• 5 Posts
  • 1.89K Comments
Joined 1 year ago
cake
Cake day: April 13th, 2024

help-circle






  • Georgia (and probably many other states) already doesn’t have restrictions for 16 and 17 year olds, and the rest of these things are just choices that each business can make on their own. Plus it’s not like the workers are being forced… if they don’t like the conditions they are free to leave.

    I really don’t see why there is such an outrage over giving businesses more choice in how they want to operate. The employees already have the choice to work there or find somewhere else that aligns with what they want.







  • What you’re doing is filtering out bots that can’t be bothered to execute JavaScript. You don’t need to do a computational heavy PoW task to do that.

    Most bots and scrapers from what I’ve seen already are using (headless) full browsers, and hence are executing javascript, so I think anything that slows them down or increases their cost can reduce the traffic they bring.

    Canvas fingerprinting filters out bots better than PoW

    Source? I strongly disagree, and it’s not hard to change your browser characteristics to get a new canvas fingerprint every time, some browsers like firefox even have built-in options for it.




  • Proof of Work is a terrible solution

    Hard disagree, because:

    it assumes computational costs are significant expense for scrapers compared to proxy costs

    The assumption is correct. PoW has been proven to significantly reduce bot traffic… meanwhile the mere existence of residential proxies has exploded the availability of easy bot campaigns.

    Canvas fingerprinting would work.

    Demonstrably false… people already do this with abysmal results. Need to visit a clownflare site? Endless captcha loops. No thanks



  • refalotoLinuxFOSS infrastructure is under attack by AI companies
    link
    fedilink
    arrow-up
    4
    arrow-down
    1
    ·
    edit-2
    10 days ago

    I don’t like the approach of banning nonresidential IPs. I think it’s discriminatory and unfairly blocks out corporate/VPN users and others we might not even be thinking about. I realize there is a bot problem but I wish there was a better solution. Maybe purely proof-of-work solutions will get more popular or something.


  • refalotoProgrammingZero knowledge authentication
    link
    fedilink
    arrow-up
    3
    arrow-down
    2
    ·
    10 days ago

    All you need in order to do this is for the client to encrypt their password before sending it to the server. Often services that advertise “zero knowledge” platforms that use end-to-end encryption will authenticate their users in this way. If this were a website for example, there could be a javascript/wasm library used within the client page that encrypts their password before a login request is sent to the server.