Bot or human? Creating an invisible Turing test for the internet

(research.roundtable.ai)

131 points timshell | 1 comments | 25 Jun 25 15:00 UTC | HN request time: 0.208s | source

Show context

lugu ◴[25 Jun 25 21:21 UTC] No.44381949[source]▶

It is late and I am thinking out load. How about a reputation system where users bring proof that other websites haven't found them abusive.

Visit a website that require identification. Generate a random unique identifier in your user agent. Live your life on that site. Download from that site a certificate that prove that your didn't abuse their site. Repeat that a few times.

Visit the site that wants to know if you are an abusive user. Share your certificates. They get to choose if they accept you.

If you abuse that site, it reports the abuse to the other sites that delivered you a certificate. Those sites gets to decide if they revoke their certificate or not.

It is a self policying system that require some level of cooperation. Users make themselves vulnerable to the risk of having sites they like loose trust in them.

replies(6): >>44382023 #>>44382106 #>>44382403 #>>44382406 #>>44383816 #>>44387374 #

driverdan ◴[26 Jun 25 02:50 UTC] No.44383816[source]▶

>>44381949 #

Absolutely not. You should not want a service to do privacy invasive cross site tracking like that.

replies(1): >>44387305 #

1. dadoum ◴[26 Jun 25 13:39 UTC] No.44387305[source]▶

>>44383816 #

There are cryptography primitives allowing you to privately make an intersection of the certificates you have and the providers the site would trust and compute a kind of score while not exposing any of your certificates or which providers trusted you amongst them. (the only thing is that a website could extract the knowledge that one specific provider trusted you if they only trust one, but that could probably be fixed with a better protocol that the one I have in mind).

↑