I think this community is appropriate for this topic, since this solution is being rolled out to combat AI scraping of websites.
I don’t really understand why the collective agreement is “it is better than captchas would be”, when you didn’t need to pass a captcha just to view a website in the first place. Why are people not more pissed off about every website suddenly requiring this laggy, sometimes actually a captcha anyways (checkbox to prove you are human) solution slowing down visits to websites?
And why can’t CloudFlare offer some way for us lowly non-AI’s to prove we’re human, once, for our entire web experience, versus on. every. damned. website. one. at. a. time?
I counted, and I hit this turnstile solution on 28 website visits today, and sometimes more than once on the same site. That’s minutes of my life I don’t get back, and likely hours to days over the course of a year.
There has to be a better way…
/rant
Cloudflare actually does have a way to avoid seeing these, using a zero-knowledge proof backed by a hardware security module (they call it Cloudflare Private Access Tokens). As far as I know, Apple is still the only one who’s implemented it and it only works in Safari on iPhones, iPads, and M-series Macs. Maybe some day other vendors will add support too!
Of course, there are already scrapers that use arrays of real phones to do scraping/app automation, so widespread adoption of PATs would just push more traffic to be proxied through physical devices instead of headless browsers in AWS somewhere…
So that is 3 years old. Did it not actually happen? I hit CF Turnstile on ios as well.