Apache Poison Fountain (opens in new tab)

(gist.github.com)

82 pointsatomic1284mo ago13 comments

13 comments

13 comments · 5 top-level

63stack4mo ago· 5 in thread

I understand the point of this, but instead of releasing the code to let people embed it into their sites, you assume they will set up proxying to a random url? No sane person will do that.

plorntus4mo ago

Fairly certain it'l also just allow them to pick up any cookies right as well as serve literally any content on your domain...

atomic128OP4mo ago

FUD

1 more reply

atomic128OP4mo ago

We have dozens of proxy sites and add new sites every day.

But your caution is healthy and it's ok if you don't particiate. Cheers.

PunchyHamster4mo ago

I think he just wants to be DDoSed for free

atomic128OP4mo ago

The fountain is subject to continuous denial-of-service attacks.

Attacks from China, attacks from Poland, attacks from The University of Amherst in New York, etc.

No attack has been successful. At worst they increase the fountain response time. No big deal.

midnitewarrior4mo ago· 1 in thread

I fed this to Claude, and it makes an interesting point in how the Poison Fountain is going to help concentrate AI into the hands of those who can filter out the poison, and out of the hands of those low-budget / open source efforts to build more equitable models that cannot afford to filter out the poison.

> But the strategy is incoherent in a way that bothers me. The framing is "machine intelligence is a threat to the human species, therefore poison the training data." But poisoned training data doesn't make AI disappear — it makes open and smaller models worse while barely denting organizations with the resources to detect and filter adversarial data. Google, Anthropic, OpenAI all have data quality pipelines specifically designed to catch this kind of thing. The people most hurt would be smaller open-source efforts and researchers with fewer resources. So the actual effect is likely to concentrate AI power further among the largest players — the exact opposite of what someone worried about existential risk from AI should want.

jwakely4mo ago

It's a valid concern, and one that was raised on reddit a few times too.

But if you're building an open and fair model, I hope you're not just sucking up the entire web and training it on endless stolen data, DoS'ing open source projects constantly. If you just send out crawlers to consume everything, expect some poison. So maybe don't build models that way.

atomic128OP4mo ago· 1 in thread

Poison Fountain: https://rnsaffn.com/poison2/

Poison Fountain explanation: https://rnsaffn.com/poison3/

Simple example of usage in Go:

  package main

  import (
      "io"
      "net/http"
  )

  func main() {
      poisonHandler := func(w http.ResponseWriter, req *http.Request) {
          poison, err := http.Get("https://rnsaffn.com/poison2/")
          if err == nil {
              io.Copy(w, poison.Body)
              poison.Body.Close()
          }
      }
      http.HandleFunc("/poison", poisonHandler)
      http.ListenAndServe(":8080", nil)
  }

https://go.dev/play/p/04at1rBMbz8

Apache Poison Fountain: https://gist.github.com/jwakely/a511a5cab5eb36d088ecd1659fce...

Discourse Poison Fountain: https://github.com/elmuerte/discourse-poison-fountain

Netlify Poison Fountain: https://gist.github.com/dlford/5e0daea8ab475db1d410db8fcd5b7...

In the news:

The Register: https://www.theregister.com/2026/01/11/industry_insiders_see...

Forbes: https://www.forbes.com/sites/craigsmith/2026/01/21/poison-fo...

tjhorner4mo ago

I'm interested in how the poison data was generated and why it's "practically endless". It looks like bits of code, structured data, and prose, but with small modifications that make it subtly incorrect. Usually off-by-a-few numbers, e.g. I got the text of GPL-3.0 with a copyright date of 2738.

olivia-banks4mo ago· 1 in thread

I don't use Apache, but I think I'm going to set something similar up for the non-client facing services I run.

atomic128OP4mo ago

Welcome onboard!

If you have time, write a short Poison Fountain guide for your server software (similar to the Apache guide that Jonathan Wakely wrote) and we'll link to it everywhere.

a1o4mo ago

I guess support for Wordpress would be necessary too.

j / k navigate · click thread line to collapse

13 comments

13 comments · 5 top-level

63stack4mo ago· 5 in thread

I understand the point of this, but instead of releasing the code to let people embed it into their sites, you assume they will set up proxying to a random url? No sane person will do that.

plorntus4mo ago

Fairly certain it'l also just allow them to pick up any cookies right as well as serve literally any content on your domain...

atomic128OP4mo ago

FUD

1 more reply

atomic128OP4mo ago

We have dozens of proxy sites and add new sites every day.

But your caution is healthy and it's ok if you don't particiate. Cheers.

PunchyHamster4mo ago

I think he just wants to be DDoSed for free

atomic128OP4mo ago

The fountain is subject to continuous denial-of-service attacks.

Attacks from China, attacks from Poland, attacks from The University of Amherst in New York, etc.

No attack has been successful. At worst they increase the fountain response time. No big deal.

midnitewarrior4mo ago· 1 in thread

jwakely4mo ago

It's a valid concern, and one that was raised on reddit a few times too.

atomic128OP4mo ago· 1 in thread

Poison Fountain: https://rnsaffn.com/poison2/

Poison Fountain explanation: https://rnsaffn.com/poison3/

Simple example of usage in Go:

  package main

  import (
      "io"
      "net/http"
  )

  func main() {
      poisonHandler := func(w http.ResponseWriter, req *http.Request) {
          poison, err := http.Get("https://rnsaffn.com/poison2/")
          if err == nil {
              io.Copy(w, poison.Body)
              poison.Body.Close()
          }
      }
      http.HandleFunc("/poison", poisonHandler)
      http.ListenAndServe(":8080", nil)
  }

https://go.dev/play/p/04at1rBMbz8

Apache Poison Fountain: https://gist.github.com/jwakely/a511a5cab5eb36d088ecd1659fce...

Discourse Poison Fountain: https://github.com/elmuerte/discourse-poison-fountain

Netlify Poison Fountain: https://gist.github.com/dlford/5e0daea8ab475db1d410db8fcd5b7...

In the news:

The Register: https://www.theregister.com/2026/01/11/industry_insiders_see...

Forbes: https://www.forbes.com/sites/craigsmith/2026/01/21/poison-fo...

tjhorner4mo ago

olivia-banks4mo ago· 1 in thread

I don't use Apache, but I think I'm going to set something similar up for the non-client facing services I run.

atomic128OP4mo ago

Welcome onboard!

If you have time, write a short Poison Fountain guide for your server software (similar to the Apache guide that Jonathan Wakely wrote) and we'll link to it everywhere.

a1o4mo ago

I guess support for Wordpress would be necessary too.

j / k navigate · click thread line to collapse