[maemo-developers] How to ensure only HTTP requests from the device can be accepted in a web app?

From: Sivan Greenberg sivan at omniqueue.com
Date: Mon Nov 8 16:26:15 EET 2010
On Mon, Nov 8, 2010 at 3:56 PM, Ian Stirling <maemo at mauve.plus.com> wrote:
> Yeah - seems more sane to apply it on a per-user basis, as a filter at the
> server, unless I'm missing something.

I was just thinking to use some kind of a real detail to make life
easier for the users so they won't have to fight with Captcha's and
thus protecting spam registration to the service in an easier way than
responding to a captcha on the device itself. I wonder if there is
some kind of a detail that cannot be faked by spammers that I could
use as an authenticator.

That is - I do not really require a specific user id, just a way to
prevent spam and bot activity since the service will be used for
statistical data.

-Sivan
>
>
> As simple as go to the firmware download page (with a script) enter the IMEI
> the user supplies, see if it authenticates.

Right, a web scrape hack. Yuck!
More information about the maemo-developers mailing list