On 9/28/05, Nick Mathewson <nickm@freehaven.net> wrote:
Hashcash is often considered, but commonly dismissed, because it limits identities based on the wrong resource: computers.
A similar scheme would be to make people perform many CAPTCHAs[1] in order to generate a login id. That way the resource is human time and it's difficult to generate lots of them [1]. Abuse from these accounts results in the account being deleted, which makes it costly. (More detail here: http://www.imperialviolet.org/page26.html#e509) The design of the CAPTCHA is actually far more difficult than I imagined because it turns out that the range of ability of people for solving them is very large - but there are several widly used CAPTCHAs which seems to be good for many of people. (Very unscientifically, it seems that computer minded people can solve them but other's have great problems. My mother can't even do the Google CAPTCHA). Although this seems possible it's tough to believe that it's worth doing for Wikipedia because I've already written a small (1500 line) patch for MediaWiki; the design of which was okayed in general by one of the developers. It was intended to make it easier to block and unblock IP ranges (like all Tor nodes) . The patch certainly wasn't perfect but, despite the efforts of several people, I never got any responce from anyone in MediaWiki about it. I don't mind - I've the attention span of a flea anyway. But it's not good for people who might be willing to do this work. AGL [1] http://en.wikipedia.org/wiki/Captcha [2] You could setup a sweatshop to do it, or you could distribute it and make setup a porn website which requires you to solve them to gain entry. Either way - it's quite a lot of effort. See http://www.boingboing.net/2004/01/27/solving_and_creating.html -- Adam Langley agl@imperialviolet.org http://www.imperialviolet.org (+44) (0)7906 332512 PGP: 9113 256A CC0F 71A6 4C84 5087 CDA5 52DF 2CB6 3D60 ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]