I gave some thought to the click fraud problem tonight. While I agree with Bruce Schneier that pay-per-action is the right solution, a solution is needed now, not years later, and pay-per-view/click model needs to be shored up even if pay-per-action business gets traction.

This is the solution I arrived at using two glasses of red lube ;-):

1. seed each clicker with a cookie to identify the computer.
2. void clicks originating from machines without the cookie.
3. void clicks originating from machines exhibiting suspicious activities detected by offline analysis.

While this solution requires pay-per-click ad vendors (i.e. Google) to cut into their profit for now, I think it's worth implementing in the long run.