Chris's Wiki :: blog/spam/CommentSpamViaTor Commentshttps://utcc.utoronto.ca/~cks/space/blog/spam/CommentSpamViaTor?atomcommentsDWiki2015-01-12T18:10:01ZRecent comments in Chris's Wiki :: blog/spam/CommentSpamViaTor.By Chris Siebenmann on /blog/spam/CommentSpamViaTortag:CSpace:blog/spam/CommentSpamViaTor:3df27e0acdb98d82fd1d61a90c536879307ba215Chris Siebenmann<div class="wikitext"><p>As mentioned, none of the comment spam attempts have succeeded; all of
them have been defeated by <a href="https://utcc.utoronto.ca/~cks/space/blog/spam/CommentSpammerBehaviorIV">various precautions that already trip up
software</a> and have been doing so for years.
Given that I'm already accepting no spam from robots, adding client
side proof of work seems unlikely to do anything besides complicate my
life. Also, I have a long-standing opposition to requiring people to
run JavaScript, partly because <a href="https://utcc.utoronto.ca/~cks/space/blog/web/Firefox29Extensions">I don't</a>.</p>
<p>Client side proof of work is a popular hammer, but my experience is
that it is totally unnecessary if you are already taking your own
server side precautions (such as invisible honeypot form fields).</p>
</div>2015-01-12T18:10:01ZBy Aaron Toponce on /blog/spam/CommentSpamViaTortag:CSpace:blog/spam/CommentSpamViaTor:b2323caf9b72f0caeed66f0ce1d126bb447145fdAaron Toponcehttps://pthree.org<div class="wikitext"><p>As mentioned previously, if you have some way of implementing a client-side proof-of-work for your blog, you'll watch your approved comment spam disappear. Highly recommended.</p>
</div>2015-01-12T17:22:17Z