1. 14

  2. 4

    I guess the idea is to have this CAPTCHA during sign up or shows up once per k actions where k is relatively large? Otherwise participation becomes a chore…

    If the solution provided by the user gets stored, then one can use this to find all the interesting ways to solve the same problem.

    1. 3

      Wait, but how do you check the answer, static analysis? Otherwise you’d have to run user-supplied code server side, which is introducing a whole host of potential security vulnerabilities.

      1. 2

        Code snippets are run in a lightweight sandbox. For example, for golang.org playground snippets:

        The interesting part is how we safely execute arbitrary user code in a secure environment while still providing core functionality such as time, the network, and the file system.

        To isolate user programs from Google’s infrastructure, the back end runs them under Native Client (or “NaCl”), a technology developed by Google to permit the safe execution of x86 programs inside web browsers. The back end uses a special version of the gc tool chain that generates NaCl executables. [..]

        NaCl limits the amount of CPU and RAM a program may consume, and it prevents programs from accessing the network or file system. This presents a problem, however. Go’s concurrency and networking support are among its key strengths, and access to the file system is vital for many programs. To demonstrate concurrency effectively we need time, and to demonstrate networking and the file system we obviously need a network and a file system.

      2. 2

        Well that’s novel.

        1. 1

          Reminds me of the Hackcha on Kenshoto Invisigoth’s page

          1. 1

            I think someone broke the Haskell sandbox.