Jump to content

Artificial intelligence: Difference between revisions

From Consumer_Action_Taskforce
← Older edit
VisualWikitext
Kirb (talk | contribs)
42 edits
Case studies: Add SourceHut
Kirb (talk | contribs)
42 edits
 
(One intermediate revision by the same user not shown)
Line 62: Line 62:
</blockquote>
</blockquote>


====MediaWiki====
====MediaWiki, Wikipedia, and the Wikimedia Foundation====
[[wikipedia:MediaWiki|MediaWiki]] is of particular interest to LLM training due to the vast amount of factual, plain-text content wikis tend to hold. While [[wikipedia:Wikipedia|Wikipedia]] and the [[wikipedia:Wikimedia Foundation|Wikimedia Foundation]] host the most well-known wikis, numerous smaller wikis exist thanks to the work of many independent editors. The strength of wiki architecture is its ability for every edit to be audited by anyone, at any time - you can still view [https://en.wikipedia.org/w/index.php?oldid=1 the first edit to Wikipedia] from 2002. This makes wikis a hybrid of a static website and a dynamic web app, which becomes problematic when poorly-designed bots attempt to scrape them.<ref name="geraspora" />
[[wikipedia:MediaWiki|MediaWiki]] is of particular interest to LLM training due to the vast amount of factual, plain-text content wikis tend to hold. While [[wikipedia:Wikipedia|Wikipedia]] and the [[wikipedia:Wikimedia Foundation|Wikimedia Foundation]] host the most well-known wikis, numerous smaller wikis exist thanks to the work of many independent editors. The strength of wiki architecture is its ability for every edit to be audited by anyone, at any time - you can still view [https://en.wikipedia.org/w/index.php?oldid=1 the first edit to Wikipedia] from 2002. This makes wikis a hybrid of a static website and a dynamic web app, which becomes problematic when poorly-designed bots attempt to scrape them.<ref name="geraspora" />


<!-- COI alert: I, [[User:kirb]], am an admin for The Apple Wiki. Hopefully this is neutral enough?
<!-- COI alert: I, [[User:kirb]], am an admin for The Apple Wiki. Hopefully this is neutral enough?
-->The Apple Wiki, which documents internal details of Apple's hardware and software, holds more than 50,000 articles. On 2 August 2024, with a repeat occurrence on 5 January 2025, the service was disrupted by scraping efforts.<ref>https://theapplewiki.com/wiki/The_Apple_Wiki:Community_portal#Bot_traffic_abuse</ref> The wiki contains a considerable amount of information that is scraped by legitimate security research tools, making it difficult for the website to block non-legitimate requests. Efforts to block unethical scraping and protect the wiki have disrupted these legitimate tools. The large article count, combined with more than 280,000 total edits over the wiki's lifetime, create an untenable situation where it is simply not possible to scrape the website without causing significant service disruption.
-->The Apple Wiki, which documents internal details of Apple's hardware and software, holds more than 50,000 articles. On 2 August 2024, with a repeat occurrence on 5 January 2025, the service was disrupted by scraping efforts.<ref>https://theapplewiki.com/wiki/The_Apple_Wiki:Community_portal#Bot_traffic_abuse</ref> The wiki contains a considerable amount of information that is scraped by legitimate security research tools, making it difficult for the website to block non-legitimate requests. Efforts to block unethical scraping and protect the wiki have disrupted these legitimate tools. The large article count, combined with more than 280,000 total edits over the wiki's lifetime, create an untenable situation where it is simply not possible to scrape the website without causing significant service disruption.
On 1 April 2025, the Wikimedia Foundation indicated that its infrastructure has been under increasing pressure from content scraping bots since January 2024, with the particularly critical metric that "65% of our most expensive traffic comes from bots", despite estimating 35% of all traffic as coming from bots. The bots create traffic patterns that are significantly unlike human traffic patterns, effectively bypassing Wikimedia's caching infrastructure and placing significant load on the core servers. A blog post provides an example where bot traffic caused the [[wikipedia:Wikimedia Commons|Wikimedia Commons]] service to become unstable during a human traffic spike. The Foundation is considering introduction of a Responsible Use of Infrastructure policy to ensure the continued stability of their services.<ref>https://diff.wikimedia.org/2025/04/01/how-crawlers-impact-the-operations-of-the-wikimedia-projects/</ref>


