The bot buying and selling network reminds me of the time KeyBase tried doing a giveaway of their crypto coin.
You needed a GitHub account and a KeyBase account. So people created as many accounts as their bot networks were capable of, and tried to get the crypto.
Thankfully KeyBase changed the requirements to include "account must be X weeks old".
Edited to add: I'm not sure if there's a way to prevent bots these days. Feels to me that we're lucky (more?) economic systems haven't been bled dry by bot networks.
I miss the promise of KeyBase. It felt like a real digital identity, but for whatever reasons it wasn't good enough to succeed.
the only thing I remember about keybase was when they did this crypto ‘air drop’ thing, and then a while later (months? years?) I realised I had this coin in my account and I sold it for like 70 Euros on some sketchy crypto marketplace.
Can’t complain to be honest, no other startup so far has just handed me 70 Euros without asking to at least harvest my eye data..
It’s just that bots haven’t been good enough yet. With the new LLM tech they can pretty much pass every hurdle you’ll throw at them. Even if you require people to show up in person, they’ll do that but then run a bot the rest of the time in their account.
I am sure that LLMs and bots will be able to fool many people on HN and run “rings” around dang’s ring detection software, in about 5 years. It’s a gameable metric, after all.
They were already able to do it on 4chan in 2020 with just GPT3! And the most impactful thing is users started accusing each other of being bots! It literally enshittified the whole forum overnight:
And to be more exact, GPT-4chan is based on GPT-J (same architecture as GPT-3 whose weights were never released) which only had 6B params and that was back in 2021-2022.
There's a straightforward but costly way, tie it to something that costs money, over the long term. E.g. Utility bills, bank account statements, etc..., for x number of years.
And manually confirm with the companies at random.
To me KeyBase always felt like grifters trying to co-opt grassroots identity stuff. IIRC they were sort-of-but-not-really OpenPGP at the start, pushing people heavily towards a not-your-keys not-your-crypto setup, and then at some point they completely removed the ability to actually control your signing keys yourself.
You needed a GitHub account and a KeyBase account. So people created as many accounts as their bot networks were capable of, and tried to get the crypto.
Thankfully KeyBase changed the requirements to include "account must be X weeks old".
Edited to add: I'm not sure if there's a way to prevent bots these days. Feels to me that we're lucky (more?) economic systems haven't been bled dry by bot networks.
I miss the promise of KeyBase. It felt like a real digital identity, but for whatever reasons it wasn't good enough to succeed.