I guess if you can’t beat them it’s the next best thing.
Just here for good conversation with good people.
I guess if you can’t beat them it’s the next best thing.
Reddit.
This is correct. I work in bot detections. There are baseline checks for various browser automation used as bot frameworks like Puppeteer or Playwright. Then there is basic analysis of server side and client side fingerprints; meaning, do the fingerprints you claim make sense. There are other heuristics too and I imagine Cloudflare is monitoring movements that point to automation. All of this happens after you click. I personally prefer this over Google’s captcha which frequently doesn’t recognize me as a human but is easily bypassed by bots.
You son of a bitch, I’m in.
Apparently we’re running out of sand. That’s going to make the transition to glass harder. I’m not saying I don’t agree because I would definitely prefer glass than plastic.
Thanks for sharing this graph. Please forgive my pessimism regarding the subject. I know a lot of progress is being made in the area of renewables and sometimes it still feels dire. Hopefully we can hasten that downward trend with coal.
Chaotic. I love it.
NYT also uses a third party bot identification and mitigation service.
Are you referring to email verification on sign up? If so, it’s unfortunately easily overcome by bad actors. Depending on how the platform handles it, one email can be used over and over again to verify accounts or there are many services out there that provide an endless amount of quick and easy emails. The automation of this has already been solved too. For the first scenario, limits on how many times an email is used for account verification is useful. For the second scenario, we really start the cat and mouse game. You can block sign up from accounts using spam email domains. There are lists out there that can help. If someone is really persistent, they may have a trove of legitimate email addresses they can use. Then you have to start considering where the sign ups are coming from, the IP, it’s reputation, the behaviors, and hopefully it’s fingerprints from the device. You could serve a captcha but most are trivial to bypass with code straight from GitHub or captcha passing services. Overall, this is not an easy problem to solve. I know a lot of conversation on Lemmy is being had regarding this topic. It’s going to take all of us together to help solve the problem.
Well done. I for one appreciate the effort you’re putting into making this a better place by keeping the bots out. Any thoughts on what can be done to keep bots from signing up to begin with or is the plan to continuously purge inactive accounts? I know from experience that a lot of these bad actors are going to pivot and redouble their efforts. This is unfortunately a cat and mouse game that will continually need to be addressed. But, again, thank you for your work on this!
There isn’t. This article is laughable because there is an astronomical amount of bot traffic that masquerades as legitimate human traffic. Things like puppeteer extra stealth and residential proxies have made it easier to hide a bots presence on the web. Also, the tracking they allude to via fingerprinting would very much be the same whether it’s a human solving a captcha or a seamless process where your browser solves one.
Ah yes, from Twitter to Shitter.
Not saying you’re wrong but it reminded me of a moment when I was a kid. I was all of five years old when I got lost in rural Arizona. I was visiting my grandparents and my cousin and I went out looking for turtles after a monsoon the night before. I got separated from my older cousin and then lost. I wandered around for hours until I found the main road that led through a nearby small town. I managed to hitchhike to the local trading post where the clerk managed to find my grandparents phone number to let them know they had found me.
They were sometimes useful. Also, they were great for prank calls.