Miasma: A tool to trap AI web scrapers in an endless poison pit (github.com)
233 points by LucidLynx 9 hours ago
bobosola 5 hours ago
I dunno... it feels like the same approach as those people who tell you gleeful stories of how they kept a phone spammer on a call for 45 minutes: "That'll teach 'em, ha ha!" Do these types of techniques really work? I’m not convinced.
Also, inserting hidden or misleading links is specifically a no-no for Google Search [0], who have this to say: We detect policy-violating practices both through automated systems and, as needed, human review that can result in a manual action. Sites that violate our policies may rank lower in results or not appear in results at all.
So you may well end up doing more damage to your own site than to the bots by using dodgy links in this manner.
[0]https://developers.google.com/search/docs/essentials/spam-po...
trinsic2 4 hours ago
>I dunno... it feels like the same approach as those people who tell you gleeful stories of how they kept a phone spammer on a call for 45 minutes: "That'll teach 'em, ha ha!" Do these types of techniques really work? I’m not convinced
If you are automating it, I don't see why not. Kitboga, a you-tuber kept scam callers in AI call-center loops tying up there resources so they cant use them on unsuspecting victims.[0]
That's a guerilla tactic, similar in warfare, when you steal resources from an enemy, you get stronger and they get weaker, its pretty effective.
phplovesong 3 hours ago
Pretty easy. Get a paid number and have the phone scammers / marketers call that. I know a guy who made a decent side huzzle from this. They marketers slowly blocked his number tho, not sure if he still has this thing going on, as it was more a experiment.
yareally 2 hours ago
bdangubic 3 hours ago
more and more scammers are automating their side as well so soon the loop will be just bots talking to bots
ordu an hour ago
> it feels like the same approach as those people who tell you gleeful stories of how they kept a phone spammer on a call for 45 minutes: "That'll teach 'em, ha ha!" Do these types of techniques really work? I’m not convinced.
In 2000s there was some company in Russia selling English courses. It spammed so much, that people were really pissed off. To make long story short, the company disappeared from a public space when Golden Telecom joined the party of retaliatory "spam" calls and make computer to call the company using Golden Telecom modem pool.
So, yeah, you kinda can achieve something in this way, but to make sure you should lease a modem pool for that.
rogerrogerr an hour ago
> gleeful stories of how they kept a phone spammer on a call for 45 minutes: "That'll teach 'em, ha ha!" Do these types of techniques really work? I’m not convinced.
It’s one of the best time investments I’ve ever made. They just don’t call me anymore.
I think they have two lists: the “do not call” list, and the “unprofitable to call” list. You want to be on the latter list.
throw10920 2 hours ago
> I’m not convinced.
Is this how low we've sunk - that even below taking a single personal anecdote and generalizing it to everything - now we're taking zero experience and dismissing things based on vibes?
I've seen lots of LLM-slop-lovers doing the same thing. Maybe it's a pattern.
xyzal 4 hours ago
One would assume legit spiders obey robots.txt.
lolc 3 hours ago
This, to me, is the strongest argument to offer these slop generators. It provides an incentive to follow the robots.txt.
bugfix 2 hours ago
I really don't get it. Wouldn't you be wasting a lot of resources feeding the bots like this?
chongli 4 hours ago
Also, inserting hidden or misleading links is specifically a no-no for Google Search [0]
Depending on your goals, this may be a pro or a con. I, personally, would like to see a return of "small web" human-centric communities. If there were tools that include anti-scraping, anti-Google (and other large search crawlers) as well as a small web search index for humans to find these sites, this idea becomes a real possibility.
maxrmk 2 hours ago
It’s easy to opt out of being indexed by Google.
cdrini 2 hours ago
iririririr 3 hours ago
yes it work.
phone scammers have a very high personel cost, hence why some resort for human traffic.
if everyone picked up the phone and wasted a few seconds, it would be enough to make their whole enterprise worthless. but since most people who would not fail shutdown right away, they have the best ROI of any industry. they don't even pay the call for first seconds.
phplovesong 3 hours ago
Who TF cares about google? This is mostly for personal tech stuff (just the stuff AI steals for training). Id say its pretty welcome that it is not shown in google results.
tasuki 6 hours ago
> If you have a public website, they are already stealing your work.
