New website for the new venture stylobot stylobot.net/ A new type of bot detector. Mine is SUPER quick - sub millisecond Multi-Path - behavioural signature. Rolling window approach - decisons made during between ^ across requests safely, quickly. ZERO PII - NO PII at all (IP, user agent) saved to disk EVER Early days but the prototype github.com/scottgal/mostlylu… is functional. #botdetection #heuristic #business

Less than a week until my first commercial product, StyloBot launches. A behaviour based bot detection and blocking system. All the technical stuff is done now I just have to work out how to do the horrible 'social' stuff I need to sell it. For me complex behavioural inference with Mahalanobis distance based centroid bot type inference is EASY. Working out how to let people know it exists at all is the hard part! stylobot.net/ #BotDetection #BotProtection #CyberSecurity #WebSecurity #AIScraping #dotnetcore #yarp

StyloBot time again my FREE, Open Source anti-bot and fraud system! This coming week is finalising the dashbiard and getting then first commercial packs ready. LAUNCHES JUNE 1ST - MY FIRST SELF PUBLISHED COMMERCIAL PRODUCT! You can follow along development; the site is hosted on a laptop through cloudflare tunnel until then but kinda sorta working already. x-plat executable, YARP reverse proxy, Sidecar, ASP.NET Middleware, TypeScript, Caddy integration...THE LOT 😎 stylobot.net Current dashboard is below (still working on spacing), self hosted...can run in microseconds and protect against any automation. #StyloBot #OpenSource #BotDetection #FraudPrevention #AspNetCore #DotNet #SelfHosted #BuildInPublic #ProductLaunch

A wee bit boring but part of the StyloBot release docs; asnwering the question 'how do you test a probablistic system designed to block automation' StyloBot Release Series: Testing the Thing That Won't Sit Still mostlylucid.net/blog/stylobo… #testing #stylobot #probablistic-testing

StyloBot free day as I ran myself ragged trying to get it going in my free time (very little of which I HAD finishing up 2x contracts!). Biggest win is dropping the ONNX dependency. Earlier versions used ONNX embeddings as a shortcut: turn a client signature into a vector and compare it. It worked, but it was never quite the right abstraction. Embeddings are built for language. StyloBot’s inputs are behavioural structures. The new version defines that behavioural vector space directly. Requests, sessions, browsers, bots, scrapers, and odd clients are placed into a real StyloBot-native space. The system ships with archetype centroids, then adapts those centroids to the actual traffic it sees. So instead of asking a model what a client 'means', StyloBot learns what your traffic looks like. StyloBot is REALLY a conceptually unfolded ML model so it sort of trains itself on real traffic around centroids and updates as it goes. It's ODD. Now out in Release Candidate github.com/scottgal/stylobot… Plan is still for full release June 1st but the FOSS client MAY reach RTM quality before that (lots of manual testing!) #BotDetection #CyberSecurity #DotNet #SQLiteVec #VectorSearch #BehaviouralInference #AIInfrastructure #OpenSource

More tuning the of performance path in StyloBot at the moment. mostlylucid.net/blog/stylobo… (It's the free, open source bot detection engine I'm building) This part is about making repeat traffic cheaper to process without turning the cache into a permanent source of wrong answers. That means boring but important mechanisms: EWMA updates hysteresis thresholds verdict caching variance watchdogs bounded memory refresh sampling I'm not an ML guy, but a lot of this maps neatly onto ML and control theory ideas once you start writing it down. The useful pattern is simple enough: learn from traffic, make the common path faster, keep enough uncertainty in the system that it can recover when the world changes. The next post in the StyloBot release series is a deep dive into that mechanism. Very much one for the nerds. In .NET so...kinda niche...ML / AI ... mostlylucid.net/blog/stylobo… #dotnet #opensource #aspnetcore #performance #systemsdesign

Part 3 of the StyloBot Release Series is up. mostlylucid.net/blog/stylobo… This one is less about bots and more about the reality of long-running .NET based systems: everything that learns from traffic eventually accumulates. Came from one of my periodic reliability reviews where StyloBot’s vector layer had drifted to 13GB on the .NET Large Object Heap due to the wrong abstraction (in-process HNSW behaving like an unbounded cache). The interesting part wasn’t the fix. It was recognising that the architecture itself was wrong for the runtime pattern. Covers: how I periodically review long-running services using dotnet-counters, dotMemory and dotTrace to find growth why “just add a cap” is often the wrong answer replacing unbounded ANN structures with bounded hot caches compacted persistence taking the vector layer from 13GB LOH to <6MB The broader point applies to any system that “remembers”: bot detection, fraud scoring, recommendations, anomaly detection, RAG pipelines, adaptive systems. Fix the shape, not the symptom. #dotnet #aspnetcore #performance #architecture #ai #rag #observability

Do me a favour please and don't just like this please share it. I get little to no traction on here.

As my freelancing career (hopefully) draws to a close I'm super proud that I NEVER charged a single penny more than I worked. Freelancing is a HARD, uncertain life..particularly at my level where most of the time I'm SOLO trying to fix some team's screw up... But I valued the flexibility. Especially when I started I wasn't great about consistency so that really meant I could keep working as I sorted out my depression. Also meant when things for really bad I could exit a contract far easier than a Full Time job. The fact is the fustration in recent years and the ability to build my own stuff solo (by designing the system shape that lets me use code llms to do it safely) has meant I need to transition to building my own products. NOBODY wants a system using behavioural inference; it's too conceptually massive a leap. But *I* do...and I can use it for commercial leverage (realtime, adaptive, constrained intelligent systems). So that's what I need to do...if I fail fair enough...but I need to TRY.

