On 4/26/25 1:59 AM, mpan wrote:
On access of https://wiki.archlinux.org today, a dialog flashed (…)
Hello,
Many sites are currently falling victim to crawlers from LLM
companies. The bots mercilessly hammer the servers, causing enormous
load. This leads to service disruption to normal users. Since many of
them own hundreds of IP addresses, it’s not possible to throttle them
based on requests alone.
Multiple targets, Arch Wiki included, decided to deploy a client-side
proof-of-work mechanism: Anubis from Techaro.⁽¹⁾⁽²⁾ This runs a small
program, that does “expensive” operation in the browser. It’s nothing
for normal users, even if we count all users together. But it’s a
notable cost to companies doing billions requests.
Cheers
____
⁽¹⁾ https://techaro.lol/
⁽²⁾ Screenshot of what you didn’t se: https://0x0.st/8VRo.png
Yes,
The world has been living through the record breaking 1.33 Million
host botnet attack during the past month, and especially the last week
as a repurposed brute-force campaign (my fail2ban had over 330 IPs in
the dovecot jail - normal is about 15, with 95% of the new compromised
IPs coming from LATNIC).
This appears to be a continuation of the March record breaking botnet
DDOS campaign "Eleven11bot".
Things are likely only to get worse with the prevalence of AI aiding
the bad guys. I recently saw the current internet described as a
"foaming-boiling septic tank" which seems to be an apt description.
--
David C. Rankin, J.D.,P.E.
