this post was submitted on 29 Jan 2025
599 points (96.7% liked)

Technology

61227 readers
4350 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
599
AI haters build tarpits to trap and trick AI scrapers that ignore robots.txt (arstechnica.com)
submitted 1 day ago by [email protected] to c/[email protected]
46 comments fedilink hide all child comments
 

Building on an anti-spam cybersecurity tactic known as tarpitting, he created Nepenthes, malicious software named after a carnivorous plant that will "eat just about anything that finds its way inside."

Aaron clearly warns users that Nepenthes is aggressive malware. It's not to be deployed by site owners uncomfortable with trapping AI crawlers and sending them down an "infinite maze" of static files with no exit links, where they "get stuck" and "thrash around" for months, he tells users. Once trapped, the crawlers can be fed gibberish data, aka Markov babble, which is designed to poison AI models. That's likely an appealing bonus feature for any site owners who, like Aaron, are fed up with paying for AI scraping and just want to watch AI burn.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 75 points 1 day ago (3 children)

I hope it's effective.

[–] [email protected] 42 points 1 day ago (1 children)

AI crawlers and sending them down an "infinite maze" of static files with no exit links, where they "get stuck"

Maybe against bad crawlers. If you know what you're trying to look for and just just trying to grab anything and everything this should not be very effective. Any good web crawler has limits. This seems to be targeted. This seems to be targeted at Facebooks apparently very dumb web crawler.

[–] [email protected] 6 points 1 day ago

Yeah I was just thinking... this is not at all how the tools work.

[–] [email protected] 30 points 1 day ago (2 children)

It might be initially, but they'll figure out a way around it soon enough.

Remember those articles about "poisoning" images? Didn't get very far on that either

[–] [email protected] 27 points 1 day ago (1 children)

The way to get around it is respecting robots.txt lol

[–] [email protected] 20 points 1 day ago

But that's not respecting the shareholders 😤

[–] [email protected] 10 points 1 day ago

This kind of stuff has always been an endless war of escalation, the same as any kind of security. There was a period of time where all it took to mess with Gen AI was artists uploading images of large circles or something with random tags to their social media accounts. People ended up with random bits of stop signs and stuff in their generated images for like a week. Now, artists are moving to sites that treat AI scrapers like malware attacks and degrading the quality of the images that they upload.

[–] [email protected] 5 points 1 day ago (1 children)

It's not. If it was, every search engine out there would be belly up at the first nested link.

Google/Bing just consume their own crawling traffic. You don't want to NOT show up in search queries right?

[–] [email protected] 16 points 1 day ago (1 children)

It's unclear how much damage tarpits or other AI attacks can ultimately do. Last May, Laxmi Korada, Microsoft's director of partner technology, published a report detailing how leading AI companies were coping with poisoning, one of the earliest AI defense tactics deployed. He noted that all companies have developed poisoning countermeasures, while OpenAI "has been quite vigilant" and excels at detecting the "first signs of data poisoning attempts."

Despite these efforts, he concluded that data poisoning was "a serious threat to machine learning models." And in 2025, tarpitting represents a new threat, potentially increasing the costs of fresh data at a moment when AI companies are heavily investing and competing to innovate quickly while rarely turning significant profits.

"A link to a Nepenthes location from your site will flood out valid URLs within your site's domain name, making it unlikely the crawler will access real content," a Nepenthes explainer reads.

[–] [email protected] 7 points 1 day ago (1 children)

Same problems with tarpitting. They search engines are doing the crawling for each of their own companies, you don't want to poison your own search results.

Conceptually, they'll stop being search crawls altogether and if you expect to get any traffic it'll come from AI crawls :/

[–] [email protected] 6 points 1 day ago (1 children)

I think to use it defensively, you should put the path into robots.txt, and only those doesn't follows the rule will be greeted with the maze. For proper search engine crawler, that's should be the standard behavior.

[–] [email protected] 4 points 1 day ago

Spiders already detect link bombs, recursion bombs, they're capable of rendering the page out in memory to see what's truly visible.

It's a great idea but it's a really old trick and it's already been covered.