This dance to get access is just a minor annoyance for me, but I question how it proves I’m not a bot. These steps can be trivially and cheaply automated.

I don’t think the author understands the point of Anubis. The point isn’t to block bots completely from your site, bots can still get in. The point is to put up a problem at the door to the site. This problem, as the author states, is relatively trivial for the average device to solve, it’s meant to be solved by a phone or any consumer device.

The actual protection mechanism is scale, the scale of this solving solution is costly. Bot farms aren’t one single host or machine, they’re thousands, tens of thousands of VMs running in clusters constantly trying to scrape sites. So to them, a calculating something that trivial is simple once, very very costly at scale. Say calculating the hash once takes about 5 seconds. Easy for a phone. Let’s say that’s 1000 scrapes of your site, that’s now 5000 seconds to scrape, roughly an hour and a half. Now we’re talking about real dollars and cents lost. Scraping does have a cost, and having worked at a company that does professionally scrape content they know this. Most companies will back off after trying to load a page that takes too long, or is too intensive - and that is why we see the dropoff in bot attacks. It’s that it’s not worth it for them to scrape the site anymore.

So for Anubis they’re “judging your value” by saying “Are you willing to put your money where your mouth is to access this site?” For consumer it’s a fraction of a fraction of a penny in electricity spent for that one page load, barely noticeable. For large bot farms it’s real dollars wasted on my little lemmy instance/blog, and thankfully they’ve stopped caring.

Check out Anubis. If you have a reverse proxy it is very easy to add, and for the bots stopped spamming after I added it to mine

Oh, oh no no no it wasn’t

The reason he wants it is he doesn’t want secrets to setup auth

Yes I’d like auth without the auth please

This looks great! Thank you for the recommendation!

above my paygrade that last question. As for the first, we did automatically pull it out of the email, but it was sent to us manually

Rules I’ve learned from software engineering for almost 2 decades.

• Never roll your own ORM
• Never roll your own Auth

No matter what you think, someone else did it better. Trying to do either of those outside of a hobby environment is pure hubris. “But I can do it better” - no you fucking can’t. I have wasted much much more time debugging shitty “home grown” ORM solutions that clearly some dev just was bored and did than I have spent figuring out the quirks of whatever one I’m using. Same goes for auth. Just learn it.

I worked for a mid-sized government entity where we handled PII data. Underneath us were local municipalities who were in charge of sending us that PII so that it could be registered at our level. For PII think licenses, IDs, sensitive stuff for sure.

Most of the municipalities were easy to work with, they did an SFTP drop or used a VPN or something.

A couple though were rural. Very rural, and didn’t have IT departments. They had Martha who works the counter from 1-4pm. Those places were… horrid. We had a special email where they would email us whatever formats they had. Unencrypted, completely open, we couldn’t do anything about it because it was their data and their rules, it was our job to simply accept what they had. We could of course make serious suggestions, point out how horrid this was, but at the end of the day it was their decision. So we had a job to log into an email account every day, check for an email from Martha’s hotmail account, and parse the excel file she used to read out private IDs and license numbers which she manually typed into it.

This was 20 years ago now so dear god I hope their laws improved.

Interesting, had no idea!

Yeah out of all the meh Star wars and they go to rogue one? To me there’s only the originals, andor, and rogue one

I’ll twist your question a bit. When I get asked “is there such thing as ghosts” I used to say no absolutely not, no evidence. However, as I’ve grown I’ve changed my answer to “I don’t know”. I think conventional ghosts as people see them could be anything, we have used superstition to explain the unknown before. How can we possibly know that there are or not, with other dimensions, space time, and general weirdness we just don’t understand. To be blunt we understand so little that who knows.

I apply the same to aliens. Very well could be here, and very well could know how to hide themselves. There’s zero evidence of it so we shouldn’t adopt policy assuming that or anything, that would be insane, but with vast amounts of unknowable, well how can I say no?

My mind went to this one

Mass Effect 1? Trash, not enough weapons

Man 4 people really don’t want to consider any alternatives

Some would say weapons aren’t the only thing that makes a game good

Trying to regulate it is close to the alt right christians doing the same thing. My mom left me a book about how touching myself would lead to drugs and hell eventually.

She is very nice from what I hear

Best we continue to change nothing because what’s the point! Here’s my credit card fill 'er up please and thanks!

We love to blame the big corporations and governments for where we are, but both are products of our society and people. George Carlin said it best, selfish ignorant people vote for selfish ignorant leaders. All of this is a product of a society who allows it. Big tech and corporations exist because we as a society give them money. Social media algorithms and ads and everything exist because they work. We sit here and preach linux, and preach getting off of it, but we are the minority. The majority don’t care and happily go along with whatever is given to them, and they vote and purchase just like it.

Climate change is a big one for me. I see people every day saying we need to hold companies accountable - and we do, but goddamn if we all stopped using oil every day, natural gas for cooking, choosing to bike or take a train over driving or flying you know what? Those companies would be forced to change because they wouldn’t be making money off of us. If even just 40% of Americans stopped using Oil the “big oil” companies would be looking at bankruptcy or minimum desperately trying to modernize to stay on top. We can’t shift all of the blame on them, we continue to purchase their products because it’s easier. Everything in the end is a consumer good, and if we voted/purchased differently as a society then things would change. The fact is is that people either don’t care, or worse don’t want to change.

Once there people will view moving as a hassle, but I understand what you’re thinking. Mastodon I think did it better with “suggesting” an instance to you, and Lemmy has gotten better about it. For friends and family I think the best way is basically telling them which server to use. Go here, sign up