Now I'm transitioning my career from building stuff for customers to building stuff to SELL to customers I need to start presenting again! So...umm...how dows one do that? Any ideas / pointers. Oh and my first commercial product StyloBot launches in June (free version works now tho! mostlylucid.net/blog/stylobo…) I think I'd present on Behavioural Inference, mostlylucid.net/blog/behavio… a unique code llm friendly way of building adaptive applications with unique capabilities.

What? He’s been charged with THREE counts of attempted murder. The third alleged victim is Ishmail Hussein. What is the editorial justification for not even stating that it’s three counts of attempted murder!

New article about StyloBot - my FREE realtime adaptive automation blocker and detector. mostlylucid.net/blog/stylobo… Trying to put together a *human* level descriptor as I prepare to make it my full time gig (amongst other self-released projects). #botdetection #fraud #stylobot

New blog post mostlylucid.net/blog/unemplo… The Road Ahead Where I slightly panic about the fact I have to flip my career around at 53 from working on other people's products to selling my own.

Ok, FOSS StyloBot is RTM with 6.0.6 Free, Open Source adaptive, realtime bot protection system that runs on your hardware (Linux, Mac, Windows x64 & ARM - even a Pi 4) , never sends your customer data ANYWHERE and can optionally use TINY local LLMs to add a yet more layers of intelligence. This is the version that will be the basis for the full-flavoured interactive dashboard system. it's a complete (the full Enterprise offering uses the same engine) StyloBot adaptive, realtime inference bot protection system. I can *and have* gone on at length about all the clever stuff it does but here's the headline: *Put this in front of any website, set it to 'block' mode and it will INSTANTLY start protecting you against all malicious bot traffic* It learns to get quicker and more effective, it applies novel techniques to profile your web traffic in detail to detect *even novel* automations. When the commercial version launches in the next couple of weeks I'll have a couple of months early access. (After that flat $100/month per tld, $1000/mo unlimited for the full active management / live reporting dashboard, distributed topologies etc.) github.com/scottgal/stylobot… Readme for the NUMEROUS ways you can install / run it. github.com/scottgal/stylobot… I'm obviously hyped about it but it's really like nothing else in the market. CHEQ, Imperva, WAFs are all....kinda sorta like this but they're BRITTLE. No updates, no usage charges, no long fragile blocklists etc...It dynamically profiles web traffic to identify bot behaviours and profiles in the traffic itself. #CyberSecurity #BotDetection #FraudPrevention #WebSecurity #OpenSource #SelfHosted #SecurityEngineering #DotNetCore #ASPNETCORE

Asked the new ChatGPT Images to give me an image of the new StyloBot vector search system and it's honedtly amazing for these sorts of docs! Oh yeah and StyloBot visualises evolving behavioural signatures using HNSW 'vector indexes' along with standard relational filters to find and characterise client behaviours to make click fraud & bots just go away 😎 RTM coming soon. FOSS version here; commerical version adds well 'commercial' features around endpoints, users, live changes based on policy etc... FOSS version is in 3 forms; ASP.NET Middleware, YARP Executable & YARP Proxy github.com/scottgal/stylobot OH and on macs (currently, more later just do brew install cloudflared (for the tunnel) brew install scottgal/stylobot/stylobot stylobot <port> <upstream_url> --tunnel <cloiudflareid> Then wait...give it a few minutes and this *totally anonymous tunnel* will start to see automated scans! #clickfraud #bot #dotnet #aot #aspnet #stylobot

Andrew Harnik has been awarded the White House Correspondents’ Association award for excellence in presidential news coverage by visual journalists for the following photo:

Finally got proper Mac support for lucidVIEW my .NET AoT Markdown Viewer. Little 60Mb app which is: Fully .NET native makrdown document rendering through Avalonia on Mac, Windows and Linux (no WebView so doesn't slurp 300Mb of your RAM ). Optimized for quick browsing super fast startup, async Mermaid diagram rendering Fully native .NET Mermaid diagram rendering ...etc, also has a few extensions through mostlylucid.naid my fork of naiad the C# Mermaid renderer Cross platform PDF output / printing of Markdown docs etc... All the niceties, really just the markdown downcument reader *I* wanted so it's fast, low footprint and just works... As usual Free & Open Source github.com/scottgal/lucidvie… #markdown #dotnet #aot #mermaid

Just a reminder: in 1982, when Great Britain was attacked by Argentina, starting the Falklands War, the United States did not come to their aid because the Falklands are not in the North Atlantic and the British did not bitch about it. In 1956, when the French and British attacked Egypt, causing the Suez Crisis, despite the fact that France and Great Britain are in NATO, the United States not only refused to assist, but went to the United Nations to condemn them for attacking Egypt. In 2019, when Turkey decided to attack Syria, the Trump administration had the Pentagon send out an official notice that they did not support the campaign and would not send troops. So kindly shut the fuck up, everyone in the White House.