Album

The best strategies are rarely single trick. Energy should be diversely sourced.

It does this by default.

Search engine scrapers index. But that’s a subset of scrapers.

There are data scrapers and content scrapers, and these are becoming more prolific as AI takes off and ppl need to feed it data.

This post is specifically about AI scrapers.

User agent catching is rather effective. You can serve different responses based on UA.

So generally people will use a robots.txt to catch the bots that play nice and then use useragents to manage abusers.

Try mull.

It’s Fennec plus arkenfox.

Yea, prolly already using it.

Layer 8!

Agreed, cheers

Gen Z to me. But I think a lot of gen z terms have a root in things millennials did online in gaming circles and online forums. So it’s not “new” but more colloquial in their vocab where in my gen it was niche talk

Oh yeah i forgot your use cases are the same as everyone else’s.

OP has the issues. ask them.

But disabling it creates a whole slew of issues, hence the post. Turns out there’s much better solutions.

Yes, exactly, that’s what I use.

Instead of trying to solve the problem of Fingerprinting by completely disabling and then finding ways of enabling/disabling, you can solve the problem by just spoofing the fingerprinting.

Helps to present the problem first, instead of the solution you think is best but can’t find an answer for. Usually the reason is that there is a better solution.

Test the implementation here: https://browserleaks.com/

Well I appreciate the downvote from ya but this is likely an x-y problem.

https://xyproblem.info/

Was going to suggest an extension to create false fingerprinting since I can’t think of any other reason.

Why do you disable it at all?

I thankfully have never had the misfortune of cgnat

Yeah dropping Nat is the biggest net benefit I agree but I think the avg person won’t really find that much value in it when Nat works ok

Your prefix can change yes but the recommendation is that it shouldn’t in practice. You’ll find ISPs doing it right will extend your PD lease infinitely unless you release it for a long enough period of time. Similar to ipv4.

The privacy is similar to ipv4 also. All your traffic on ipv4 looks like it’s coming from your WAN IP… Your PD is in this sense equivalent (though not literally equivalent for all the pedants reading) to your WAN IP.

It’s honestly super simple to set up. Outside of your ISP config it’s almost all autoconfig. 100% of the complication (at least for me) comes from knowing ipv4 first for 20 years and then trying to incorrectly map those concepts to V6.

As soon as I “let go” it was fine.

There’s not a huge net benefit you’re right. I mostly wanted to learn and I hope to be at the front edge of disabling ipv4 in the near distant future.

I agree with this but I would say the prefix is the only thing you should focus on.

It’s important that ISPs don’t regularly rotate your PD and it’s part of the rfc recommendations that they don’t. And the remainder of the prefix is your vlan space that is as important for VLAN routing as always.

Ipv6 requires fundamental rethinking about how addressing is done. If you’re trying to apply v4 concepts to V6 you likely end up running into something they intentionally designed out.

A unique local address is an address space where you could do that. It’s the equivalent to RFC1918 eg. 172/192/10. So you could statically assign fd0::x, and that is expected, but not required generally.

I wouldn’t give each device a static unique global address unless they need to be accessed via wan without domain consistently. You lose device privacy really quickly that way because every device gets a unique globally routable address. It’s fine for internet facing services but most Linux, Windows, and mobile implementations are using ipv6 privacy extensions by default to ensure you get a random GUA every day.

My network is dual stack and I connect mostly over ipv6 to all my internal clients using internal DNS. If my internal DNS is ever down I can fall back to ipv4 or it’s basically the one box on my network with an easy to remember ULA.