====Perplexity AI and news outlets====
====Perplexity AI and news outlets====
Line 79: Line 81:
</blockquote>
</blockquote>


====SourceHut====
====Read the Docs====
On 17 March 2025, the Git source code host SourceHut announced that the service was being disrupted by large language model crawlers. Mitigations deployed to reduce disruption involved requiring login for some areas of the service, and blocking IP ranges of cloud providers, affecting legitimate use of the website by its users.<ref>https://status.sr.ht/issues/2025-03-17-git.sr.ht-llms/</ref>
In an early example, on 25 July 2024, open source documentation website Read the Docs detailed cases of abusive bots downloading large amounts of content from the service. Particularly, the significant range of IP addresses used in an aggressive manner rendered existing rate limiting ineffective. Taking action to block traffic identified by Cloudflare as "AI crawlers" reduced bandwidth requirements by 75%, at a cost saving of $1,500 USD/month.<ref>https://about.readthedocs.com/blog/2024/07/ai-crawlers-abuse/</ref>
 
====SourceHut and Fedora Linux====
On 15 March 2025, an infrastructure manager for the [[wikipedia:Fedora Linux|Fedora Linux]] open source project discussed an assumed large language model crawling attack against the Prague.io Git source code hosting service. The project made the decision to block the entire country of Brazil for some time, while also blocking access to certain repositories whose traffic was creating significant CPU usage.<ref>https://www.scrye.com/blogs/nirik/posts/2025/03/15/mid-march-infra-bits-2025/</ref><ref>https://www.scrye.com/blogs/nirik/posts/2025/03/29/late-march-infra-bits-2025/</ref>
 
On 17 March 2025, the Git source code host SourceHut announced that the service was being disrupted by large language model crawlers. Mitigations deployed to reduce disruption involved requiring login for some areas of the service, and blocking IP ranges of cloud providers, affecting legitimate use of the website by its users.<ref>https://status.sr.ht/issues/2025-03-17-git.sr.ht-llms/</ref> In response to the event, SourceHut founder Drew DeVault wrote a blog post entitled "[https://drewdevault.com/2025/03/17/2025-03-17-Stop-externalizing-your-costs-on-me.html Please stop externalizing your costs directly into my face]", discussing his frustrations with having ongoing and ever-adapting attacks that must be addressed in a timely fashion to reduce disruption to legitimate SourceHut users. DeVault estimates that between "20-100%" of his time is now spent addressing such attacks.


==Privacy concerns of online AI models==
==Privacy concerns of online AI models==

Latest revision as of 10:54, 2 April 2025

Artificial intelligence (AI) is a field of computer science producing software that aims to ultimately replace all manual labor. AI is not a new concept - it has been of interest as early as the 1950s. Since the November 2022 launch of ChatGPT, large language model (LLM) chatbots have been a main focus of the industry, with billions of dollars in funding allocated to producing more "intelligent" LLMs. Also a significant focus are text-to-image models, which "draw" an image using written instructions, and text-to-video models, which extend the text-to-image concept across several smooth video frames.

Generative artificial intelligence models are trained through vast amounts of existing human-generated content. Using the example of an LLM, by learning about common trends in sentence structure, the model is able to form complete sentences and show artificial "knowledge" of a topic. The artificial nature may cause hallucination through confidently-written, but mostly or entirely incorrect, output.

The current well-funded, lucrative industry of artificial intelligence tools has resulted in rampant unethical use of content. Startups intending to produce AI services have been scraping the internet for content to train future models at a concerning pace, with no regard for copyright law, as members of the field are concerned that they are approaching the limit of publicly-available content to train from.[1]

Unethical website scraping[edit | edit source]

While "mainstream" companies such as OpenAI, Anthropic, and Meta appear to correctly follow industry-standard practice for web crawlers, others ignore them, causing distributed denial of service attacks which damage access to freely-accessible websites. This is particularly an issue for websites that are large or contain many dynamic links.

