this post was submitted on 21 Mar 2025
158 points (98.2% liked)

Selfhosted

44757 readers
2339 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
158
Anubis - Weighs the soul of incoming HTTP requests using proof-of-work to stop AI crawlers (github.com)
submitted 22 hours ago* (last edited 21 hours ago) by [email protected] to c/[email protected]
52 comments fedilink hide all child comments
 

I just started using this myself, seems pretty great so far!

Clearly doesn't stop all AI crawlers, but a significantly large chunk of them.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 25 points 20 hours ago* (last edited 20 hours ago) (1 children)

Yes, Anubis uses proof of work, like some cryptocurrencies do as well, to slow down/mitigate mass scale crawling by making them do expensive computation.

https://lemmy.world/post/27101209 has a great article attached to it about this.

--

Edit: Just to be clear, this doesn't mine any cryptos, just uses same idea for slowing down the requests.

[–] [email protected] -5 points 13 hours ago (2 children)

And, yet, the same people here lauding this for intentionally burning energy will turn around and spew vitriol at cryptocurrencies which are reviled for doing exactly the same thing.

Proof of work contributes to global warming. The only functional, IRL, difference between this and crypto mining is that this doesn't generate digital currency.

There are a very few POW systems that do good, like BOINC, which is a POW system that awards points for work done; the work is science, protein analysis, SETI searches, that sort of thing. The work itself is valuable and needs doing; they found a way to make the POW constructive. But just causing a visitor to use more electricity to "stick it" to crawlers is not ethically better than crypto mining.

Just be aware of the hypocrisy.

[–] [email protected] 11 points 13 hours ago* (last edited 13 hours ago) (1 children)

the functional difference is that this does it once. you could just as well accuse git of being a major contributor to global warming.

hash algorithms are useful. running billions of them to make monopoly money is not.

[–] [email protected] 2 points 13 hours ago (1 children)

Which party of git performs proof-of-work? Specifically, intentionally inefficient algorithms whose output is thrown away?

[–] [email protected] 2 points 6 hours ago* (last edited 6 hours ago) (1 children)

the hashing part? it's the same algo as here.

[–] [email protected] 2 points 5 hours ago (2 children)

That's not proof of work, though.

git is performing hashes to generate identifiers for versions of files so it can tell when they changed. It's like moving rocks to build a house.

Proof of work is moving rocks from one pile to another and back again, for the only purpose of taking up your time all day.

[–] [email protected] 2 points 4 hours ago

Proof of work is just that, proof that it did work. What work it's doing isn't defined by that definition. Git doesn't ask for proof, but it does do work. Presumably the proof part isn't the thing you have an issue with. I agree it sucks that this isn't being used to do something constructive, but as long as it's kept to a minimum in user time scales, it shouldn't be a big deal.

Crypto currencies are an issue because they do the work continuously, 24/7. This is a one-time operation per view (I assume per view and not once ever), which with human input times isn't going to be much. AI garbage does consume massive amounts of power though, so damaging those is beneficial.

[–] [email protected] 2 points 5 hours ago* (last edited 5 hours ago)

okay, git using the same algorithm may have been a bad example. let's go with video games then. the energy usage for the fraction of a second it takes for the anubis challenge-response dance to complete, even on phones, is literally nothing compared to playing minecraft for a minute.

if you're mining, you do billions of cycles of sha256 calculations a second for hours every day. anubis does maybe 1000, once, if you're unlucky. the method of "verification" is the wrong thing to be upset at, especially since it can be changed

[–] [email protected] 5 points 13 hours ago (1 children)

This is a stopgap while we try to find a new way to stop the DDOS happening right now. It might even be adapted to do useful work, if need be.

[–] [email protected] 2 points 13 hours ago (1 children)

Hook into BOINC, or something? That's an idea.

Sucks for people who have scripts disabled, or are using browsers without JS support, though.

[–] [email protected] 3 points 13 hours ago

It does, and I'm sure everyone will welcome a solution that lets them open things back up for those users without the abusers crippling them. It's a matter of finding one.