Open TheNain38 opened 8 years ago
I think POW is not suitable to fight spam. Spammers has lots of CPU/GPU power and it's possible to create an optimized FPGA/GPU program that runs 1000x faster than normal CPUs
use proof of bitcoin balance to put down spam
@icf20 The problem with that is not many people have Bitcoin. Zeronet is very noob friendly so you should not expect many people using it to have Bitcoin or even know how to get it. Also a spammer could have a Bitcoin balance and once it has been detected as spamming they could just launder their Bitcoins and spam again.
@AceLewis it's not a problem for anyone except for people who do not have Bitcoin. They can get bitcoin if they want. It's a small price to pay - pun intended - for the rest of us who prefer not to deal with spam.
Bitcoin are illegal in some country. That's a akward thing to request at core zeronet level. And then, why bitcoin over the others +9000 cryptocurrency ?
Spam problems are site specific and should be mitigated by site owners IMO. Plugin could be created if multiple site owners want to unify a solution to their common problems. It should not be addressed at core level IMHO.
I think pow could partly fix the problem. Because if sending one ZeroMail requires 10secs of gpu computing then even with a very fast gpu that still would be 1sec. So sending 1 million spam mails would requires 1 million seconds of time. Also it requires energy to run a gpu. So it's more like mining bitcoin just with a negative roi.
Scammers will buy GPU if it pay off. It all depend on the ROI of the phishing campain.
What is 10 sec for the average users can 1:30 for a poor guy in 3rd world. It raise the question is equal accessibility is a goal of zeronet?
And agan, should it be part of the core or it should be an independant javascript library that site owner can use if they want ? AFAIK, nothing ATM is preventing someone to write some javascript code that can solve this problem.
It should be a plugin for the core. We could also use existing libs for pow to make it as efficient as possible (to prevent scammers having an advantage if they use native code, etc.)
What is 10 sec for the average users can 1:30 for a poor guy in 3rd world. It raise the question is equal accessibility is a goal of zeronet?
We could adjust pow to a value that everybody is fine with but still makes spamming harder. (At a scale of about 1 million emails even a small pow increase makes it significantly harder)
We could adjust pow to a value that everybody is fine with but still makes spamming harder.
No you cannot, as already explained above. "Harder" is a non factor for the spammer. The cost of generating accounts will always be lower than the utility of spam accounts so ultimately you'd just make it harder to get on the network for normal users.
Instead a plugin model should be used so that users use whatever way they prefer to blacklist or whitelist other users.
Since using JS it would be too slow, and an attacker could always make native code to spam a site and compute a POW much faster than people generate them using JS. And it would allow to have one "right" implementation, instead of having multiple implementations, some which could even be failing to do their job correctly, it would provide a
generatePOW
with a difficulty parameter, and averifyPOW
API commands. It could be added to ZeroMail and to ZeroTalk, it would make spamming much harder.