@corbet book a meeting. Burn an hour of his time. Burn as much as you can stand. Only then explain to him the various dimension with which he is wanting life.
@corbet Imagine getting such a mail about a business helping us to bypass Disney's copyright walls or similar.
That'd be a very short lived company.
The whole GenAI scrapers need to be regulated and sued out of business 😐
@corbet ah protection racket. "We sell the DDOS service to AI companies. but for a tiny sum we'll exclude you"
@corbet let them call you, over the phone so they get billed, but connect them to an AI chatbot to get them busy (and billed) for as long as possible
@corbet you should ask him for a list of IPs “before you buy”!
and then accidentally share it publicly :^)
@domi @corbet It's probably still Hola users: https://en.wikipedia.org/wiki/Hola_(VPN)
@corbet I'm surprised that you passed on that. In your shoes I'd have had some choice words for them. And it might have made for a good article... shining more light on their practices and putting some names out there might just have a tiny impact on their behavior. Maybe.
@corbet what if he wanted to leak something, or explain how guilty he feels for working for such company and ask how to proceed with life?
@jzb @corbet As far as I can tell, in their business "ethical sourcing" means that when they pay an app developer to include their scraping SDK, they require that the app's privacy policy include a disclosure that it does scraping along with whatever else it does https://brightdata.com/trustcenter/sourcing
@jzb @corbet This company does raise some "huge if true" legal arguments though--are web site ToSs really not enforceable? https://blog.ericgoldman.org/archives/2024/05/x-corp-v-bright-data-is-the-decision-weve-been-waiting-for-guest-blog-post.htm
@corbet "ensuring uninterrupted access to the most protected web sites": if they had any ethics, perhaps they would offer to pay hosting costs for the affected web sites ?
@corbet Maybe LWN should introduce an AI Scraper Bot subscription level you can point ethics people to. 🤔
@corbet @monsieuricon "ethically sourced" aka "they pay for a 'VPN', and the 'contract' states that we use their IPs for the endpoints".... what people do to circumvent geoIP blocks to access a different geo/part of a service they pay for but that does not offer a thing in their geo thus they have to "VPN" around it and help "companies" like this.... sigh....
@fenruspdx @corbet lovely website you have there, it'd be a shame if something happened to it...
@corbet @jzb We're not going to stop Bright Data from doing this, but we should be making some noise to some of their highlighted customers. @mozillaofficial is listed right there. As is the United Nations and the University of Oxford. Does supporting a company that's DDOS'ing open source projects fit with the mission of those organisations?
@corbet One possibility is that this company places ads on various web sites, with the ads using javascript to make HTTP requests to the websites they are targeting. The people whose computers are using those IP addresses would then not have any idea that this was happening. They may depend on using browsers without the latest security features.
@bzdev @corbet Bright Data runs a "free" VPN service where you offer your own desktop as an exit node for other users and then you can use their network as your exit node, that's the trade and many people willingly make that deal, their other business is selling access to the VPN network for AI scraper bots. So it works like a botnet / Tor but with the willing participation of the nodes, so it is more ethical than a botnet, they aren't wrong.
@corbet Love the millisecond bit about consideration. Perhaps it should've been in the usec range though. We need to optimize those cycles, it was wasted time. But by all means, F these people.
@corbet good call - Bright Data is one of the largest residential proxy services which gets (at least part of) its operational service base by literally having users everywhere provide it for free: Bright VPN