[18628] in cryptography@c2.net mail archive
Re: Pseudonymity for tor: nym-0.1 (fwd)
daemon@ATHENA.MIT.EDU (Bill Frantz)
Fri Oct 7 00:15:26 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Thu, 6 Oct 2005 19:53:55 -0700
From: Bill Frantz <frantz@pwpconsult.com>
To: cryptography@metzdowd.com
In-Reply-To: <TheMailAgent.6b83ab121cc4626@13b29a6671c288d07a4>
On 10/5/05, alserkli@inbox.ru (Alexander Klimov) wrote:
>Since the problem we are trying to solve is to prevent '''automated''' [1]
>vandalism, I guess the only solution is to use some Turing-test
>system, for example, recognition of the number on an image. In fact,
>this test only needed on the user registration form and for edit by
>non-registered user.
This solution is subject to a rather interesting attack, which to my
knowledge has not yet been named, although it is occasionally used
against web sites which have a Turing test in their registration. Say
you want to automatically register a number of identities. You set up a
porn site, and advertise, "Answer this question and see some porn." Of
course, the question comes from the target registration page. You get
lots of people who can pass the Turing test to help you.
Cheers - Bill
---------------------------------------------------------------------
Bill Frantz | The first thing you need | Periwinkle=20
(408)356-8506 | when using a perimeter | 16345 Englewood Ave
www.pwpconsult.com | defense is a perimeter. | Los Gatos, CA 95032
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
