Cloudflare is working with the makers of Chrome, Edge, and Firefox on a new way for websites to tell whether incoming traffic is legitimate – without resorting to the usual mix of CAPTCHAs, logins, and extra tracking.
The system is called Private Access Control Tokens, or PACT, and it arrives at a time when bots have surpassed human traffic online.
Clearly, they haven’t heard of proof of work.
Ask tor, it helps tremendously.
Hidden services went from being absolutely horribly unreliable to being very reliable.
It only slows down bots. If a bot is willing to do the PoW then it can get right through.
That’s true, but I don’t really truly think bots need to be entirely stopped. I think they need to be more limited so that they can’t just overwhelm a website. And proof of work will do that.
It depends on the site. For a blog PoW is perfect, however if someone like Facebook or YouTube switched to only PoW then the spam would entirely dominate and make the site unusable.
I think that would depend a lot on the amount of servers serving that service.
If you’ve only got one server, then the proof of work is going to ramp up quite quickly because of the fact that it can only serve so many requests at a time. If you have 10,000 servers serving the same website, then the proof of work would ramp up pretty slowly because then you can serve a ton more requests at once before needing to kick the proof of work up. Tor currently has a zero proof of work if the service is not under load at all, and then ramps the proof of work up as the service comes under more requests. My thought would be to not have any point where there’s a zero proof of work and have a minimum proof of work required of one.