More attacks by dump AI-bots
Makarius
makarius at sketis.net
Wed Nov 26 21:00:43 CET 2025
On 26/11/2025 20:14, Makarius wrote:
>
> The answer is rather plain and simple:
>
> In other words: there is no longer a website to browse (nor to attack), only
> the "wireprotocol" of the hg client via HTTP.
I should cite one of my sources for this approach:
https://www.fsf.org/bulletin/2025/spring/defending-savannah-from-ddos-attacks
"""
To all of the companies crawling the Internet: there is a better way! Do not
scan code repositories over the web: clone them using version control tools
such as git, cvs, svn, Mercurial, or bzr. Follow the rules set forth in the
robots.txt files.
"""
Such a friendly suggestion is not going to work, though. Instead, the policy
needs to be enforced, by not offering an open webspace in the first place.
The rules in robots.txt used to be the foundation of the Free Internet. It was
a nice time, but it is over now.
Instead we can eventually provide proper repository management and browsing as
part of the regular Prover IDE. Professional development works better on the
good old desktop, not on a web interface.
Makarius
More information about the isabelle-dev
mailing list