The Okopipi Project

Open question:

What will Okopipi do with captchas?

[ http://en.wikipedia.org/wiki/Captcha ]

I don't think it'll take spammers long to start using them once you start submitting fake forms on a regular basis.

Arguing the nuances of your favourite programming language is fine, but a MUCH bigger problem is code distribution.

Unless every single scrap of code is signed and verified then spammers will be able to inject malware into the system. The slightest bug or flaw could gring down the entire system or even convert all the users into spammers(!)

What mechanisms are in place to avoid this? How do you propose to securely get the initial "bootstrap" program onto users machines?

Asking users to verify the signature of a downloaded program isn't enough because:

a) A spammer can buy up misspelled/lookalike certificates and many users will be fooled by them.

Open question...

What can be done about the spam which says "This stock is red-hot/about to explode/skyrocket".

There's no web site, nothing to attack. They're just relying on people being stupid enough to buy overpriced sticks.

Can anything be done?

"This program requires another 20Mb download, a whole shedload of diskspace to install and will eat up 128Mb of RAM" is NOT acceptable for this project.

Say no to any kind of runtime engines - unless you like living in a nightmare of failed installations, big downloads, bloat, ugly programs, hacks to get at low level system functions, etc. Java and C# shouldn't even be on the list of candidate languages.

Small, lean, efficient. That should be goal #1. People who say otherwise are just daydreaming hippies who never wrote a real program or one which had to be installed on millions of machines.