The Web Is Broken – Botnet Part 2

Posted by todsacerdoti 4/19/2025

The Web Is Broken – Botnet Part 2(jan.wildeboer.net)

411 points | 274 commentspage 4

matheusmoreira 4/19/2025|

"Peer-to-business network"! Amazing. uBlock Origin gets rid of this, right?

_ink_ 4/20/2025||

How can I detect such behaviour on my devices / in my home network?

theteapot 4/19/2025||

Are ad blockers like AdBlock, uBlock effective against these?

areyourllySorry 4/20/2025|

i don't believe extensions can modify other extensions

proxy_err 4/19/2025||

Its a fair point but very dynamic to sort out. This needs a full research team to figure out. Or you know.. all of us combined!! It is definitely a problem.

TINFOIL: Sometimes I always wondered if Azure or AWS used bots to push site traffic hits to generate money... they know you are hosted with them.. They have your info.. Send out bots to drive micro accumulation. Slow boil..

luckylion 4/19/2025|

I think that's mostly that they don't care about having malicious bots on their networks as long as they pay.

GCE is rare in my experience. Most bots I see are on AWS. The DDOS-adjacent hyper aggressive bots that try random URLs and scan for exploits tend to be on Azure or use VPNs.

AWS is bad when you report malicious traffic. Azure has been completely unresponsive and didn't react, even for C&C servers.

badmonster 4/19/2025||

do you think there’s a realistic path forward for better transparency or detection—maybe at the OS level or through network-level anomaly detection?

y42 4/20/2025||

Let me get this straight: we want computers knowing everything, to solve current and future problems, but we don't want to give them access to our knowledge?

jeroenhd 4/20/2025||

I don't want computers to know everything. Most knowledge on the internet is false and entirely useless.

The companies selling us computers that supposedly know everything should pay for their database, or they should give away the knowledge they gained for free. Right now, the scraping and copying is free and the knowledge is behind a subscription to access a proprietary model that forms the basis of their business.

Humanity doesn't benefit, the snake oil salesmen do.

y42 4/21/2025||

That’s factually incorrect. You can use most of these products for free. I use ChatGPT, Perplexity, ClaudeAI, and Gemini every day without paying, and even just these free services have already improved various processes in my life.

I do agree with you on the point that we need to find better ways to compensate the people creating content—especially considering that parts of this "AI service," as we might call it, are subscription-based.

But in the long run, I’m quite sure that if everyone shared this opinion, it wouldn't move us forward technologically.

Also, a couple of other points:

    Google and others have been scraping the internet for years, and no one complained then.

    You're not paying the AI company for the knowledge itself—you're paying for the technology behind it, for the ability to access and use it effectively.

lelanthran 4/20/2025|||

> Let me get this straight: we want computers knowing everything, to solve current and future problems, but we don't want to give them access to our knowledge?

Who said that?

There's basically two extremes:

1. We want access to all of human knowledge, now and forever, in order to monetise it and make more money for us, and us alone.

and

2. We don't want our freely available knowledge sold back to us, with no credits to the original authors.

y42 4/21/2025||

1. What exactly is wrong with the first part of that point? I agree that the second part is inaccurate—right now, the money mostly flows in one direction. But as I mentioned earlier, we can use many of these tools for free.

2. You’re not paying just to have your own knowledge echoed back at you. You’re paying so that someone (or something) can read what you provide and, ideally, return improved knowledge or fresh insights. As I said above, you’re paying for the technology and its capabilities—not the knowledge itself. That’s how I see it.

lelanthran 4/22/2025||

I'm merely pointing out that there's two separate groups of people.

You appear to be under the impression that there is only one hypocritical group.

drawfloat 4/20/2025|||

Most people don’t want computers to know everything - ask the average person if they want more or less of their lives recorded and stored.

y42 4/21/2025||

> Most people don’t want computers to know everything.

That may well be true. But how many of those people are specifically against AI companies scraping the web? That’s not really an argument—it’s an assumption based on personal perception.

> Ask the average person if they want more or less of their lives recorded and stored.

What exactly is the "average person"? Also, I’ll admit my earlier claim was a bit exaggerated. But let’s be clear: this isn’t about recording personal data—it’s about collecting and structuring knowledge.

And beyond that: companies have been scraping the web for years. They still are. And they’re gathering far more personal data for online marketing, tracking, profiling—whatever the reason—and the so-called "average person" hasn’t raised much of a finger. People remain glued to platforms, willingly sharing their personal lives. And what do they get in return? Doomscrolling and five-second video clips.

3np 4/20/2025|||

I don't want your computer to know everything about me, in fact.

y42 4/21/2025||

That’s not what I said. Let me rephrase it: Do you want computers to help us solve medical or scientific problems in order to improve human life?

chairmansteve 4/20/2025||

Not sure we do.

jt2190 4/19/2025||

I’m really struggling to understand how this is different than malware we’ve had forever. Can someone explain what’s novel about this?

desertmonad 4/19/2025||

That its not being treated like malware.

jt2190 4/19/2025||

In the sense that people are voluntarily installing and running this malware on their computers, rather than being tricked into running it? Is that the only difference?

int_19h 4/19/2025||

They are still tricked into running it, since it's normally not an advertised "feature" of any app that uses such SDKs.

downrightmike 4/19/2025||

I think it is funny that the mobile OS is trying to be as secure as possible, but then they allow this to run on top

jgalt212 4/20/2025||

I blame the VCs. They don't stop, and implicitly encourage, website-crushing scrapers among their funded ventures.

It's not a crime if we do it with an app

https://pluralistic.net/2025/01/25/potatotrac/#carbo-loading

jonplackett 4/19/2025|

How is this not just illegal? Surely there’s something in GDPR that makes this not allowed.

Retr0id 4/19/2025|

iiuc, they do actually ask the user for permission

fc417fc802 4/19/2025|||

Which is ironic considering that I strongly disagree with one of the primary walled garden justifications, used particularly in the case of Apple, which amounts to "the end user is too stupid to decide on his own". Unfortunately, even if I disagree with it as a guiding principle sometimes that statement proves true.

klabb3 4/20/2025||

It’s not about stupidity, but practicality. People can’t give informed consent for 100 ToS for different companies, and keep those up to date. That’s why there are laws.

SoftTalker 4/20/2025|||

No doubt in a dense wall of text that the user must accept to use the application, or worse is deemed to have accepted by using the application at all.

More comments...