sir-alien's comments

Can we not just have a whitelist for allowed crawlers and ban the rest by default? Then places like DuckDuckGo and Google can provide a list of IP addresses that their crawlers will come from. Then simply just don't include major LLM providers like OpenAI

logins are more easily banned, and highly complex captchas for signup needs a human to signup and solve. As long as it's easier to get banned than it is to signup it will at least deter.

It's going to get to the point where everything will be put behind a login to prevent LLM scrapers scanning a site. Annoying but the only option I can think of. If they use an account for scraping you just ban the account.

Could you not instead of using one nmap process to scan 200+ addresses, just instead initiate 200+ nmap processes scanning just one IP.

Still effectively hits your spoofing system but now they bring their time back down to what it would take to scan a single IP address.

I'm sure there are many other ways around this but like all security it's merely a case of making it difficult enough that an attacker would need serious incentive to make the attack.

> “This is an isolated, ‘one-of-a-kind occurrence’ that has never before occurred with any of Google Cloud’s clients globally,” Google Cloud CEO Thomas Kurian and UniSuper CEO Peter Chun said in a joint statement obtained by The Guardian May 8. “This should not have happened. Google Cloud has identified the events that led to this disruption and taken measures to ensure this does not happen again.”

But it's not a one of a kind thing...

Sure, one of a kind at this scale but I've heard numerous stories of GCP/AWS terminating accounts with no explanation even when asked for one. However because the customer is small, it seems like it just vanishes in the noise and nothing comes of it. It's quite simple, use a cloud provider as a backup but don't trust your primary data with any cloud provider.

4 copies, 2 with completely different cloud providers, with 2 additional copies being far away from any cloud provider each using different storage medium.

Many are speculating that this will not be fixed by AWS (by design) however now that this has been discovered AWS will "need" to repair this flaw or they will start incurring customer flight to more secure or cheaper services.

The question is more about how long AWS are going to take to fix this issue and how many DDoS bills will they forgive.

The Wizard 8x22B is definitely for the high end, even the 2bit version. I attempted to run it on a workstation with RTX3090 and the performance was as bad as 1 word per 2 seconds. Probably a good candidate for a Groq accelerator.

This will slowly but surely push many sites and systems like this onto Tor. Although Tor isn't perfect, keeping all Tor traffic in Tor on an onion address, does help mitigate tracking.

For example, The Pirate Bay is on an onion domain which is going to make it rather difficult to track and shutdown now.

Eventually what will happen is that smart people will develop something similar to Tor that just adds a layer to the internet where all traffic is privately transported with zero exposure while still being reasonably fast.

I think the only thing that puts Tor at a disadvantage right now is speed.

If you want to see a good train service look at Japan. Went there for a holiday and used the train service all over. They are a classic example of what a train service "should" be like.

Fast, efficient, cost-effective. The only time trains was a little difficult was in the super-peak hours on the underground in the very dense parts of the cities.

I think the world should learn from Japan in many aspects.

Although the variant is in the U.K it's not yet believed to have come from overseas travel. So maybe this is a variant that has a higher likelihood of mutation in a specific demographic (e.g. Indian).

Speculation at this point to be honest.

Not as good in the U.K. but we do have some protections. A company can lock you into a contract however at the end of the contract it must default to a rolling 30 days term and the consumer must explicitly renew for a lengthy contract again if you want it. So even if you forget to cancel, you won't get renewed for X amount of years again.

Although some engineers may disagree, this is one of the reasons I believe engineering should NOT be a protected industry/profession. Fine if the title was but not the action of doing it.

I read a story about someone showing flaws in a USA traffic light system and he was subsequently fined for "illegal engineering" which is the most idiotic thing ever.

Going on current USA progression it won't be long before you get 10 years behind bars for "illegal engineering" in some states.

Wasn't even that long ago. https://www.theregister.co.uk/2017/04/29/engineer_fined_for_...

The problem is that with physical telecoms providers, you can mandate these LEI implementations. If the provider doesn't comply you ban the sale of the device. Yes, you can get a few black market devices to get around this but you can't head into your local shop to obtain it.

With the current scale of open source software, you can mandate a law for backdoors but countries that do not have such laws would be able to remove these backdoors from the open source software if they are ever put in. Simply banning OSS won't help either since many countries that have banned encryption still see widespread use of encryption software as the internet has no borders. Firewalls don't count because that is equivalent to trying to stop a million tunnel diggers from digging over the border all at the same time with a million more diggers ready to go. Ask China with their great firewall full of holes.

Backdooring or banning major providers like WhatsApp, etc will only push more and more people to an open solution that is globally distributed.

The only solution to gaining encryption access is the simple option. The option that if you are an interesting enough person, will get to play catch with a wrench while your hands are tied.

You might be right in "most" cases but looking at the benchmarks, there is quite a few cases which are used a lot in everday computing where performance literally hits rock bottom. Video rendering went from 600 frames per second down to 200 frames per second. That is a 60% or more performance loss.

The no publishing terms is pretty much null and void outside the USA. Many non-US countries have unfair contract laws that make certain contracts (EULA) illegal and unenforceable. So if you and your site are outside the USA and your country has the appropriate consumer protection laws, benchmark and publish away.

I would be certainly interested in the level of degraded performance.

Except that due to GDPR (at least in Europe) automatically opting someone in now is against the law and will result in hefty fines.

So for Europe, each major update should either remember your preferences or have them opted out by default.

Well I for one will certainly avoid any product brand that is now part of the GPP. It is great getting discounts from things like Intel but like the age old saying, if it's too good to be true it probably is.

And this definitely got exposed with the recent serious vulnerabilities in all modern Intel x86 CPUs. In the attempt to get ever faster and make ever more sales, they had to lower quality.

Pretty much the same path with Nvidia in my opinion.

“ For Sale. Tesla Roadstar, cherry red. One owner. Covered 92 million miles. Buyer to collect. ”

Got to wonder the damage that will happen to the bird. The larger drones which these tests are for would do some serious damage to the birds legs if the pilot kept the motors turning. If the pilot is intent on breaking away, they would not care about the birds well being.

Some of these drones also put out a fair amount of thrust so even if the drone is upside-down it could quite easily pull down the bird.

Somehow I feel that this training of large birds to catch drones just has not been thought through. Would a net cannon not but more successful especially when using high tensile netting. For mobility, attach net cannon to police multi rotor.

There are many good tech startups and industries in the U.K. that would be able to do such things but with us leaving the EU it seems we might be heading down the same path and be banned from storing EU data. The Snoopers Charter when we leave the EU already makes us incompatible with EU law and is already considered illegal too.

Its no wonder that the 1984 novel is flying of the shelves now.

;-P