Ethical website scrapers, known as "spiders" that crawl the web, follow a certain set of minimum guidelines. Specifically, they follow robots.txt, a text file found at the root of a domain that indicates:

  • Paths bots are allowed to index
  • Paths bots should not index
  • How long the bot should wait in between requests to the server, to reduce load
  • The sitemap of the website's content

These rules are typically configured for all bots, with minor adjustments made to individual bots as needed. Additionally, specific web pages may use the robots meta tag to control use of their output.

While it is good practice for a bot to respect robots.txt, there is no requirement for it, and there is no punishment for not following a website's wishes. It is additionally standard practice, but in no way enforced, that bots use a User-Agent header to uniquely identify itself. This allows a website operator to observe a bot's traffic patterns, potentially blocking the bot outright if its scraping is not desirable. The header also typically contains a URL or email address that can be used to contact the operator in case of anomalies observed in its traffic.

Unethical AI scraper bots do not follow robots.txt - in fact, they may not even request this file at all. They typically completely ignore it, instead opting to start from an entry point such as the root home page (/), working its way through an exponentially growing list of links as it finds them, with little to no delay between requests. The bots use false User-Agent header strings that would correspond to real web browsers on desktop or mobile operating systems - blocking them would also block legitimate users, or at least legitimate users on VPNs.

Some AI services opt to use separate User-Agent strings, potentially also ignoring robots.txt, when a request is made through user command rather than as part of model training. For example, ChatGPT identifies itself as ChatGPT-User rather than its standard OpenAI when it uses the "search the web" command - even if searching the web was an automatic decision. In a less favorable example, Perplexity AI in this same situation falsely identifies as a standard Chrome web browser running on Windows. AI companies defend this under the belief that they are not a "spider", but rather a "user agent" (like a web browser), when called upon by a user's request.[2]

Less legitimate bots use a wide distribution of IP addresses, further reducing options for the website to protect itself. This is in a clear attempt to bypass IP-based request throttling and rate limiting the website may implement. They are also known to ignore HTTP response status codes that indicate a server error (5xx), or warnings that the client needs to slow down (429 Too Many Requests) or has been entirely blocked (403 Forbidden).

Effect on users[edit | edit source]

To protect against unethical crawlers, due to concerns of both intellectual property and service disruption, websites adopt practices that affect the experience of real users:

  • Bot check walls: The user may be required to pass a security check "wall". While usually automatic for the user, this can affect legitimate bots. When a website protection service such as Cloudflare is not confident as to whether the visitor is legitimate, it may present a CAPTCHA to be manually filled out. An example is "Google Sorry", a CAPTCHA wall frequently seen when using Google Search via a VPN.
  • Login walls: Should bots be found to pass CAPTCHA walls, the website may advance to requiring logging in to view content. A major recent example of this is YouTube's "Sign in to confirm you're not a bot" messages.
  • JavaScript requirement: Most websites do not need JavaScript to deliver their content. However, as many scrapers expect content to be found directly in the HTML, it is often an easy workaround to use JavaScript to "insert" the content after the page has loaded. This may reduce the responsiveness of the website, increasing points of failure, and preventing security-conscious users who disable JavaScript from viewing the website.
  • IP address blocking: Blocking IP addresses, especially by blocking entire providers via their autonomous system number, always comes with some risk of blocking legitimate users. Particularly, this may restrict access to users making use of a VPN.
  • Heuristic blocking: Patterns in request headers may give away that the request is being made by an unethical bot, despite attempts to act as a legitimate visitor. Heuristics are imperfect and may block legitimate users, especially those that may use less common browsers.

In rare situations, a website operator may redirect detected bot traffic, such as to download speed test files hosted by ISPs containing multiple gigabytes of random garbage data. This may have the effect of disrupting the bot, but its effectiveness is unknown.

The need to respond to unethical scraping also further consolidates the web into the control of a few large web application firewall (WAF) services, most notably Cloudflare, as website owners find themselves otherwise unable to protect their service from being disrupted by such traffic.

