Pulse of Truth

648 readers

584 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 1 year ago

MODERATORS

[email protected]

128

AI haters build tarpits to trap and trick AI scrapers that ignore robots.txt (arstechnica.com)

submitted 2 days ago by [email protected] to c/[email protected]

15 comments fedilink hide all child comments

Attackers explain how an anti-spam defense became an AI weapon.

you are viewing a single comment's thread
view the rest of the comments

[–] Evotech 1 points 1 day ago (1 children)

Surely any competent web scraper will avoid an infinite loop?

[–] [email protected] 1 points 23 hours ago

Critics debating Nepenthes' utility on Hacker News suggested that most AI crawlers could easily avoid tarpits like Nepenthes, with one commenter describing the attack as being "very crawler 101." Aaron said that was his "favorite comment" because if tarpits are considered elementary attacks, he has "2 million lines of access log that show that Google didn't graduate."

You assume incorrectly that bots, scrapers and drive-by malware attacks are made by competent people. I have years worth of stories I'm not going to post on the open internet that says otherwise. I also have months worth of access logs that say otherwise. AhrefsBot in particular is completely unable to deal with anything you throw at it. It spent weeks in a tarpit I made very similar to the one in the article, looping links, until I finally put it out of its misery.