Nick Sullivan
As companies developing large language models (LLMs) race to gather fresh data from the open web, their crawling operations grow increasingly aggressive. While the Robots Exclusion Standard (robots.txt) was meant to provide guidelines for responsible crawling, many entities either ignore it or interpret it loosely in pursuit of large-scale data. This talk explores a novel way to push back by actively serving different or misleading content to identified crawlers.
We will introduce Venom, an experimental toolkit that combines advanced fingerprinting and inline proxy techniques to dynamically alter served content based on the specific crawler detected. Venom evaluates multiple signals—request headers, behavior patterns, and known crawler infrastructure—before deciding how to respond. The talk will cover the practical challenges of implementing this defense, the legal and ethical dilemmas involved, and how well it works against both text-based and image-based crawling strategies.
Drawing on case studies covering text and image scraping, this presentation includes a validation study demonstrating how LLMs trained on intentionally "poisoned" content experience degraded performance, ultimately making large-scale crawling a net negative for data harvesters. Rather than relying on traditional blocking (which remains neutral to a crawler's value proposition) or CAPTCHA/puzzle approaches, this adversarial strategy focuses on reshaping the cost-benefit equation so that unscrupulous collection efforts yield poor results.
Nick Sullivan is an independent technologist who leverages his expertise and experience in cryptography and network protocols to ensure that the privacy and security of the Internet and the Web are maintained thoroughly.
Nick's experience has been built through his work for Apple Inc. and later as the Head of Research at Cloudflare, where he played a crucial role in enhancing the company's encryption and secure network protocols. He is continuing this work through leadership roles in internet standardization at the IETF and his private consulting practice. Nick is also a frequent speaker at global tech and security conferences, where his cultivated research skills and accumulated knowledge of the industry serve to ensure that the internet remains a safer, better place.