I have a public website, and web scrapers are stealing my work. I just stole this article, and you are stealing my comment. Thieves, thieves, and nothing but thieves!
margalabargala 4 hours ago
The problem I have, is they hammer my site so hard they take it down.
The content is for everyone. They can have it. Just don't also take it away from everybody else.
ethmarks 3 hours ago
Unintentional denial-of-service attacks from AI scrapers are definitely a problem, I just don't know if "theft" is the right way to classify them. They shouldn't get lumped in with intellectual property concerns, which are a different matter. AI scrapers are a tragedy of the commons problem kind of like Kessler syndrome: a few bad actors can ruin low Earth orbit for everyone via space pollution, which is definitely a problem, but saying that they "stole" LEO from humanity doesn't feel like the right terminology. Maybe the problem with AI scrapers could be better described as "bandwidth pollution" or "network overfishing" or something.
margalabargala 3 hours ago
FeepingCreature 3 hours ago
pmlnr 3 hours ago
Been there recently. Rate limit on nginx and anti-syn flood on pf solved it.
spiderfarmer 6 minutes ago
kseniamorph 2 hours ago
> nothing but thieves! cool band btw
coldpie 5 hours ago
I agree theft isn't a good analogy, but there is something similar going on. I put my words out into the world as a form of sharing. I enjoy reading things others write and share freely, so I write so others might enjoy the things I write. But now the things I write and share freely are being used to put money in the bank accounts of the worst people on the planet. They are using my work in a way I don't want it to be used. It makes me not want to share anymore.
gruez 4 hours ago
>but there is something similar going on [...]
No, what you're basically describing is "I shared something but then I didn't like how it ended up being used". If you put stuff out in public for anyone to use, then find out it's used in a way you don't like, it's your right to stop sharing, but it's not "similar" to stealing beyond "I hate stealing"
Hendrikto 4 hours ago
Lerc 16 minutes ago
It sounds like you wanted to believe you were sharing freely while sharing conditionally.
tasuki 5 hours ago
> But now the things I write and share freely are being used to put money in the bank accounts of the worst people on the planet.
I don't think that's the case. I'm not even arguing they aren't the worst people on the planet - might as well be. But all is see them doing is burning money all over the place.
FromTheFirstIn 4 hours ago
kmeisthax 4 hours ago
If you want a good analogy, try the enclosure of the commons in the British countryside. Communally managed grasslands were destroyed by noblemen with massive herds of cattle overgrazing the land, kickstarting a land grab that effectively forced people to enclose or be left behind themselves. Property is a virus that destroys all other forms of allocation.
spiderfarmer 6 hours ago
If someone hands out cookies in the supermarket, are you allowed to grab everything and leave?
drfloyd51 5 hours ago
Odd thing about cookies… they disappear after one serving.
Websites are an endless stream of cookies.
The analogy doesn’t hold.
ghywertelling 5 hours ago
subscribed 2 hours ago
GeoAtreides 4 hours ago
z3c0 5 hours ago
lou1306 4 hours ago
bengale 5 hours ago
It’s interesting to see twists on the old anti-piracy arguments recycled for anti-ai.
gruez 4 hours ago
falcor84 6 hours ago
That really depends, but the quick answer is that according to our human social contract, we'd just ask "how many can I take?". Until now, the only real tool to limit scrapers has been throttling, but I don't see any reason for there not to be a similar conversational social contract between machines.
volemo 5 hours ago
GaggiX 6 hours ago
I will copy the supermarket and paste it somewhere else.
I'm also going to download a car.
Bender 2 hours ago
If someone hands out cookies in the supermarket, are you allowed to grab everything and leave?
Depends on the trust level of your society. where the store resides.
The internet is a cesspool of vagrants, thieves, mentally unstable, people and software with no impulse control, pirates and that is just talking about corporations. It gets so much worse with individuals.
pbasista 5 hours ago
This is a dishonest analogy. In your example, there is only a limited amount of cookies available. While there is no practical limit on the amount of time a certain digital media can be viewed.
