Hi, yanma...@cock.li writes:
> Now, my idea is this: You set up a public (onion or clearnet) frontend > where you can make and read posts, with its back-end being FMS. … > Frontends would be disposable and dime-a-dozen; a front-end with too To get to this situations, you must make it very, very easy to host them. This might be a major endeavor (but one which would benefit Freenet a lot). … > My idea is that each user posting would get some kind of unique name > (e.g. truncated salted IP hash, or for Tor users a cookie they need to > solve say 20 captchas to get - maybe you could do JS PoW or something > like that). Then the frontend would post with its key but that > name. It would also assign message trust slightly above zero, but no > list trust. > > Do you think this would work? It's a bit ugly taking the IPs, but not > disastrously bad. The server wouldn't need to do any IP banning of > pathological cases. It could carry out basic spam filtering > (e.g. Bayes), but it wouldn't have to. Captchas might be possible to > replace with rate limits. I’m thinking about this as I would an attacker to do. If I did not like your forums, I would simply DoS them by posting from many different IPs. Providing this with an ID just tied to solved captchas via cookies could work. That would then be ephemeral identities. If combined with limited posting rate and limited lifetime (i.e. solve one additional captcha per week so you cannot just collect IDs and then use them all at once without maintenance cost) would prevent using this system to DoS FMS. > Specifically, a user that didn't like this would set list trust of the > master identity to 0. Do you reckon this would happen? Yes, I think this would happen, because one bad apple would spoil the whole identity. But if you would find a way to pre-generate IDs and then assign them to new users (so the standard FMS spam-defense would work), then this idea could work. If the proxy had a main ID which gives trust-list-trust to these IDs, then people could decide whether they want to see the new IDs. Best wishes, Arne -- Unpolitisch sein heißt politisch sein ohne es zu merken
signature.asc
Description: PGP signature