Case studies[edit | edit source]

Diaspora[edit | edit source]

On 27 December 2024, the open-source social network project Diaspora noted that 70% of traffic across its infrastructure was in service of AI scrapers.[3] Particularly, the project noted that bots had followed links to crawl every individual edit in their MediaWiki instance, causing an exponential increase in the number of unique requests being made.

LVFS[edit | edit source]

The Linux Vendor Firmware Service (LVFS) provides a free central store of firmware updates, such as for UEFI motherboards and SSD controllers. This feature is integrated with many Linux distributions through the fwupd daemon. For situations where internet access is not permitted, the service allows users to make a local mirror of the entire 100+ GB store.

On 9 January 2025, the project announced that it would introduce a login wall around its mirror feature, citing unnecessary use of its bandwidth.[4] Up to 1,000 files may be downloaded per day without logging in. The author later mentioned on Mastodon that the problem appears to be caused by AI scraping.[5]

LWN.net[edit | edit source]

On 21 January 2025, Jonathan Corbet, maintainer of the Linux news website LWN.net, made the following post to social.kernel.org:

Should you be wondering why @LWN #LWN is occasionally sluggish... since the new year, the DDOS onslaughts from AI-scraper bots has picked up considerably. Only a small fraction of our traffic is serving actual human readers at this point. At times, some bot decides to hit us from hundreds of IP addresses at once, clogging the works. They don't identify themselves as bots, and robots.txt is the only thing they *don't* read off the site.

This is beyond unsustainable. We are going to have to put time into deploying some sort of active defenses just to keep the site online. I think I'd even rather be writing about accounting systems than dealing with this cr*p. And it's not just us, of course; this behavior is going to wreck the net even more than it's already wrecked.

He later commented:[6]

We do indeed see a kind of pattern. Every IP stays below the threshold for our fuses, but the overload is overwhelming. Any form of active defense will probably have to figure out to block entire subnets instead of individual addresses, and even that might not be enough.

MediaWiki, Wikipedia, and the Wikimedia Foundation[edit | edit source]

MediaWiki is of particular interest to LLM training due to the vast amount of factual, plain-text content wikis tend to hold. While Wikipedia and the Wikimedia Foundation host the most well-known wikis, numerous smaller wikis exist thanks to the work of many independent editors. The strength of wiki architecture is its ability for every edit to be audited by anyone, at any time - you can still view the first edit to Wikipedia from 2002. This makes wikis a hybrid of a static website and a dynamic web app, which becomes problematic when poorly-designed bots attempt to scrape them.[3]

The Apple Wiki, which documents internal details of Apple's hardware and software, holds more than 50,000 articles. On 2 August 2024, with a repeat occurrence on 5 January 2025, the service was disrupted by scraping efforts.[7] The wiki contains a considerable amount of information that is scraped by legitimate security research tools, making it difficult for the website to block non-legitimate requests. Efforts to block unethical scraping and protect the wiki have disrupted these legitimate tools. The large article count, combined with more than 280,000 total edits over the wiki's lifetime, create an untenable situation where it is simply not possible to scrape the website without causing significant service disruption.

On 1 April 2025, the Wikimedia Foundation indicated that its infrastructure has been under increasing pressure from content scraping bots since January 2024, with the particularly critical metric that "65% of our most expensive traffic comes from bots", despite estimating 35% of all traffic as coming from bots. The bots create traffic patterns that are significantly unlike human traffic patterns, effectively bypassing Wikimedia's caching infrastructure and placing significant load on the core servers. A blog post provides an example where bot traffic caused the Wikimedia Commons service to become unstable during a human traffic spike. The Foundation is considering introduction of a Responsible Use of Infrastructure policy to ensure the continued stability of their services.[8]

Perplexity AI and news outlets[edit | edit source]

Perplexity AI, founded in August 2022, is a large language model that aims to be viewed as a general search engine. It encourages users to consume news through its summaries of stories.

On 15 June 2024, an investigation by Apple blog MacStories found that Perplexity does not follow its own documented policies when accessing content the user requests from the web. In their testing, the scraper pretended to be Chrome 111 running on Windows 10, connecting from an IP address not found in Perplexity's publicly-listed IP address ranges.[9] MacStories' findings were confirmed by a WIRED investigation.[10] Perplexity responded by removing its list of IP addresses.

