Reverse-engineering Apple's and Fastly's LLM-built anti-bot systems (blog.peet.ws)

A recent investigation revealed how Apple and Fastly approached the development of their anti-bot systems, both of which leverage large language models (LLMs) for implementation. While Apple's anti-bot solution is relatively rudimentary, with easily hackable client-side scripts and lingering debugging logs, Fastly’s system, though slightly more robust, has seen no updates in eight months, making it vulnerable to reverse-engineering. The author reverse-engineered both systems, developing open-source solvers that highlight their fundamental weaknesses, notably the simplistic proof-of-work challenges each employs. This examination is significant for the AI/ML community as it underscores the challenges larger companies face when opting to build in-house solutions instead of adopting established services from seasoned providers like Akamai or Cloudflare. Both companies' systems illustrate the potential costs of underestimating the complexities of anti-bot measures. Furthermore, as reverse-engineered solvers become publicly available, they raise concerns about security effectiveness and operational longevity, emphasizing the need for ongoing vigilance and evolution in anti-bot approaches, particularly as the capabilities of LLMs continue to expand.