Well I can vouch for seeing a good number of captcha's daily. They are not fun, but degrading security to eliminate them is not the way to go either.
There are good arguments in that ticket for serving CAPTCHAs more selectively. Also, as I understand it, CloudFlare will be giving its customers more flexibility in choosing how to handle Tor users.
https://motherboard.vice.com/read/tor-captchas https://github.com/cloudflare/challenge-bypass-specification https://github.com/cloudflare/chall...on/blob/master/captcha-bypass-formal-spec.txt
That seems reasonable. As long as those signatures are truly unlinkable. Which seems like a lot to accept on trust. I mean, how would someone demonstrate that they are linkable, or not?