome relief from spotting bridges or trying to read letters in font/color combinations I can’t see. Turnstile is built to use the device manufacturer as a source for human operator validation, doesn’t require you to use the Cloudflare a network or even be a customer (just a free account to set it up) to work. It’s using private access tokens, piloted with Apple to prove human operator without giving up privacy information or relying on a browser cookie.
Read more in