Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Here's an idea: Force registrants to submit a computationally expensive token along with their registration form. Perhaps it's computed with javascript. Users usually spend more than 15 seconds on the form anyways, and spammers will hate to peg their hardware like that.

Any thoughts?



Fun, a number of blog plugins have picked up the hashcash ideas, e.g. http://wordpress.org/extend/plugins/wp-hashcash/.

Add 100ms-of-2011-avg-cpu computation and tie it to the submit button (avoiding any complications interleaving with user activity). So that deals with first-order dumbbots and makes life a little harder for Javscript-executing (but still volume-based) folks. Marry to a bayesian system to handle the third-order mechanical turk-style miscreants.


I see! Interesting. Thanks for sharing this.

For curious people, Wikipedia also has related information: http://en.wikipedia.org/wiki/Proof-of-work_system


Javascript is single-threaded. You'll block the UI, and your real users will spend 15 seconds staring at the <insert your OS's wait cursor here>


There are ways around that. Web workers for browsers that support them and continuation-passing style for those that don't.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: