There’s heavy, and then there’s heavy. I don’t have any experience dealing with threats like this myself, so I can’t comment on what’s most common, but we’re talking about potentially millions of times more resources for the attacker than the defender here.
There is a lot of AI hype and AI anti-hype right now, that’s true.
I don’t think is millions. Take into account that a ddos attacker is not going to execute JavaScript code, at least not any competent one, so they are not going to run the PoW.
In fact the unsolicited and unwarned PoW does not provide more protection than a captcha again ddos.
The mitigation comes from the smaller and easier requests response by the server, so the number of requests to saturate the service must increase. How much? Depending how demanding the “real” website would be in comparison.
I doubt the answer is millions. And they would achieve the exact same result with a captcha without running literal malware on the clients.
There’s heavy, and then there’s heavy. I don’t have any experience dealing with threats like this myself, so I can’t comment on what’s most common, but we’re talking about potentially millions of times more resources for the attacker than the defender here.
There is a lot of AI hype and AI anti-hype right now, that’s true.
I don’t think is millions. Take into account that a ddos attacker is not going to execute JavaScript code, at least not any competent one, so they are not going to run the PoW.
In fact the unsolicited and unwarned PoW does not provide more protection than a captcha again ddos.
The mitigation comes from the smaller and easier requests response by the server, so the number of requests to saturate the service must increase. How much? Depending how demanding the “real” website would be in comparison. I doubt the answer is millions. And they would achieve the exact same result with a captcha without running literal malware on the clients.