You are allowed to take one cookie. But you are allowed to view a public website multiple times if you so want.
spiderfarmer 4 hours ago
hollow-moe 5 hours ago
CrzyLngPwd 4 hours ago
Way back in the day I had a software product, with a basic system to prevent unauthorised sharing, since there was a small charge for it.
Every time I released an update, and new crack would appear. For the next six months I worked on improving the anti-copying code until I stumbled across an article by a coder in the same boat as me.
He realised he was now playing a game with some other coders where he make the copyprotection better, but the cracker would then have fun cracking it. It was a game of whack-a-mole.
I removed the copy protection, as he did, and got back to my primary role of serving good software to my customers.
I feel like trying to prevent AI bots, or any bots, from crawling a public web service, is a similar game of whack-a-mole, but one where you may also end up damaging your service.
Cpoll 3 hours ago
> the cracker would then have fun cracking it.
I wonder if you could've won by making the cracking boring. No new techniques, bare minimum changes to require compiling a new crack, and just enough to make it difficult to automate. I.e. turn the cracking into a job.
But in reality, there are other community-driven motivations to put out cracks.
gruez 3 hours ago
>No new techniques, bare minimum changes to require compiling a new crack, and just enough to make it difficult to automate.
From a practical perspective you also have to have a steady stream of features for the newer versions to be worth cracking. Otherwise why use v1.09 when v1.01 works fine? Moreover spending less effort into improving the DRM is still playing at the cat and mouse game, albeit with less time investment. If you're making minimal changes, the cracker also has to spend minimal time updating the crack.
joquarky 2 hours ago
So many problems could be solved by letting go.
Unfortunately social media and snowballing copyright maximalism has inflated egos to the point where more and more people think they need to control everything.
aldousd666 6 hours ago
This is ultimately just going to give them training material for how to avoid this crap. They'll have to up their game to get good code. The arms race just took another step, and if you're spending money creating or hosting this kind of content, it's not going to make up for the money you're losing by your other content getting scraped. The bottom has always been threatening to fall out of the ads paid for eyeballs, And nobody could anticipate the trigger for the downfall. Looks like we found it.
aldousd666 6 hours ago
To be clear, I mean AI is going to be the downfall of ad supported content. But let's face it. We have link farms and spam factories as a result of the ad supported content market. I think this is going to eventually do justice for users because it puts a premium on content quality that someone will want to pay a direct licensing fee to scrape for your AI bots as opposed to tricking somebody into clicking on a link and looking at an impression for something they won't buy.
johneth 5 hours ago
> This is ultimately just going to give them training material for how to avoid this crap.
> The arms race just took another step, and if you're spending money creating or hosting this kind of content, it's not going to make up for the money you're losing by your other content getting scraped.
So we should all just do nothing and accept the inevitable?
ninjagoo 4 hours ago
> So we should all just do nothing and accept the inevitable?
I daresay rate-limiting will result in better outcomes than well-poisoning with hidden links that are against the policies of search engines.
Lots of potential for collateral damage, including your own websites' reputations and search visibility, with the well-poisoning approach.
xantronix 4 hours ago
ddtaylor 3 hours ago
subscribed 2 hours ago
So, if at the end of the day instead of clicking EVERY single link in the repository they just check it out and parse locally...... I would consider it a win.
Apocryphon 5 hours ago
Tech is just a series of arms races
storus 24 minutes ago
I am failing to see how this stops pre-training scrapping? It still looks like legit code, playing nicely with the desired pre-training distribution. Obviously nobody is going to use it for SFT/DPO/GRPO later.
Art9681 4 hours ago
Can't we simple parse and remove any style="display: none;", aria-hidden="true", and tabindex="1" attributes before the text is processed and get around this trick? What am I missing?
hoistbypetard 3 hours ago
If you do that and don't follow robots.txt, you are blocked. If you do that and follow robots.txt, fine. That's all we wanted you to do anyway. Just follow the instructions that well-behaved scrapers are meant to follow.
phplovesong 3 hours ago
Just have the link visible, but css it so that its either small as hell, or just off screen. Google / bots will follow it, real peopple will never see it.
madeofpalk 7 hours ago
Is there any evidence or hints that these actually work?
