| 1 |
Captcha and email actually won't stop thorough trolls
|
1 |
Captcha and email actually won't stop thorough trolls
|
| 2 |
- 1 recognized captcha pic costs as low as 0.1 cent(paid only for successfully recognized images), so u have to introduce something that cannot be solved by presented services like "captchabot" but still hardly solvable by algorithms
|
2 |
- 1 recognized captcha pic costs as low as 0.1 cent(paid only for successfully recognized images), so u have to introduce something that cannot be solved by presented services like "captchabot" but still hardly solvable by algorithms
|
| 3 |
example: http://lmgtfy.com/?q=captcha+bot
|
3 |
example: http://lmgtfy.com/?q=captcha+bot
|
| 4 |
\n
|
4 |
\n
|
| 5 |
- 1000 emails cost ~ 1-10$, very poor protection actually but it's better than nothing
|
5 |
- 1000 emails cost ~ 1-10$, very poor protection actually but it's better than nothing
|
| 6 |
\n
|
6 |
\n
|
| 7 |
also u have to think about such services as:
|
7 |
also u have to think about such services as:
|
| 8 |
http://lmgtfy.com/?q=email+for+spam
|
8 |
http://lmgtfy.com/?q=email+for+spam
|
| 9 |
\n
|
9 |
\n
|
| 10 |
The last thing I'd recommend to do is a proof of work protection when connection comes from previously not known IP address:
|
10 |
The last thing I'd recommend to do is a proof of work protection when connection comes from previously not known IP address:
|
| 11 |
\n
|
11 |
\n
|
| 12 |
-
delegate
a
client
a
simple
task
that
takes
N
seconds
to
compute(
calculate
hash
that
starts
from
0x00(
N
times
where
N
is
hardness
of
the
task)
|
12 |
-
delegate
a
client
a
simple
task
that
takes
N
seconds
to
compute
-
calculate
hash
that
starts
from
0x00(
N
times)
where
N
is
hardness
of
the
task
|
| 13 |
such task should take 10-15 seconds to compute on an average PC
|
13 |
such task should take 10-15 seconds to compute on an average PC
|
|
|
14 |
\n
|
| 14 |
this helps to protect network from abusing by malicious multi-threaded bots as it requires time(sec) to solve the task * N threads of computational time and fast becomes resource inefficient.
|
15 |
this helps to protect network from abusing by malicious multi-threaded bots as it requires time(sec) to solve the task * N threads of computational time and fast becomes resource inefficient.
|
| 15 |
\n
|
16 |
\n
|
| 16 |
for example to attack network with 100 threads you will need 15 * 100 seconds of computational time - a big deal and very resource hungry
|
17 |
for example to attack network with 100 threads you will need 15 * 100 seconds of computational time - a big deal and very resource hungry
|
| 17 |
+ captcha for each registration
|
18 |
+ captcha for each registration
|
| 18 |
+ new IP for each registration which is not blacklisted, combining with the first requirement of proof of work - good luck to abuse this without investing N amount of money in hardware.
|
19 |
+ new IP for each registration which is not blacklisted, combining with the first requirement of proof of work - good luck to abuse this without investing N amount of money in hardware.
|
| 19 |
\n
|
20 |
\n
|
| 20 |
server can verify proof of work blazing fast for millisecond or less and after this is done IP address can be white-listed for a few hours(days)
|
21 |
server can verify proof of work blazing fast for millisecond or less and after this is done IP address can be white-listed for a few hours(days)
|
Automated PMs