[stevewatson301]

That would just DRMize the web with a few select browsers being allowed to access content and the rest being left to dust.

[endisneigh]

Not really - how could it be worse than the status quo? Worse case you could use turnstile, no?

[stevewatson301]

Cloudflare’s scheme with PATs is essentially a form of attestation, which, realistically, will only be implemented by Microsoft, Apple and Google, and if you’re a Linux or BSD user which isn’t integrated with a device manufacturer, you’d just have no other choice.

This is an unpopular opinion, but Recaptcha has never had this problem. I might face a few more captcha image screens to solve, but what’s being proposed with PATs is dangerous.

[mwcampbell]

Ask a deaf-blind person which solution they think is less bad.

[r1ch]

Companies will realize the majority of abuse comes from humans completing CAPTCHAs and little to none from TPM attestations. It's then a small leap to only trust TPMs and lock everyone else out. After all, every genuine user has an OS that requires a TPM.