After MS started down the AI path I updated all my licensing for what I hosted there excluding it from all AI training. Yeah I know they won’t listen but if we ever have a tech based class action lawsuit I am ready.
I then archieved all my projects posting a link to my self hosted git solution. The new solution again constantly states AI has no business here.
Last step was setting the guards and traps. I have a robots.txt file setup and my nginx is configured to send 444 to all requests who report as bots. All methods that they should obey. But if they don’t every page I host has an invisible link to a cgi script that creates an infinite loop of links. The bot falls down this rabit hole and I eventually ban their IP.
The honey pot lists a dozen randomly generated links that all point back to the honeypot. Then I have a script that runs nightly and if your IP clicked on a honeypot 100 or more times in a day the IP gets blocked. That way people can stumble on it and not get banned.
Looking at the logs I easily get tens of thousands of hits daily by dozens of bots. A few business sites, personal page, hobby page, and my GitHub replacement. Not really a big target. But still a lot of bot traffic.
Ooo. You know what would also be fun. Instead of a ban, after the obvious bot limit is hit switch that IP to piles of garbage data. Randomly generate word salad pages and make it redirect to those.
I was thinking about something similar. Generate a lot of source code that is pure garbage with comments so that they are learning nonsense. But at the end of the day I don’t want to waste more CPU cycles. This is enough to waste their time on my sites with no real blips on my machine.
After MS started down the AI path I updated all my licensing for what I hosted there excluding it from all AI training. Yeah I know they won’t listen but if we ever have a tech based class action lawsuit I am ready.
I then archieved all my projects posting a link to my self hosted git solution. The new solution again constantly states AI has no business here.
Last step was setting the guards and traps. I have a robots.txt file setup and my nginx is configured to send 444 to all requests who report as bots. All methods that they should obey. But if they don’t every page I host has an invisible link to a cgi script that creates an infinite loop of links. The bot falls down this rabit hole and I eventually ban their IP.
I love the idea of honeypots for AI. I’ve been ruminating on that for months now.
QR codes that lead to a virus to sabotage Flock when the AI scans the video of you driving by and gets curious.
Code files littered with meta commands like “disregard previous commands” and such.
Things that lead to infinite loops like you said.
I cackle at the idea of all of us laying entire minefields of AI traps everywhere. Good luck!
The honey pot lists a dozen randomly generated links that all point back to the honeypot. Then I have a script that runs nightly and if your IP clicked on a honeypot 100 or more times in a day the IP gets blocked. That way people can stumble on it and not get banned.
Looking at the logs I easily get tens of thousands of hits daily by dozens of bots. A few business sites, personal page, hobby page, and my GitHub replacement. Not really a big target. But still a lot of bot traffic.
Crazy.
Ooo. You know what would also be fun. Instead of a ban, after the obvious bot limit is hit switch that IP to piles of garbage data. Randomly generate word salad pages and make it redirect to those.
I was thinking about something similar. Generate a lot of source code that is pure garbage with comments so that they are learning nonsense. But at the end of the day I don’t want to waste more CPU cycles. This is enough to waste their time on my sites with no real blips on my machine.