Hashcash.io recently released a WordPress plugin with a unique method of deterring spammers that forces the user’s browser to solve math before unlocking login, registration and comment forms. The project site hints at a coming soon cash feature wherein users can “Make Bots Work For You.”
This week Hashcash.io creator Pavel Karoukin elaborated on plans to help users make some cash while stopping spammers. The cash feature will combine Dogecoin (an open source cryptocurrency), hashcash.org and the proof-of-work concept.
My idea was to bring what hashcash.org offered for email spam to web applications, i.e. make it slightly expensive for a browser to submit an actual form by calculating proof of work. Except I wanted this proof of work to do something meaningful.
Karoukin first explored the idea of mining bitcoins with browsers but shortly thereafter GPUs took over the task and in-browser mining was no longer an option. “Later a new altcoin was introduced – Litecoin based on scrypt algorithm, which was harder to parallelize on the GPU,” he said. “That’s where I started looking into implementing miner into client-side Javascript.”
Karoukin used emscripten to compile the scrypt version of cpuminer into asm.js code, wrapped it in Web Workers and some API, and Hashcash.io was born. After using it on a few of his websites, he found that “100% of spam and bot-registered accounts were eliminated.”
His concept of making bots work for you is an entirely new take on the problem of combating spam. It’s less about detecting spammers and more akin to the concept of throttling. “The idea is not to differentiate between bots or humans, but rather make posts cost money and time (i.e. wait until it is done.),” Karoukin commented on our recent article. “Think about it as a throttling rather than if () {} else {} thingy.”
The Problem With CAPTCHAs
CAPTCHAs have long been the impenetrable standard for sites that are serious about keeping spammers out, and are still used on many major sites such as Google and Yahoo. Unfortunately, internet users almost universally despise CAPTCHAs, especially reCAPTCHA. Karoukin notes that Google actually uses you to service its own business objectives by manipulating reCAPTCHAs to make you decode street numbers, digitize content for Google Books and the Google News archives.
The Hashcash.io project turns this on its head and aims to saddle the burden of work onto the spammer, instead of actual human users. Karoukin hopes that website owners will one day be able to profit from the spammers that visit their websites:
So the grand vision of this project is to eventually make it possible for a website admin to get paid for each proof-of-work solved on his site. So even if spammers eventually start solving these, at least website admin will get paid. But for this to happen the pool needs to acquire a critical mass of websites using it to successfully generate shares in a reasonable amount of time. Right now this is not possible. And this is another reason there is nothing behind login form – there are no revenue as of now to share with website admins.
The project is still in the very early stages of development and Karoukin is currently working to create painless integration with Drupal, WordPress, Django, and jQuery. Once the project generates a single dogecoin at address DMGQ5Ah5D7FSBL2uKiugwHQneGdugnvZfP, Karoukin will start working on the next phase to include a dashboard and revenue sharing.
Hashcash.io’s unique strategy of tackling comment spam may have a promising future if it is able to reach the critical mass required to make it profitable for website owners. Otherwise, it’s just another unjustifiable inconvenience on login, registration and comment forms.
Karoukin needs more sites using it in order to get there, as well as feedback from developers. Find out more about the WordPress plugin in our recent review where Karoukin expounds on the finer points of the technology in the comments. Do you think the idea of making some cash while stopping spammers is a viable concept?
I tested this plugin and is mostly dead in mobile era. When you try to unblock a form from a smartphone you will need ages to solve the math (more than one minute into my Android dual core smartphone). In short, this plugin stop spammers and good comments aswell.