Technology

60062 readers

4379 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 2 years ago

MODERATORS

[email protected]

216

Bluesky finds with growth comes growing pains — and bots (apnews.com)

submitted 1 day ago by [email protected] to c/[email protected]

44 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 5 hours ago* (last edited 5 hours ago)

So... Having no public API means people just develop libraries to interact with your private API.

Furthermore, beautiful soup can work on any page... It's just a matter of how easily.

CSRF doesn't do what I think you think it does. It only works with a cooperating client (i.e. it's to protect a user in their own web browser). If it's a bot you'd just scrape the token and move on.

Fluctuations in user actions can also be simulated (you can have a bot architecture that delays work to be done to be similar to what a normal user might do/say/post) ... and rate limiting can be overcome by just using more accounts, stolen IP addresses, etc

You can do a lot, but it's always going to be a bit of a war. Things you're suggesting definitely help (a lot of them echo strategies used by RuneScape to prevent/reduce bots), but ... I think saying it's an architecture problem is a bit disingenuous; some of those suggestions also hurt users.