It seems pretty reasonable that any scraper would already have mitigations for things like this as a function of just being on the internet.
raincole 6 hours ago
It might work against people just use their Mini Mac with OpenClaw to summarize news every morning, but it certainly won't work against Google.
More centralized web ftw.
hexage1814 5 hours ago
It also probably won't work if the person actually wants your content and is checking if the thing they scraped actually makes sense or it just noise. Like, none of these are new things. Site owners send junk/fake data to webscrapers since web scraping was invented.
otherme123 5 hours ago
In my experience, Google (among others) plays nice. Just put "disallow: *" in your robots.txt, and they won't bother you again.
My current problem is OpenAI, that scans massively ignoring every limit, 426, 444 and whatever you throw at them, and botnets from East Asia, using one IP per scrap, but thousands of IPs.
LaGrange 5 hours ago
> It might work against people just use their Mini Mac with OpenClaw to summarize news every morning,
Good enough for me.
> More centralized web ftw.
This ain't got anything to do with "centralized web," this kind of epistemological vandalism can't be shunned enough.
sd9 7 hours ago
Even it did work, I just can't bring myself to care enough. It doesn't feel like anything I could do on my site would make any material difference. I'm tired.
20k 7 hours ago
I definitely get this. The thing that gives me hope is that you only need to poison a very small % of content to damage AI models pretty significantly. It helps combat the mass scraping, because a significant chunk of the data they get will be useless, and its very difficult to filter it by hand
lucasfin000 5 hours ago
xyzal 4 hours ago
About two years ago, I made up reference to a nonexistent python library and put code "using" it in just 5 GitHub repos. Several months later the free ChatGPT picked it up. So IMO it works.
logicprog 4 hours ago
Via websearch? Or training?
bediger4000 5 hours ago
The search engine crawlers are sophisticated enough, but Meta's are not. Neither is Anthropic's Claude crawler. Source: personal experience trying garbage generators on Yandex, Blexbot, Meta's and Anthropics crawlers.
I'm completely uncertain that the unsophisticated garbage I generated makes any difference, much less "poisons" the LLMs. A fellow can dream, can't he?
spiderfarmer 6 hours ago
There are hundreds of bots using residential proxies. That is not free. Make them pay.
m00dy 6 hours ago
it won't work, especially on gemini. Googlebot is very experienced when it comes to crawling. It might work for OpenAI and others maybe.
nubg 7 hours ago
What kind of migitations? How would you detect the poison fountain?
avereveard 7 hours ago
style="display: none;" aria-hidden="true" tabindex="1"
many scraper already know not to follow these, as it's how site used to "cheat" pagerank serving keyword soups
m00dy 6 hours ago
phplovesong 3 hours ago
GaggiX 7 hours ago
Because the internet is noisy and not up to date all recent LLMs are trained using Reinforcement Learning with Verifiable Rewards, if a model has learned the wrong signature of a function for example it would be apparent when executing the code.
phoronixrly 7 hours ago
It does work, on two levels:
1. Simple, cheap, easy-to-detect bots will scrape the poison, and feed links to expensive-to-run browser-based bots that you can't detect in any other way.
2. Once you see a browser visit a bullshit link, you insta-ban it, as you can now see that it is a bot because it has been poisoned with the bullshit data.
My personal preference is using iocaine for this purpose though, in order to protect the entire server as opposed to a single site.
kristopolous 5 hours ago
I did a related approach:
A toll charging gateway for llm scrapers: a modification to robots.txt to add price sheets in the comment field like a menu.
This was for a hackathon by forking certbot. Cloudflare has an enterprise version of this but this one would be self hosted
I think it has legs but I think I need to get pushed and goaded otherwise I tend to lose interest ...
It was for the USDC company btw so that's why there's a crypto angle - this might be a valid use case!
