-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thu, 8 May 2008, "Evan Daniel" <evanbd at gmail.com> wrote:
{huge snip]
>You might want to upgrade to the latest version of FMS (0.2.14). I
>found a rather relevant bug, which SomeDude has fixed: identities
>were publishing captchas even when they weren't publishing trust
>lists. If you solved one of their captchas, you would be announced to
>them, but not to anyone else. Given the fraction of identities
>publishing trust lists (low), this means that your odds of actually
>getting announced are small, at best. 0.2.14 will not download
>captchas from identities not publishing trust lists, and won't publish
>them if you're not publishing one.
Ok, I'll have a go at the new version. That definitely sounds like a major
improvement. I wonder why there's such a low fraction publishing trust
lists?
>Yes, the captchas are automatically generated on demand; the code is
>in simplecaptcha.cpp. If there was a stock database it wouldn't work,
>as a spammer could just harvest the whole database.
>
>I'm not going to continue my brief attempt to make a different captcha
>system (though I'll keep running my easier version of the same style
>captcha). There are many far more competent people out there working
>on the problem, and the current state of the art appears to be that
>the spammers are winning. There have been some interesting proposals
>recently, eg:
>http://arstechnica.com/news.ars/post/20080423-researchers-stay-step-ahead-
>of-bots-with-image-based-captcha.html
I read that article a few days ago. I'd absoultely hate to see one of
those on a normal internet site but it *might* be useful for something like
FMS.
>My current belief is that captchas are doomed, and some alternate
>system is needed. I have no clue what it is; currently, I think
>hashcash might be the best option, as bad as it is. For now, out of
Hashcash IMO, isn't so bad a solution. I use hashcash tokens whenever I
email through the panta remailer or the panta mail2news gateway and it's
not a problem at all.
I wouldn't mind in the least generating say, a 34 bit hashcash token and
using that to get introduced. According to the token generator I'm using"
http://www.panta-rhei.eu.org/downloads/Hashcash/ a 34 bit token would take
me about 1.5 - 3.5 hours to generate. I would consider exchanging the
visual captchas for hashcash a very worthwhile trade, even at over 7 hours
each to mint 36 bit tokens.
>band introductions are a good thing, though obviously not a complete
>solution -- though I can certainly sympathize with your stubbornness
>:)
The out of band thing also applies to 'proper' darknet ref exchanges. The
problem is that I know *one* person on the planet that runs freenet and
it's an 0.5 node. Given the nature of darknet I wouldn't want to trade
darknet refs with somebody I didn't know and have reason to trust anymore
than I'd want to do it for FMS intros.
- --
My public keys can be found on my freenet site:
SSK at TEx6TiaPeszpV4AFw3ToutDb49EPAgM/mytwocents/63//m2ckey.html
(*NOTE* you must be running freenet 0.5 for this link to be usefull)
and on public keyservers. Key-Id: 0x92769D7E
Fingerprint: 2F07D586C8D4EEA732711338CFEF46E592769D7E
I can be reached either by the NiM form on the freesite or by
Email: m2c AT nym.panta-rhei.eu.org
Frost: MyTwoCents at Z+59LNK9NhMvxewYggENU4Ww50s On the 0.5 Freenet board
-----BEGIN PGP SIGNATURE-----
Version: N/A
iQA/AwUBSCUoop5/ZUtfDwnNEQKuuwCdHgg65rjvm8yiuWPn1SUrCVBxskQAnj/c
x7PRGuKPo0yvKTkbs1bySYn/
=c7K1
-----END PGP SIGNATURE-----
