[tor-talk] Tor and Google error / CAPTCHAs.

Alec Muffett alec.muffett at gmail.com
Wed Oct 5 12:11:20 UTC 2016


Mirimir: Generally I like your suggestions, they are thoughtful, and I
think you're shooting in the right direction.

A few observations:

a) I like the idea of Google giving you "one free search" and from that
trying to determine whether you are an "asshole" after which it lightens up
with the oppression; the challenge here is that "one free search" is easily
exploitable by the "League of Assholes" who will create a vast army of
"apparently-noob-non-assholes" and aggregate across their free searches in
order to perform the scraping/searching/spamming that they desire.  (Yes,
even search results are interesting to scrapers, eg: using the Google cache
to mine e-mail addresses from some third-party website which provides open
access to GoogleBot but not to normal people.)

b) I am not familiar with Wilders (?) but it sounds quite intensively
moderated, something that perhaps Reddit also pulls off to some extent.
Communities can be self-policing (see also Wikipedia) but not all
communities offer a value proposition where self-policing would be a
complete solution, eg: I feel that Reddit is far less family-friendly than
FB.  Also, at FB-like scale, self-policing would be really challenging.

c) Further, "graduated access", where the tuple of {you + the means which
you use to access the site} gaining privilege by being a good community
member?  That's great, though it is open to "identity farming" and "what
happens if/when community members who validate the new members, themselves
go rogue?" - "quis custodiet?", and all that stuff.

d) Finally, to get technical, I like these ideas but I see the challenges
of convincing social networks to implement the code to support such
graduated access, and to factor in the use of Proxy Networks such as Tor,
will require greater awareness of how to address issues b) and c) above,
plus for Tor to be popular enough that folk consider it worthwhile to
address in this way.

This all strikes me as a massive bootstrap challenge.  Not impossible, but
hard and long-term.

    -a

-- 
http://dropsafe.crypticide.com/aboutalecm


More information about the tor-talk mailing list