How the Free Software Foundation battles the LLM bots
9 months ago
- #Cybersecurity
- #LLM
- #FreeSoftware
- The Free Software Foundation (FSF) has been under attack since August 2024, with ongoing issues from aggressive LLM web crawlers.
- FSF's small tech team, consisting of two full-time employees and volunteers, maintains over 70 websites and services without using cloud services.
- Attacks include DDoS attempts, botnets, and crawlers ignoring robots.txt, with some attacks likely aimed at building LLM training datasets.
- Defense strategies include IP blocking, behavior-based blocking tools, and abuse reports to ISPs, though some mitigations are kept private to avoid aiding attackers.
- Other FOSS sites like Fedora, KDE, GNOME, and Linux Weekly News face similar issues, with some attacks causing frequent outages.
- FSF emphasizes running fully free software stacks, including BIOS, and avoids nonfree dependencies.
- Despite challenges, FSF has successfully mitigated many attacks, keeping key sites like gnu.org operational with normal response times.
- Volunteers and associate members are encouraged to support FSF's mission and sysadmin efforts.