Today, we’re excited to announce AI Labyrinth, a new mitigation approach that uses AI-generated content to slow down, confuse, and waste the resources of AI Crawlers and other bots that don’t respect “no crawl” directives. When you opt in, Cloudflare will automatically deploy an AI-generated set of linked pages when we detect inappropriate bot activity, without the need for customers to create any custom rules.
And it's "free"! (visibility in to all of that traffic is more than sufficient payment for them 🤑)
Here are some perhaps-contradictory highlights from their blog post (emphasis mine), which I'm pretty sure was itself written with LLM assistance:
No real human would go four links deep into a maze of AI-generated nonsense.
When these links are followed, we know with high confidence that it's automated crawler activity, as human visitors and legitimate browsers would never see or click them. This provides us with a powerful identification mechanism, generating valuable data that feeds into our machine learning models. By analyzing which crawlers are following these hidden pathways, we can identify new bot patterns and signatures that might otherwise go undetected.
But as bots have evolved, they now proactively look for honeypot techniques like hidden links, making this approach less effective.
AI Labyrinth won’t simply add invisible links, but will eventually create whole networks of linked URLs that are much more realistic, and not trivial for automated programs to spot. The content on the pages is obviously content no human would spend time-consuming, but AI bots are programmed to crawl rather deeply to harvest as much data as possible. When bots hit these URLs, we can be confident they aren’t actual humans, and this information is recorded and automatically fed to our machine learning models to help improve our bot identification. This creates a beneficial feedback loop where each scraping attempt helps protect all Cloudflare customers.
This is only the first iteration of using generative AI to thwart bots for us. Currently, while the content we generate is convincingly human, it won’t conform to the existing structure of every website. In the future, we’ll continue to work to make these links harder to spot and make them fit seamlessly into the existing structure of the website they’re embedded in. You can help us by opting in now.
Nope, it is.
This is correct; it is a permissive license.
No, that is what copyleft (aims to) prevent.
The no True Scotsman fallacy requires a lack of authority about what what constitutes "true" - but in the case of Free/Libre software, we have one: https://en.wikipedia.org/wiki/The_Free_Software_Definition
If you look at this license list (maintained by the Free Software Foundation's Licensing and Compliance Lab) you'll see that they classify many non-copyleft licenses as "permissive free software licenses".
Under the Berne Convention of 1886, everything is copyrighted by default, so "no license at all" means that nobody has permission to redistribute it :)
The differences between permissive free software licenses and CC0 or a simple declaration that something is "dedicated to the public domain" are subtle and it's easy to see them as irrelevant, but the choice of license does have consequences.
The FSF recommends that people who want to use a permissive license choose Apache 2.0 "for substantial programs" because of its clause which "prevents patent treachery", while noting that that clause makes it incompatible with GPLv2. For "simple programs" when the author wants a permissive license, FSF recommends the Expat license (aka the MIT license).
It is noteworthy that the latter is compatible with GPLv2; MIT-licensed programs can be included in a GPLv2-only work (like the Linux kernel) while Apache 2.0-licensed programs cannot. (GPLv3 is more accommodating and allows patent-related additional restrictions to be applied, so it is compatible with Apache 2.0.)