• shortwavesurfer@monero.town
    link
    fedilink
    English
    arrow-up
    36
    arrow-down
    13
    ·
    edit-2
    9 months ago

    A PoW could limit bots too. Require say 30 seconds of work before your registration submits. For regular users that isnt to bad. For bots its a PITA to get tons of accounts

    Edit: tor uses PoW as DDOS protection and its helped massively

      • Gork@lemm.ee
        link
        fedilink
        arrow-up
        44
        ·
        9 months ago

        That will also keep away bots.

        You can only sign up if you’ve taken at least one Prisoner of War. Bots can’t take prisoners of war for obvious reasons.

        Kinda like how Aztec boys came into age in their society.

          • RobotToaster@mander.xyz
            link
            fedilink
            arrow-up
            28
            arrow-down
            4
            ·
            edit-2
            9 months ago

            It was the original purpose of the bitcoin algorithm to limit spam.

            If you have to do a lot of maths that takes your computer (for example) 30 seconds, that means it costs 30 seconds of compute to create an account. Nothing to an average user, for a spammer that wants thousands of accounts it gets expensive.

            Several captcha[0] libraries already use this and it’s great for accessibility (normal captchas are terrible for it)

            [0] I know, it’s not technically a captcha.

            • pedroapero@lemmy.ml
              link
              fedilink
              arrow-up
              5
              arrow-down
              1
              ·
              9 months ago

              Pow does not limit spam in bitcoin. Fees do. Pow is used as a decentralized election mecanism to distribute the block production.

              • null@slrpnk.net
                link
                fedilink
                arrow-up
                8
                arrow-down
                2
                ·
                9 months ago

                He explained why it is, so can you elaborate on why it’s not?

                • just_another_person@lemmy.world
                  link
                  fedilink
                  arrow-up
                  4
                  arrow-down
                  4
                  ·
                  edit-2
                  9 months ago

                  Because it’s not. I can spin any number of emulators or VMs that do any amount of work with a simple script, but that’s all it does. How does it prove I’m anything but a scripted, virtual instance of a person with a device?

                  There’s a reason why Telegram is flooded with bots, Signal as of now has not been.

                  • null@slrpnk.net
                    link
                    fedilink
                    arrow-up
                    9
                    arrow-down
                    1
                    ·
                    edit-2
                    9 months ago

                    It’s a time and resource gate, not a way to prove that you’re a human.

                    Also doesn’t Telegram require a phone number too?

                  • GustavoFring@lemmy.world
                    link
                    fedilink
                    arrow-up
                    9
                    arrow-down
                    2
                    ·
                    9 months ago

                    Sure, if you had unlimited gpus with unlimited electricity then it wouldn’t keep you from spinning up unlimited bots

                  • RobotToaster@mander.xyz
                    link
                    fedilink
                    arrow-up
                    3
                    ·
                    9 months ago

                    Bots can buy phone numbers, hell, they can solve most captchas better than humans.

                    There’s a reason why Telegram is flooded with bots, Signal as of now has not been.

                    Telegram requires a phone number, so it clearly isn’t working.

          • shortwavesurfer@monero.town
            link
            fedilink
            English
            arrow-up
            14
            arrow-down
            1
            ·
            9 months ago

            For each account you register, you have to do 30 seconds worth of work. So to register one account, you do 30 seconds worth of work. To register 100 accounts, you do 100*30 or 3000 seconds (50 minutes) worth of work. Registering tens of thousands of accounts then becomes unfeasible.

              • Amju Wolf@pawb.social
                link
                fedilink
                arrow-up
                15
                ·
                9 months ago

                Anything that can compute can do it. The important part is that it has an associated non-insignificant cost.

                • just_another_person@lemmy.world
                  link
                  fedilink
                  arrow-up
                  1
                  arrow-down
                  14
                  ·
                  9 months ago

                  Exactly! ANYTHING THAT CAN COMPUTE CAN DO IT. Few things have a uniquely identifying piece of information with other levels that are barriers to entry…like a phone number. The idea is to STOP bots from signing up to Signal.

                  Are you missing the point maybe?

                  • pixelscript@lemmy.ml
                    link
                    fedilink
                    English
                    arrow-up
                    11
                    ·
                    9 months ago

                    It stops bot FARMS from being feasible.

                    If preventing Jimmy Bumfuck from spinning up a couple sock puppets is your fear, yeah, PoW systems don’t help. But those are rarely the problem.

                    For a phishing scam or astroturf operation to be worth it, you need tens of thousands of accounts all running the same script. Those get filtered hard by PoW systems.

                    Phone validation works just as well, and stops Jimmy Bumfuck from making sock accounts. But now every user must be stapled to a phone number. Maybe that’s a worthwhile trade to you, but it sure doesn’t seem to be to everyone replying to you.

                  • ddh@lemmy.sdf.org
                    link
                    fedilink
                    English
                    arrow-up
                    10
                    arrow-down
                    1
                    ·
                    9 months ago

                    It makes bots more expensive to create, therefore fewer will be created.

                  • admiralteal@kbin.social
                    link
                    fedilink
                    arrow-up
                    7
                    ·
                    edit-2
                    9 months ago

                    Nah bro, you are.

                    It’s ALSO possible to generate virtual phone numbers for a small cost.

                    Using a cryptographic PoW is a different small cost.

                    Either way, it only takes a small cost to prevent mass bot registration.

                    You’re treating processing power and time as if it is 100% free just because it can be done in a VM. But it doesn’t matter if it is a VM. It is still going to require at least some certain threshold of processor time, and that processor time has a real cost. For the kind of place that can just spin up thousands of VMs and use it to do massive bot registration… they could just be mining bitcoins instead.

                    It’s not just whether you can do this. It’s how much value it has vs what ELSE you could be doing with the time and energy. A Signal account is already worth vanishingly little as a spam tool, they just need to give it enough of a cost to make it not worthwhile.