-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 8 May 2008, "Evan Daniel" <evanbd at gmail.com> wrote:
{huge snip] >You might want to upgrade to the latest version of FMS (0.2.14). I >found a rather relevant bug, which SomeDude has fixed: identities >were publishing captchas even when they weren't publishing trust >lists. If you solved one of their captchas, you would be announced to >them, but not to anyone else. Given the fraction of identities >publishing trust lists (low), this means that your odds of actually >getting announced are small, at best. 0.2.14 will not download >captchas from identities not publishing trust lists, and won't publish >them if you're not publishing one. Ok, I'll have a go at the new version. That definitely sounds like a major improvement. I wonder why there's such a low fraction publishing trust lists? >Yes, the captchas are automatically generated on demand; the code is >in simplecaptcha.cpp. If there was a stock database it wouldn't work, >as a spammer could just harvest the whole database. > >I'm not going to continue my brief attempt to make a different captcha >system (though I'll keep running my easier version of the same style >captcha). There are many far more competent people out there working >on the problem, and the current state of the art appears to be that >the spammers are winning. There have been some interesting proposals >recently, eg: >http://arstechnica.com/news.ars/post/20080423-researchers-stay-step-ahead- >of-bots-with-image-based-captcha.html I read that article a few days ago. I'd absoultely hate to see one of those on a normal internet site but it *might* be useful for something like FMS. >My current belief is that captchas are doomed, and some alternate >system is needed. I have no clue what it is; currently, I think >hashcash might be the best option, as bad as it is. For now, out of Hashcash IMO, isn't so bad a solution. I use hashcash tokens whenever I email through the panta remailer or the panta mail2news gateway and it's not a problem at all. I wouldn't mind in the least generating say, a 34 bit hashcash token and using that to get introduced. According to the token generator I'm using" http://www.panta-rhei.eu.org/downloads/Hashcash/ a 34 bit token would take me about 1.5 - 3.5 hours to generate. I would consider exchanging the visual captchas for hashcash a very worthwhile trade, even at over 7 hours each to mint 36 bit tokens. >band introductions are a good thing, though obviously not a complete >solution -- though I can certainly sympathize with your stubbornness >:) The out of band thing also applies to 'proper' darknet ref exchanges. The problem is that I know *one* person on the planet that runs freenet and it's an 0.5 node. Given the nature of darknet I wouldn't want to trade darknet refs with somebody I didn't know and have reason to trust anymore than I'd want to do it for FMS intros. - -- My public keys can be found on my freenet site: SSK at TEx6TiaPeszpV4AFw3ToutDb49EPAgM/mytwocents/63//m2ckey.html (*NOTE* you must be running freenet 0.5 for this link to be usefull) and on public keyservers. Key-Id: 0x92769D7E Fingerprint: 2F07D586C8D4EEA732711338CFEF46E592769D7E I can be reached either by the NiM form on the freesite or by Email: m2c AT nym.panta-rhei.eu.org Frost: MyTwoCents at Z+59LNK9NhMvxewYggENU4Ww50s On the 0.5 Freenet board -----BEGIN PGP SIGNATURE----- Version: N/A iQA/AwUBSCUoop5/ZUtfDwnNEQKuuwCdHgg65rjvm8yiuWPn1SUrCVBxskQAnj/c x7PRGuKPo0yvKTkbs1bySYn/ =c7K1 -----END PGP SIGNATURE-----