Comment by bobbiechen

17 hours ago

Yeah, I had the same question myself. I think that's what you would want to do to make it airtight (plus some amount of rate limiting or flagging for devices that are part of dedicated device farms).

But even if not, there's still value in raising the barrier to entry. For example, you can buy 1000 reCaptcha solves for $1-2 from various captcha-solver services. And yet that $0.001-per-request fee does discourage mass-scale bot attacks.

7 comments

bobbiechen

Hizonner 17 hours ago

... You... think... it would be a good thing.

Don't you...

IshKebab 16 hours ago
I do. It has downsides of course, but what's the alternative at this point?
- Hizonner 14 hours ago
  
  Depends on your specific problem. Usually redesign your system not to need to care if the other end is a bot or not.
  
  3 replies →
- intended 16 hours ago
  
  I suspect that the HN crowd is somehow insulated from the river of crap and fraud that is the internet experience for a majority of the population.