Captcha's can detect when you're using connecting from Tor (exit node IPs are public). Most of the time it's not worth solving them since they take forever (thank god Null changed it)
Also if you use Whonix I highly recommend reading their wiki. You might think what they discuss will never apply to you (and you're probably right) but it's better to understand the risks.
Yeah, I guessed as much. There are IP Tables for VPN's so must be as well for Tor.
Null did change the captcha a bit, as I can now log in. It's a much better system whatever he did.
As for Whonix. It's all new to me. But I've already spent 2 x 8 hour days just reading the documentation and the FAQ's and the Wiki.. It's a rabbit hole. I used to be big on security before and people called me paranoid. But shit I just read after catching up has fucking horrified me. All that stuff is sourced so I know it's not made up. I get that a lot of it is proof of concept and not so likely to be seen in the wild, but still, shit like Session Replay is enough to make anyone shit their pants.
So as someone that was previously very security focused, I could understand a lot of what they are saying. I dropped out of the game for a while, because, reasons. But rust never sleeps. Basically anyone that uses the clearnet is wide fucking open. It only takes two or more top level domains sharing info and basically 90 percent of all people that use the internet are totally fucked. The only reason this hasn't come to light is because the people using the tech and taking names and making lists don't want the average person to know how much under surveillance they are. There's a big fucking database being made up of ALL users of the internet. What sites they visited, what time, how long. It will be fucking horrific when it drops. But it won't drop. It can't. It would cause too much chaos. It's far more convenient and expedient and in the interests of the people that have this information to keep it 'secret' and just keep sharing it among themselves, at a small price of course.
This day was always going to come. They talked about 'Mastering the internet' years back. That has been achieved now. But the big fucking problem with it all is how much commercial interests have come up to par and even overtaken governmental interests. Now you don't just have your government spying on you, you have every single fucking corporation who has a web presence (Pro tip: they all do!) and what is worst of all to consider is that they collate all this information and share it.
This is such a massive bomb to drop, it can't ever get out. But it's already fucking happened.
I took a long break from computer security. But my deepest fears from a decade or more ago have come about. I'm not a big wig. Not a mover or shaker. Just some bod that took an interest in this stuff. My early interests were in reverse engineering, decompilation, disassembly, and that is what led me down this path of wider net security.
Also if you use Whonix I highly recommend reading their wiki. You might think what they discuss will never apply to you (and you're probably right) but it's better to understand the risks.
That's a big 10-4 from me, good buddy!
