←back to thread

Anonymous credentials: rate-limit bots and agents without compromising privacy

(blog.cloudflare.com)
101 points eleye | 2 comments | 02 Nov 25 00:45 UTC | HN request time: 0s | source
Show context
notorious_pgb ◴[02 Nov 25 13:40 UTC] No.45790271[source]
This blog post is offensive to me on three levels:

1. It is clearly not written with a desire to actually convey information in a concise, helpful way.

2. It is riddled with advertisements for Cloudflare services which bear absolutely no relevance to the topic at hand

3. The actual point of the article (anonymous rate limiting tokens) is pointlessly obscured by an irrelevant use case (AI agents for some reason)

Of course, the second two points seem to be heavily related to the first.

This is barely any better -- in terms of respect for the reader's intelligence and savviness -- than those "Apple just gave ten million users a reason to THROW AWAY THEIR IPHONES" trash articles. Just slop meant to get you to click on links to Cloudflare services and vaguely associate Cloudflare with the "Agentic AI future", with no actual intention whatsoever of creating a quality article.

replies(1): >>45790504 #
Thorrez ◴[02 Nov 25 14:15 UTC] No.45790504[source]
Cloudflare already does rate limiting. They explain in the article why their existing rate limiting solutions (IP, fingerprinting) don't work well with AI. That explains why they need a new solution.
replies(1): >>45790838 #
1. notorious_pgb ◴[02 Nov 25 15:08 UTC] No.45790838[source]
Well, not really. They've explained why their existing solutions don't work well for proxies / gateways, which cloud-based AI agents are an example of.
replies(1): >>45797445 #
2. Thorrez ◴[03 Nov 25 09:58 UTC] No.45797445[source]
With normal proxies / gateways, the users have different browsers, so those can be fingerprinted. With the type of AIs under discussion in the post, the AIs all use the same exact browser version and environment, so fingerprinting cannot distinguish them.