this post was submitted on 13 Jan 2026
330 points (98.0% liked)

Technology

78705 readers
6241 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
330
A Project to Poison LLM Crawlers (rnsaffn.com)
submitted 3 days ago by Disillusionist@piefed.world to c/technology@lemmy.world
106 comments fedilink hide all child comments
 

Website operators are being asked to feed LLM crawlers poisoned data by a project called Poison Fountain.

The project page links to URLs which provide a practically endless stream of poisoned training data. They have determined that this approach is very effective at ultimately sabotaging the quality and accuracy of AI which has been trained on it.

Small quantities of poisoned training data can significantly damage a language model.

The page also gives suggestions on how to put the provided resources to use.

you are viewing a single comment's thread
view the rest of the comments
[–] vane@lemmy.world 16 points 1 day ago (2 children)

I have around 10-20GB github / gitlab mirror. I am constantly under attack from crawlers from top US technology corporations and LLM startups. Whenever I ban one IP range they switch to other - I don't know if those fuckers have tickets in their systems to do it manually or they just deploy this shit all over the planet. From what I observe during attacks that I mitigate the best way to poison them is to just create gitea instance with poisoned code repository and couple hundred revisions. It's because what they are most interested in is html representation of diff between two git revisions.

[–] E_coli42@lemmy.world 7 points 1 day ago

Why isn't there anything in the DMCA for stopping crawlers? They have stuff about requiring crawlers to follow attribution and whatnot, but nothing for not allowing crawlers in the first place. Stupid as shit.

[–] douglasg14b@lemmy.world 3 points 1 day ago* (last edited 1 day ago) (1 children)

I can get a 50Gb/s residential link where I am, and have a whole rack of servers.

Sounds like a good opportunity to crowd fund thousands and thousands of common scrapeable instances that have random poisoning.

[–] vane@lemmy.world 1 points 17 hours ago (1 children)

To be honest bandwidth isn't a problem because it's text files. The problem is to optimize network stack for multiple connections because they're hitting from whole subnets without any delay so literally ddos and cache those html files because at some point CPU becomes bottleneck.

[–] douglasg14b@lemmy.world 1 points 10 hours ago* (last edited 10 hours ago) (1 children)

This is assuming aggressively cached, yes.

Also "Just text files" is what every website is sans media. And you can still, EASILY get 10+ MB pages this way between HTML, CSS, JS, and JSON. Which are all text files.

A gitea repo page for example is 400-500KB transferred (1.5-2.5MB decompressed) of almost all text.

A file page is heavier, coming in around 800-1000KB (Additional JS and CSS)

If you have a repo with 150 files, and the scraper isn't caching assets (many don't) then you just served up 135MB of HTMl/CSS/JS alongside the actual repository assets.

[–] vane@lemmy.world 1 points 7 hours ago

I don't know from theory or counting but I know that my 8 cores depleted sooner than my bandwidth and I have like 60 Mb/s uplink. My linux network stack parameters are pretty aggressive. The way I figured out that something is not right was when I heard loud fan noise from my server inside room. I logged in and all cores were red and logs were showing corporate fuckers trying to burn my house.