So, what do folks use as a Google-free (ideally free software) alternative to #reCaptcha these days?

@seanl I think that's a reasonable approach for typical web forms that attract spambots, but in this case we also have to be concerned about malicious users, while still wanting to permit traffic via Tor. So it's a tricky use case where some kind of manual check does seem appropriate.

@saper @eloquence By malicious users do you mean users coding scripts in real time? That could be a case for, as Marcin mentions, hashcash. I like the idea of using a crypto miner to compensate you for cleanup time if someone decides to do it anyway but there isn't an open source one I'm aware of yet, just CoinHive, and it also tends to freak people out.

@seanl @saper Not a huge fan of the current generation of cryptocurrencies tbh (Faircoin and GNU Taler perhaps exempted) - that said, using CPU for something verifiably beneficial does seem like a reasonable way to throttle forms.


@eloquence @seanl that reminds me that I wanted to write auth plugin for to let people in...

Sign in to participate in the conversation

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!