The problem with proof of work things is that they
kind of have the wrong
kind of scarcity for this problem.
*someone legit wants to edit, takes them hours to be able to. (Which is not
ideal)
Indeed, this isn't ideal, but its better than the current situation, and
at least it is only a one-time thing.
*someone wants to abuse the system, spend a couple
months before hand
generating the work offline, use all at once for thousand strong sock
puppet army. (Which makes the system ineffective at preventing abuse)
I mean, I know we have some crazy socks, but "spend a couple months"
seems to me to indicate a fairly expensive attack. I imagine that
this might be enough of a deterrence. If someone is willing to invest
months of effort to sockpuppet on Wikimedia projects, I don't really
think that there is anything we can do to stop them.
We could probably reduce this risk slightly as well by providing
software that provides a GUI for generating the GPG keys for the
user. This software could impose a high-rate limit on how often
new keys are made. This could be easily worked around by anyone
who knows how to make their own GPG keys, or has access to several
computers, but it would stop a lot of would-be-sockpuppeteers.
Thank you,
Derric Atzrott