I'm open to crypto not all being hustles and scams
Tell me what you think?
ctoth 3 hours ago
This is literally what HTTP 402 is for -- there's a whole buncha work going on ... but please, please, please don't let Cloudflare become another bloody gatekeeper. Please.
effnorwood 4 hours ago
certainly don't allow anyone to access your content. perhaps shut the site down just to be safe.
aduwah an hour ago
Accessing the shop by going through the wall with a tank is not the same as walking in the door. Hosting costs money. These botnets should be charged for the costs they incur
eliottre 5 hours ago
The data poisoning angle is interesting. Models trained on scraped web data inherit whatever biases, errors, and manipulation exist in that data. If bad actors can inject corrupted data at scale, it creates a malign incentive structure where model training becomes adversarial. The real solution is probably better data provenance -- models trained on licensed, curated datasets will eventually outcompete those trained on the open web.
bluepeter 4 hours ago
A related technique used to work so well for search engine spiders. I had some software i wrote called 'search engine cloaker'... this was back in the early 2000s... one of the first if not the first to do the shadowy "cloaking" stuff! We'd spin dummy content from lists of keywords and it was just piles and piles. We made it a bit smarter using Markov chains to make the sentences somewhat sensible. We'd auto-interlink and get 1000s of links. It eventually stopped working... but it took a long while for that to happen. We licensed the software to others. I rationalized it because I felt, hey, we have to write crappy copy for this stupid "SEO" thing, so let's just automate that and we'll give the spiders what they seem to want.
ctoth 3 hours ago
You didn't 'give the spiders what they seem to want.' You exploited a naive ranking algorithm to inject garbage into search results that real people were trying to use. That you rationalized it at the time is human. That you're still rationalizing it decades later is something else.
ninjagoo 5 hours ago
Isn't this a trope at this point? That AI companies are indiscriminately training on random websites?
Isn't it the case that AI models learn better and are more performant with carefully curated material, so companies do actually filter for quality input?
Isn't it also the case that the use of RLHF and other refinement techniques essentially 'cures' the models of bad input?
Isn't it also, potentially, the case that the ai-scrapers are mostly looking for content based on user queries, rather than as training data?
If the answers to the questions lean a particular way (yes to most), then isn't the solution rate-limiting incoming web-queries rather than (presumed) well-poisoning?
Is this a solution in search of a problem?
xantronix 4 hours ago
You do raise an interesting point. The poison fountains would probably be more effective if their outputs more closely resembled whatever the most popular problem spaces are at any given point.
jackdoe 16 minutes ago
rage against the dying of the light
theandrewbailey 5 hours ago
Or you can block bots with these (until they start using them) https://developer.mozilla.org/en-US/docs/Glossary/Fetch_meta...
hmokiguess 4 hours ago
Could this lead to something like the Streisand effect? I imagine these bots work at a scale where humans in the loop only act when something deviates from the standard, so, if a bot flags something up with your website then you’re now in a list you previously weren’t. Now don’t ask me what they do with those lists, but I guess you will make the cut.
holysoles 4 hours ago
If anyone is looking for a tool to actually send traffic to a tool like this, I wrote a Traefik plugin that can block or proxy requests based on useragent.
dwa3592 3 hours ago
Love it. Thanks for doing this work. Not sure why people are criticizing this. Also, insane amount of work has been done to improve scraping - which in my mind is just absolute bonkers and i didn't see people complaining about that.
geoffschmidt 2 hours ago
Can we not attribute the poisoned training data to real people like Roger Dingledine and Nick Mathewson? That seems like a poor reward for their open source contributions.
(Though I share the skepticism of other commenters that any frontier lab is actually going to burn the dinosaur juice to train their models on thousands of pages of code titled "Code Example $GUID". As emotionally satisfying as it may be to "fight "back", if the spiders are clicking those links it's because the cost of fetching and filtering them out is so low that nobody cares enough to fix it, not because they're being piped directly into the next version of Opus.)
meta-level 7 hours ago
Isn't posting projects like this the most visible way to report a bug and let it have fixed as soon as possible?
suprfsat 7 hours ago
"disobeys robots.txt" is more of a feature
nosmokewhereiam 5 hours ago
My asthmar
I'm assuming this is a reference to Lord of the flies
cwnyth 5 hours ago
Miasma is bad or poisonous air. It's a Greek word.
ninjagoo 5 hours ago
This is essentially machine-generated spam.
The irony of machine-generated slop to fight machine-generated slop would be funny, if it weren't for the implications. How long before people start sharing ai-spam lists, both pro-ai and anti-ai?
