Content-type: text/html Downes.ca ~ Stephen's Web ~ CAPTCHA successor Privacy Pass has no easy answers for online abuse

Stephen Downes

Knowledge, Learning, Community

All web sites that accept input need to protect themselves against bots and spam. That's just a sad reality. A variety of methods are at work behind the scenes, powered by companies like Aksimet, and these work well for low-value targets. Beyond that is the hated captcha system, a "widely loathed and unreliable system... that depends extensively on invasive tracking." A new proposal, Privacy Pass (eg. from Cloudflare, extensions), was published by the IETF. The idea is that a site grants a token to a visitor it deems reliable, and these tokens can be recognized at other sides. Sounds great, but as the authors of this report argue, it's a system ripe for abuse. "Our vision of an open Web means that restrictions on participation cannot be imposed lightly. "

Today: 0 Total: 23 [Direct link] [Share]


Stephen Downes Stephen Downes, Casselman, Canada
stephen@downes.ca

Copyright 2024
Last Updated: Dec 22, 2024 12:10 a.m.

Canadian Flag Creative Commons License.

Force:yes