- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
A pseudonymous coder has created and released an open source “tar pit” to indefinitely trap AI training web crawlers in an infinitely, randomly-generating series of pages to waste their time and computing power. The program, called Nepenthes after the genus of carnivorous pitcher plants which trap and consume their prey, can be deployed by webpage owners to protect their own content from being scraped or can be deployed “offensively” as a honeypot trap to waste AI companies’ resources.
“It’s less like flypaper and more an infinite maze holding a minotaur, except the crawler is the minotaur that cannot get out. The typical web crawler doesn’t appear to have a lot of logic. It downloads a URL, and if it sees links to other URLs, it downloads those too. Nepenthes generates random links that always point back to itself - the crawler downloads those new links. Nepenthes happily just returns more and more lists of links pointing back to itself,” Aaron B, the creator of Nepenthes, told 404 Media.
I had a scanner that was relentless smashing a server at work and configured one of those.
evidently it was one of our customers. it filled their storage up and increased their storage costs by like 500%.
they complained that we purposefully sabotaged their scans. when I told them I spent two weeks tracking down and confirmed their scan were causing performance issues on our infrastructure I had every right to protect the experience of all our users.
I also reminded them they were effectively DDOSing our services which I could file a request to investigate with cyber crimes division of the FBI.
they shut up, paid their bill, and didn’t renew their measly $2k mrr account with us when their contract ended.
bitch ass small companies are always the biggest pita.
DDoS? Where was the distribution part?
effectively
For all practical purposes; in effect.
I believe the commenter was implying that DoS would be a more accurate description, since it does not seem as if the “attack” was distributed, but it is a nitpick nonetheless. We don’t have the context to understand if multiple servers were involved that distributed the load
I see DDoS and DoS used interchangeably. I think because DDoS became a somewhat mainstream term (at least in online gamer communities) and is pronounced verbally (dee doss). Idk, just what I’ve seen.
Like people calling roguelites roguelikes or third person shooters FPSes
Yes in casual conversation I always say “DDoS” regardless of whether or not it’s distributed because “DoS” makes people think of the operating system.
Dee doss? I always say dee dee oh es.
dee dee mega doo doo