SShortSingh.
Back to feed

Websites blocking AI crawlers largely overlook answer-engine bots

0
·1 views

A new analysis of robots.txt configurations reveals that many websites actively block AI training crawlers but fail to restrict answer-time bots that retrieve content in real time. This inconsistency suggests site owners may not fully understand the distinction between crawlers that harvest data for model training versus those that fetch content to answer user queries directly. The oversight could mean that even sites trying to protect their content are still being accessed and used by AI-powered answer engines. The findings highlight a growing gap in awareness around the different types of automated web access as AI tools proliferate.

Read the full story at Hacker News

This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)

Log in to join the discussion and vote.

Log in

Related stories

0
ProgrammingDEV Community ·

Developer builds free, browser-based background remover that never uploads your photos

A developer named Jeffrey Hamilton has created Cutout, a free AI-powered background removal tool that runs entirely within the user's browser. Unlike services such as Remove.bg, Cutout does not upload images to any server, making it more suitable for personal or sensitive photos. The tool is powered by the @imgly/background-removal library, which uses WebAssembly to run an AI model locally on the user's device. The AI model is approximately 40MB and is downloaded once, after which it is cached by the browser for faster subsequent use. Cutout requires no account registration and carries no subscription fee, and its source code is publicly available on GitHub.

0
ProgrammingDEV Community ·

Why AI Agents Should Never Hold Long-Lived API Keys

AI agents increasingly perform high-stakes tasks like moving money and updating records via APIs, but giving them long-lived API keys creates serious security risks. Unlike human users, agents act rapidly without supervision, can be manipulated through prompt injection, and often chain calls across multiple tools, amplifying the potential damage of a compromised credential. Security experts recommend replacing standing keys with short-lived, narrowly scoped credentials that specify the target API, permitted operations, affected resources, expiry time, and rate limits. A credential broker can sit between agents and secrets, resolving access at call time so the agent never directly handles sensitive keys, while also maintaining a full audit trail. This approach ensures that even if a credential leaks, it expires quickly and grants only minimal access, enforcing least-privilege security by default.

0
ProgrammingDEV Community ·

Agentic AI Gets a Protocol Stack in 2026: MCP, A2A, and Beyond

By mid-2026, the fragmented world of AI agents is converging around a layered set of open standards designed to replace costly custom integrations. Protocols such as MCP, A2A, and WebMCP address distinct needs — tool access, agent-to-agent communication, web interaction, semantics, payments, and human interfaces. The core problem these standards solve is the so-called N×M integration challenge, where every agent-to-tool pairing previously required bespoke glue code that scaled poorly. Drawing parallels to foundational computing standards like TCP, HTTP, and SQL, observers note that neutral, layered protocols historically outlast proprietary alternatives. Data platforms are emerging as the primary consumers of these agent standards, as most enterprise AI agents ultimately need to query and act on structured data.

0
ProgrammingDEV Community ·

Germany's § 202c StGB: What Developers and Founders Must Know to Stay Legal

Germany's § 202c StGB, known as the 'Hacker-Paragraph,' criminalizes not just unauthorized system access but the mere preparation for data espionage, including possessing or distributing certain tools with criminal intent. Developers and founders in the DACH region face legal risk if they use scripts, credential lists, or penetration-testing tools without proper documentation, even when testing their own systems. The law does provide a 'White Hat' exception permitting security testing if the system owner gives explicit, documented consent. Founders hiring penetration testers must formalize authorization in writing, specifying exact IP ranges, approved tools, and testing timeframes. Without such paperwork, even using widely accepted tools like Nmap or Burp Suite could expose developers and contractors to criminal liability.

Websites blocking AI crawlers largely overlook answer-engine bots · ShortSingh