Just like with email, at some point these share-lists will be adopted by the big corporates, and just like with email will make life hard for the small players.
Once a website appears on one of these lists, legitimately or otherwise, what'll be the reputational damage hurting appearance in search indexes? There have already been examples of Google delisting or dropping websites in search results.
Will there be a process to appeal these blacklists? Based on how things work with email, I doubt this will be a meaningful process. It's essentially an arms race, with the little folks getting crushed by juggernauts on all sides.
This project's selective protection of the major players reinforces that effect; from the README:
" Be sure to protect friendly bots and search engines from Miasma in your robots.txt!
User-agent: Googlebot User-agent: Bingbot User-agent: DuckDuckBot User-agent: Slurp User-agent: SomeOtherNiceBot Disallow: /bots Allow: / "
snehesht 7 hours ago
Why not simply blacklist or rate limit those bot IP’s ?
Bender 2 hours ago
Why not simply blacklist or rate limit those bot IP’s ?
Many bots cycle through short DHCP leases on LTE wifi devices. One would have to accept blocking all cell phones which I have done for my personal hobby crap but most businesses will not do this. Another big swath of bots come from Amazon EC2 and GoogleCloud which I will also happily block on my hobby crap but most businesses will not.
Some bots are easier to block as they do not use real web clients and are missing some TCP/IP headers making them ultra easy to block. Some also do not spoof user-agent and are easy to block. Some will attempt to access URL's not visible to real humans thus blocking themselves. Many bots can not do HTTP/2.0 so they are also trivial to block. Pretty much anything not using headless Chrome is easy to block.
xprnio 6 hours ago
If you have real traffic and bot traffic, you still need to identify which is which. On top of that, bots very likely don’t reuse the same IPs over and over again. I assume if we knew all the IPs used only by bots ahead of time, then yeah it would be simple to blacklist them. But although it’s simple in theory, the practice of identifying what to blacklist in the first place is the part that isn’t as simple
snehesht 6 hours ago
You wouldn’t permanently block them, it’s more like a rolling window.
You can use security challenges as a mechanism to identify false positives.
Sure bots can get tons of proxies for cheap, doesn’t mean you can’t block them similar to how SSH Honeypots or Spamhaus SBL work albeit temporarily.
phyzome 6 hours ago
Because punishment for breaking the robots.txt rules is a social good.
nextlevelwizard 2 hours ago
Point is to kill or at least hinder AI progress
arbol 5 hours ago
The AI companies are using virtually unlimited "clean" residential IPs so this is not a valid strategy.
DaiPlusPlus 5 hours ago
How? They run their scraping and training infrastructure - and models themselves - from within those “AI datacenters”[1] we hear about in the news - and not proxying through end-users’ own pipes.
[1]: in quotes, because I dislike the term, because it’s immaterial whether or not an ugly block of concrete out in the sticks is housing LLM hardware - or good ol’ fashioned colo racks.
AyyEye 4 hours ago
aduwah 6 hours ago
There are way too many to do that
snehesht 6 hours ago
True, most of the blacklists systems today aren’t realtime like Amazon WAF or Cloudflare.
We need a Crawler blacklist that can in realtime stream list deltas to centralized list and local dbs can pull changes.
Verified domains can push suspected bot ips, where this engine would run heuristics to see if there is a patters across data sources and issue a temporary block with exponential TTL.
There are many problems to solve here, but as any OSS it will evolve over time if there is enough interest in it.
Costs of running this system will be huge though and corp sponsors may not work but individual sponsors may be incentivized as it’s helps them reduce bandwidth, compute costs related to bot traffic.
pixl97 5 hours ago
xyzal 4 hours ago
For the lulz
superkuh 5 hours ago
Of course Googlebot, Bingbot, Applebot, Amazonbot, YandexBot, etc from the major corps are HTTP useragent spiders that will have their downloaded public content used by corporations for AI training too. Might as well just drop the "AI" and say "corporate scrapers".
rob 5 hours ago
"/brainstorming git checkout this miasma repo source code and implement a fix to prevent the scraper from not working on sites that use this tool"
foxes 6 hours ago
Wonder if you can just avoid hiding it to make it more believable
Why not have a library of babel esq labrinth visible to normal users on your website,
Like anti surveillance clothing or something they have to sift through
imdsm 7 hours ago
Applied model collapse
jijji 3 hours ago
why not just try to block them at the door instead of feeding them poisoned food...
