-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I think this is a pretty good idea. I see it as something like OAuth, or Facebooks universal login thing, whatever they call it. There may be a problem with it defeating the purpose of Tor though, since you are now trying to track users...
5 hours is far too long though. For people to use it, it would have to be less than a minute, I think. Which is still enough to stop the mass creation of accoutns for spamming. I have some spare time at the moment and need a new project. Might look into this... Cheers Ramo On Tue, Apr 23, 2013 at 09:05:19AM -0000, uru...@tormail.org wrote: > i read the messages about websites making it hard to register for torians. > these guys throw out the wheat with the chaff. > but dont you know to separate wheat from the chaff? > thresh that shit, yo: > > ***Torslap*** > > "Like hashcash but much much worse." > > server gets request from tor exit to register > server sends back with javascript "You've been Torslapped!" > client presses button "Watch me now hey" > client clicks > wait...hash...work it now baby > hash...wait...drivin me crazy > (average 5 hours later) > javascript says "Success. Click to continue" > client sends solution > server verifies and sends captcha to expire after 5 minute > client solves captcha > server opens gate > anon registers > server flags account > > (later) > server gets login from tor exit > database sees flag that means this anon already got slapped > victory. > > (after some abuse tracked to tor exits) > turn up the hate and slap tor noobs harder > > (if sybil gets lose in the flagged accounts) > slap time for all accounts with tor flags (nuclear option) > > Server just need to send javascript hashing page to client with the rule > and verify the answer (cheap!). > > Honest Torians- if pain in the ass is better than censorship than we use > Tor therefore what's another pain in the ass > Troll Torians- you can tie up laptop for five hours hot hashing action or > play your MMORPG but not both. which will they chose? > > Honest Torians- waste of five hours register on wikipedia then spend years > to edit. good tradeoff > Troll Torians- waste five hours for each hydra head before even doing > damage. if caught slapped with 7 hours a hydra. Then 10. Then 13. > > Because the captcha has expiration troll can not hoard hashes. > > Could use the litecoin scrypt hashing algo. sounds like there is now > possible to do gpu hashing for improved efficiency but if trolls don't > have the discipline and dedication to continue attack just when the > free-beer attack vector is blocked from them would they really take the > time to study javascript and improve hash efficiency? > > unlike hashcash that make impossible many kind of massive email jobs that > people perform today torslap would make possible kind of registration jobs > that torians are not able to complete. > > btw did i say i cannot code any of this sorry :( > > _______________________________________________ > tor-talk mailing list > tor-talk@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAEBAgAGBQJRgbpIAAoJEAXQWoW8lug/TXMH/R7sJLDKwU2nrdLmovF2zCMu OVprnIdjN0GHc55DLVaTEM2b0r2Cw0Iy4J6HgzdhHxQmEqs/vkjlT72/69Whs4Ds hbjobk0s3GFFS2AF6J92bhoG7oNIN7eOCO5svLuOQst+fQ+SkPU1Sv0FWjOLe0CV vujcbdPK3if4WO7v4fHc+FN4F4MpzcudL3rIoZdBhnnZRlgKWjXfBLsCZaTUpGHz t+fjpxv9agz3htNNPvcpKtFczdfVNjyVS2IQQCNxdHUrsN9JDiyIhXMAqsX353wm jtBg+YOfswZqdGmV1Pv0fvqtj5n9CEwS9YRCFNCKYMjeZ6bKCy0D+E7X/uUtAfQ= =dUJm -----END PGP SIGNATURE----- _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