On 27 June 2024, Amazon announced an investigation into Perplexity AI, suggesting the behavior may be considered abusive under Amazon Web Services terms of service:[2]

"AWS's terms of service prohibit abusive and illegal activities and our customers are responsible for complying with those terms," [AWS spokesperson Patrick] Neighorn said in a statement. "We routinely receive reports of alleged abuse from a variety of sources and engage our customers to understand those reports."

Read the Docs[edit | edit source]

In an early example, on 25 July 2024, open source documentation website Read the Docs detailed cases of abusive bots downloading large amounts of content from the service. Particularly, the significant range of IP addresses used in an aggressive manner rendered existing rate limiting ineffective. Taking action to block traffic identified by Cloudflare as "AI crawlers" reduced bandwidth requirements by 75%, at a cost saving of $1,500 USD/month.[11]

SourceHut and Fedora Linux[edit | edit source]

On 15 March 2025, an infrastructure manager for the Fedora Linux open source project discussed an assumed large language model crawling attack against the Prague.io Git source code hosting service. The project made the decision to block the entire country of Brazil for some time, while also blocking access to certain repositories whose traffic was creating significant CPU usage.[12][13]

On 17 March 2025, the Git source code host SourceHut announced that the service was being disrupted by large language model crawlers. Mitigations deployed to reduce disruption involved requiring login for some areas of the service, and blocking IP ranges of cloud providers, affecting legitimate use of the website by its users.[14] In response to the event, SourceHut founder Drew DeVault wrote a blog post entitled "Please stop externalizing your costs directly into my face", discussing his frustrations with having ongoing and ever-adapting attacks that must be addressed in a timely fashion to reduce disruption to legitimate SourceHut users. DeVault estimates that between "20-100%" of his time is now spent addressing such attacks.

Privacy concerns of online AI models[edit | edit source]

There are several concerns with using online AI models like ChatGPT (OpenAI), not only because they are proprietary, but also because there is no guarantee to where your data ends up being stored or used for. Recent developments in local AI models are an alternative to these online AI models, as they work offline once they are downloaded from platforms like HuggingFace.[15] Common models to run are like Llama (Meta), DeepSeek (DeepSeek), Phi (Microsoft), Mistral (Mistral AI), Gemma (Google).

References[edit | edit source]

  1. https://observer.com/2024/12/openai-cofounder-ilya-sutskever-ai-data-peak/
  2. 2.0 2.1 https://www.wired.com/story/aws-perplexity-bot-scraping-investigation/
  3. 3.0 3.1 https://pod.geraspora.de/posts/17342163
  4. https://lore.kernel.org/lvfs-announce/zDlhotSvKqnMDfkCKaE_u4-8uvWsgkuj18ifLBwrLN9vWWrIJjrYQ-QfhpY3xuwIXuZgzOVajW99ymoWmijTdngeFRVjM0BxhPZquUzbDfM=@hughsie.com/T/
  5. https://mastodon.social/@hughsie/113871373001227969
  6. https://www.heise.de/en/news/AI-bots-paralyze-Linux-news-site-and-others-10252162.html
  7. https://theapplewiki.com/wiki/The_Apple_Wiki:Community_portal#Bot_traffic_abuse
  8. https://diff.wikimedia.org/2025/04/01/how-crawlers-impact-the-operations-of-the-wikimedia-projects/
  9. https://rknight.me/blog/perplexity-ai-is-lying-about-its-user-agent/
  10. https://www.wired.com/story/perplexity-is-a-bullshit-machine/
  11. https://about.readthedocs.com/blog/2024/07/ai-crawlers-abuse/
  12. https://www.scrye.com/blogs/nirik/posts/2025/03/15/mid-march-infra-bits-2025/
  13. https://www.scrye.com/blogs/nirik/posts/2025/03/29/late-march-infra-bits-2025/
  14. https://status.sr.ht/issues/2025-03-17-git.sr.ht-llms/
  15. https://huggingface.co/
Retrieved from "https://consumerrights.wiki/index.php?title=Artificial_intelligence&oldid=12429"