GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Notices by tyil (tyil@fedi.tyil.nl)

  1. Embed this notice
    tyil (tyil@fedi.tyil.nl)'s status on Saturday, 31-May-2025 18:08:15 JST tyil tyil
    in reply to
    • Phantasm
    • waifu

    @phnt@fluffytail.org @waifu@mai.waifuism.life Its cute that you only get 20rq/s and think that's the scale of "the real world".

    As a sidenote, I'm already blocking entire ASs.

    In conversation about a day ago from fedi.tyil.nl permalink
  2. Embed this notice
    tyil (tyil@fedi.tyil.nl)'s status on Saturday, 31-May-2025 17:32:30 JST tyil tyil
    in reply to
    • Phantasm
    • waifu

    @phnt@fluffytail.org @waifu@mai.waifuism.life There is no reason to prove a browser is "real" in the normal world.Okay, keep believing that.you are trying to combat a bot attackCorrect. Sounds like there are reasons after all. Only took a whole sentence to figure that one out.your mitigation simply has no effectIt appears to have an effect, and not just for my personal cgit. It appears a lot of people are using it because they are seeing a (positive) effect in combatting LLM scrapers with it.it can be easily bypassedIt can, and that's ok. Because if you bypass it, you become a unique UA that I can just block with any regular UA block in HAProxy. Even if you automate "random" UAs, I can put in a pretty excessive UA blacklist with patterns if I so desire. The entire point is that a connection using a regular browser UA has to prove they are in fact a regular, legitimate browser, because blocking those isn't feasible, because you'd block nearly all legitimate traffic otherwise.

    Its not a hard concept I think. I don't know why I have to reiterate the same thing three times for you, but I truly hope this time it'll stick. If not, for the love of Stallman please just cancel your Internet subscription.

    In conversation about a day ago from fedi.tyil.nl permalink

    Attachments


  3. Embed this notice
    tyil (tyil@fedi.tyil.nl)'s status on Saturday, 31-May-2025 17:19:30 JST tyil tyil
    in reply to
    • Phantasm
    • waifu

    @phnt@fluffytail.org @waifu@mai.waifuism.life You're having a really hard time reading my posts I guess. I'm sorry for you.

    In conversation about a day ago from fedi.tyil.nl permalink
  4. Embed this notice
    tyil (tyil@fedi.tyil.nl)'s status on Saturday, 31-May-2025 17:08:37 JST tyil tyil
    in reply to
    • iced depresso
    • Phantasm
    • waifu

    @icedquinn@blob.cat @phnt@fluffytail.org @waifu@mai.waifuism.life don't actually serve degraded content to other user agents probablyDepends on what you mean, I do "serve degraded content" to other UAs in the sense that I block LLM scrapers that misbehave when I can. To reiterate, Anubis exists because LLM scrapers pretend to be a browser with a regular browser UA. If one were to block that, you'd block all legitimate browser users, so realistically its not an option.

    If you pretend to be a regular browser, Anubis exists to verify this. If you don't pretend to be a regular browser, it does nothing.

    How is this so hard to grasp.

    In conversation about a day ago from fedi.tyil.nl permalink
  5. Embed this notice
    tyil (tyil@fedi.tyil.nl)'s status on Saturday, 31-May-2025 17:04:22 JST tyil tyil
    in reply to
    • Phantasm
    • waifu

    @phnt@fluffytail.org @waifu@mai.waifuism.life Read the post of mine again. Anubis isn't a catch-all bot filter, its to filter out connection pretending to be a browser. I know the "lmao I can bypass Anubis with this simple trick" is the peak of /g/ hacker mentality, but in the real world everyone already knew this. It is mentioned in the blog post where the guy talks about it.

    Anubis exists solely to ensure connections that act like browsers to prove they are browsers. If a connection doesn't pretend its a browser, Anubis does nothing, as is the intended effect, because at that point if the connection misbehaves, you can just block that particular UA.

    In conversation about a day ago from fedi.tyil.nl permalink
  6. Embed this notice
    tyil (tyil@fedi.tyil.nl)'s status on Saturday, 31-May-2025 16:52:35 JST tyil tyil
    in reply to
    • Phantasm
    • waifu

    @phnt@fluffytail.org @waifu@mai.waifuism.life If the scraping bots remove the "I" from Mozilla, server operators can easily just block the unique user agent. Anubis isn't "a tool to stop bots", its a tool to verify connections pretending to be a browser are actual users.

