|
|
|
|
|
|
by echelon
39 days ago
|
|
|
TLS fingerprinting and Cloudflare are easy to bypass. There are lots of libraries that do so. The application-layer stuff is harder. Each application can develop its own heuristics, and that's difficult to automate in a cross-cutting fashion. Reddit doesn't do anything about that? That seems stupid. |
|
|
Easy for you does not mean easy for everyone. My experience is that TLS fingerprinting paired with blocking specific user agents gets a variety of majority of bot traffic.
It's the same a basic online security: You can protect against script kiddies with basic hygiene. If the threat analysis is Mossad, then yeah, you're fucked.