[miki123211]

PoW doesn't fix anything if you have an army of zombie CCTV cameras and smart fridges at your disposal.

It's either proof-of-humanity (increasingly hard to get in this day and age, particularly if accessibility is a concern), proof odf identity (even worse) or proof of system integrity, which is the least bad out of all the terrible options.

[gspr]

Why wouldn't PoW help? If it's tuned so that each device in that army takes 10 seconds instead of 10 milliseconds to make a request, have you not slowed the army down by a factor 1000?

[nine_k]

You just need 1000x more zombie fridges, which may be still acceptable for some bad actors.

[gspr]

Sure. But this is kind of vacuously true for any real world DoS scenario. It's like saying "sure, your new weapons system might wipe out 999 out of every 1000 of the enemy's forces, but what does it matter, they can just scale up by a factor 1000 and we're back where we started".

Anything that amplifies the cost and effort required by the adversary by several orders of magnitude is worthwhile discussing.

[denysvitali]

But more expensive (to get). At the same time, the PoW would require more compute power do the same device will still be capped at the same rps

[Catloafdev]

Then every normal user has to take 10 seconds as well, which is an awful experience.

[gspr]

Presumably most users visit the site with more compute-capable devices than a fridge. But I do agree that it's sad that such an approach artificially worsens the internet experience for people on older/weaker devices. On the other hand, Cloudflare's Turnstile also significantly weakens the experience for everyone.