Imustaskforhelp 8 hours ago
I wish if there was some regulation which could force companies who scrape for (profit) to reveal who they are to the end websites, many new AI company don't seem to respect any decision made by the person who owns the website and shares their knowledge for other humans, only for it to get distilled for a few cents.
joquarky an hour ago
Yep, they are already working on de-anonymizing the internet.
rvz 7 hours ago
> > Be sure to protect friendly bots and search engines from Miasma in your robots.txt!
Can't the LLMs just ignore or spoof their user agents anyway?
phoronixrly 7 hours ago
Well-behaved agents will obey robots.txt and not fall into the trap.
obsidianbases1 4 hours ago
I know there are real world problems to deal with, but at least I got one over on that evil open claw instance /s
GaggiX 7 hours ago
These projects are the new "To-Do List" app.
obsidianbases1 7 hours ago
Why do this though?
It's like if someone was trying to "trap" search crawlers back in the early 2000s.
Seems counterproductive
bilekas 6 hours ago
Because of bots that don't respect ROBOTS.txt .
If you want an AI bot to crawl your website while you pay for that bandwidth then you wont use the tool.
obsidianbases1 4 hours ago
If bandwidth cost is a concern the maybe you should reconsider how you publish your site.
Like, what if you actually post something that gains traction, is it going to bankrupt you or something?
bilekas 3 hours ago
integralid 5 hours ago
search crawlers used to bring people TO your site llm boots are used to keep people OUT of your site, because knowledge is indexed and distributed by corporations.
obsidianbases1 4 hours ago
So if your site is dependent on ads, and since the only way for people to see those ads is coming to your site, then yes, you lose.
If your site exists to share information, then the information gets disseminated, whether via LLM or some browser, it doesn't make a difference to me
lelanthran 4 hours ago
aarjaneiro 4 hours ago
Forgeties79 6 hours ago
Web crawlers didn’t routinely take down public resources or use the scraped info to generate facsimiles that people are still having ethical debates over. Its presence didn’t even register and it was indexing that helped them. It isn’t remotely the same thing.
https://www.libraryjournal.com/story/ai-bots-swarm-library-c...
obsidianbases1 4 hours ago
AI bots must've taken down that link you shared, it won't load :/
And search crawlers/results have been producing snippets that prevent users from clicking to the source for well over a decade.
Edit: it loaded. I don't see how the problem isn't simply solved by an off the shelf solution like cloud flare. In the real world, you wouldn't open up a space/location if you couldn't handle the throughput. Why should online spaces/locations get special treatment?
Forgeties79 2 hours ago
splitbrainhack 8 hours ago
-1 for the name
QuantumNomad_ 8 hours ago
https://en.wikipedia.org/wiki/Miasma_theory
Seems a clever and fitting name to me. A poison pit would probably smell bad. And at the same time, the theory that this tool would actually cause “illness” (bad training data) in AI is not proven.
jstanley 5 hours ago
If you want to ruin someone's web experience based on what kind of thing they are, rather than the content of their character, consider that you might be the baddies.
mrweasel 5 hours ago
If you're constantly being harassed by someone and despite your best efforts, nothing is being done to help you, quite the opposite in fact, tons of people cheer your assailant on in the name of profit and progress, it's only natural that you lash out.
It's not all that productive, it's an act of desperation. If you can't stop the enemy, at least you can make their action more costly.
One positive outcome I could see it AI companies becoming more critical of their training data.
lifeformed 4 hours ago
What "content of character" do you ascribe to a web scraper?
jstanley 4 hours ago
You don't, that's why it's unethical to block them.
If you keep getting harrassed by people wearing black hoodies, would it be ethical to start taking countermeasures against all people who wear black hoodies?
lelanthran 3 hours ago
Apocryphon an hour ago
You’re gonna have to try harder to sneak in the a priori assumption that LLMs have any character beyond which corporation deployed them.