    In conversation about a day ago from fedi.tyil.nl permalink
  7. Embed this notice
    tyil (tyil@fedi.tyil.nl)'s status on Thursday, 29-May-2025 18:23:36 JST tyil tyil
    in reply to
    • T man :sex: :puffgiga: :puffpowerroll:
    • tsoifan1997
    • nyanide :nyancat_rainbow::nyancat_body::nyancat_face:

    @sysrq@lab.nyanide.com @pernia@schizophreniabunker.vip @theorytoe@ak.kyaruc.moe @nyanide@lab.nyanide.com If you don't test in production how do you know its gonna work in production?

    In conversation about 3 days ago from fedi.tyil.nl permalink
  8. Embed this notice
    tyil (tyil@fedi.tyil.nl)'s status on Sunday, 25-May-2025 22:22:54 JST tyil tyil
    in reply to
    • pistolero

    @p@fsebugoutzone.org G E K O L O N I Z E E R D

    In conversation about 7 days ago from fedi.tyil.nl permalink
  9. Embed this notice
    tyil (tyil@fedi.tyil.nl)'s status on Friday, 23-May-2025 23:29:15 JST tyil tyil
    in reply to
    • 翠星石
    • Gina

    @Suiseiseki@freesoftwareextremist.com @Gina@fosstodon.org @linkwarden@freesoftwareextremist.com I will send an email to the maintainer asking them to explicitly pick either the -only or -or-later AGPL variant, and to use proper documentation to specify what the license applies to.

    In conversation about 9 days ago from fedi.tyil.nl permalink
  10. Embed this notice
    tyil (tyil@fedi.tyil.nl)'s status on Friday, 23-May-2025 22:41:46 JST tyil tyil
    in reply to
    • 翠星石
    • Gina

    @Suiseiseki@freesoftwareextremist.com @Gina@fosstodon.org I don't see anything about being allowed to use a later version, so I'm guessing it's AGPLv3-only. Their license is (sadly) on GitHub: https://raw.githubusercontent.com/linkwarden/linkwarden/refs/heads/main/LICENSE.md

    In conversation about 9 days ago from fedi.tyil.nl permalink

    Attachments


    1. Invalid filename.
  11. Embed this notice
    tyil (tyil@fedi.tyil.nl)'s status on Friday, 23-May-2025 21:50:46 JST tyil tyil
    in reply to
    • Gina

    @Gina@fosstodon.org I didn't use #Pocket, but I've seen some recommendations from people on my timeline. So far the nicest one I've seen has been LinkWarden, which is AGPL-3.0 licensed. Since I didn't use Pocket I can't tell you how well it works as a replacement, though, but I hope it helps anyway!

    In conversation about 9 days ago from fedi.tyil.nl permalink
  12. Embed this notice
    tyil (tyil@fedi.tyil.nl)'s status on Thursday, 22-May-2025 20:05:05 JST tyil tyil
    in reply to
    • :blobcatflower:
    • Phantasm
    • 夜化

    @phnt@fluffytail.org @Yoruka@eientei.org @lucy@netzsphaere.xyz @world@fluffytail.org It shouldn't be that hard to convert [the] codebaseiirc there have been several attempts already, and they all failed for one reason or another. So it would turn out it sadly is that hard to convert the codebase 😞Almost every time I emergeMy desktop is where I experiment and as a result it has quite a lot of bloat on it. Updates occasionally have over a 1000 packages to go through. I still cannot relate to your woes.

    In conversation about 10 days ago from fedi.tyil.nl permalink
  13. Embed this notice
    tyil (tyil@fedi.tyil.nl)'s status on Thursday, 22-May-2025 20:05:03 JST tyil tyil
    in reply to
    • :blobcatflower:
    • Phantasm
    • 夜化

    @Yoruka@eientei.org @phnt@fluffytail.org @lucy@netzsphaere.xyz I start an update in the evening and its usually done by lunch the next day. The amount of packages generally doesn't impact it that much, though, the vast majority of the time is spent on chromium (last recompile of it took over 4 hours).

    In conversation about 10 days ago from fedi.tyil.nl permalink
  14. Embed this notice
    tyil (tyil@fedi.tyil.nl)'s status on Thursday, 22-May-2025 20:04:59 JST tyil tyil
    in reply to
    • :blobcatflower:
    • Phantasm
    • 夜化

    @Yoruka@eientei.org @phnt@fluffytail.org @lucy@netzsphaere.xyz My desktop is in a separate room, but I like to use it during the day. It is mostly usable while compiling anyway, except when compiling chromium, which is also the worst thing to compile to begin with. And it always has updates, without exception. Its the worst experience, but I want to have several browser options available at all time. At least now I can say I "speak from experience" on how horrible Chromium is 😭

    In conversation about 10 days ago from fedi.tyil.nl permalink
  15. Embed this notice
    tyil (tyil@fedi.tyil.nl)'s status on Thursday, 22-May-2025 20:04:56 JST tyil tyil
    in reply to
    • :blobcatflower:
    • Phantasm
    • 夜化

    @Yoruka@eientei.org @phnt@fluffytail.org @lucy@netzsphaere.xyz I don't think chromium has an LTS. At least not in Portage, all versions are always considered stable, and they don't keep many versions around in Portage to begin with. I do generally stick to the stable versions, only accepting ~arch if I have a need for it (which is rare).

    In conversation about 10 days ago from fedi.tyil.nl permalink
  16. Embed this notice
    tyil (tyil@fedi.tyil.nl)'s status on Thursday, 22-May-2025 20:04:54 JST tyil tyil
    in reply to
    • :blobcatflower:
    • Phantasm
    • 夜化

    @Yoruka@eientei.org @phnt@fluffytail.org @lucy@netzsphaere.xyz @world@eientei.org Yeah, I can exclude it, but I mean if the compilation runs when I'm not using the machine anyway, it doesn't matter much. Its not a problem that needs fixing for me, I know the setup is not maximized for efficiency, and it doesn't have to be.

    In conversation about 10 days ago from fedi.tyil.nl permalink
  17. Embed this notice
    tyil (tyil@fedi.tyil.nl)'s status on Thursday, 22-May-2025 20:04:50 JST tyil tyil
    in reply to
    • :blobcatflower:
    • Phantasm
    • 夜化

    @Yoruka@eientei.org @phnt@fluffytail.org @lucy@netzsphaere.xyz Surely you have a VPN connection to the machine in question and can just start it remotely!

    In conversation about 10 days ago from fedi.tyil.nl permalink
  18. Embed this notice
    tyil (tyil@fedi.tyil.nl)'s status on Thursday, 22-May-2025 20:04:47 JST tyil tyil
    in reply to
    • :blobcatflower:
    • Phantasm
    • 夜化

    @Yoruka@eientei.org @phnt@fluffytail.org @lucy@netzsphaere.xyz Real men run an httpd that just allows a GET request to run a command as root. curl http://home.address/emerge%20-uDN%20@world.

    In conversation about 10 days ago from fedi.tyil.nl permalink

    Attachments


  19. Embed this notice
    tyil (tyil@fedi.tyil.nl)'s status on Thursday, 22-May-2025 00:57:33 JST tyil tyil
    in reply to
    • 翠星石
    • VnPower

    @Suiseiseki@freesoftwareextremist.com @vnpower@mstdn.maud.io I am dubious of that claim.You are free to be dubious, but you are also wrong. While I don't like that browser, it is free software and therefore I have no moral issues with it.Idk, works on other machines.Clearly it does not work on other machines, hence Anubis is used so much. In this thread alone, the majority uses it to bar LLM scrapers from disrupting their services.

    In conversation about 11 days ago from fedi.tyil.nl permalink
  20. Embed this notice
    tyil (tyil@fedi.tyil.nl)'s status on Thursday, 22-May-2025 00:31:54 JST tyil tyil
    in reply to
    • 翠星石
    • VnPower

    @Suiseiseki@freesoftwareextremist.com @vnpower@mstdn.maud.io Only proprietary browsers use thoseObjectively false. Ungoogled chromium for instance uses it, and that is a free as in freedom browser.Another effective mitigation is to run a tor middleI am running a Tor relay already. It is not effective in the least.just make sure your cgit is also reachable via IPv6It already is.

    In conversation about 11 days ago from fedi.tyil.nl permalink
  • Before

User actions

    tyil

    tyil

    Free Software Enthusiast. Running a blog on https://www.tyil.nl/.

    Tags
    • (None)

    Following 0

      Followers 0

        Groups 0

          Statistics

          User ID
          8176
          Member since
          1 Sep 2022
          Notices
          572
          Daily average
          1

          Feeds

          • Atom
          • Help
          • About
          • FAQ
          • TOS
          • Privacy
          • Source
          • Version
          • Contact

          GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

          Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.