Discord is rightfully _terrified_ of a news story like "top Discord bot in tons of servers hacked, every message it saw in the last 3 years has been leaked via bittorrent. there are about 300 Million unique users' messages in it". It only makes sense to start clamping down on what info bots can receive while still allowing them to achieve interactivity via slash commands and whatnot.
Yes, I've always thought it was only a matter before this eventually happened. I completely understand why they would want to scramble to prevent that.
The point made by the discord.py creator elsewhere is true: this is more likely to happen with invisible self-bots than bot-bots. But it would be far more catastrophic if it happened with an actual bot, since lots of small, private servers and channels make use of those. It's the difference between leaking things most everyone involved kind of already knew they were broadcasting publicly vs. potentially leaking enormous amounts of data that everyone involved assumed would be private because they didn't consider the scenario of a popular bot secretly spying on them.
This is one of those counterfactual scenarios where everyone would be furious at Discord if this happened and they didn't take steps to prevent it. And frankly, it seems quite possible it already has happened but the bot owner has just been using the data for some nefarious intelligence or profit purpose and has no intentions of burning their trick by leaking anything.
> potentially leaking enormous amounts of data that everyone involved assumed would be private because they didn't consider the scenario of a popular bot secretly spying on them.
People tend to be quite nonchalant about bots in private channels, in my experience. It tends to be taken for granted that they're not hoovering up all the messages. I'd go so far as to say we need a data catastrophe like the one you described to wake everyone up. A music bot does not need read permissions in your private staff room! I took over administration of a server which did so and quickly clamped down on the permission of bots.
For bots masquerading as users, there aren't many options. I suppose you could in a very close-knit friend group, but if you're running anything at scale this is next to impossible. From what I understand, a lot of the bots join and never do anything.
Some administrators set their server up to create a temporary holding room for new members and ask them to add a reaction to a message, or do a CAPTCHA, but that still falls apart if someone does all that manually then uses their account as a bot. If you're interested, there are plenty of readymade bots (heh) that do all this verification stuff, and they are quite popular.
You could also prune inactive members, but again the user account could just say something every now and again, plus any real users who find they have been kicked out for not participating might not be particularly pleased (or might just forget about your server altogether).
My point in the above message mainly focused on bot accounts. It's best to operate at the principle of least privilege. You don't need a music bot to see your staff channels, for example. Keeping with that example, some administrators take the time to limit music bots to a specific music channel. For that, I applaud them. There are simple ways to limit the data bots can get, which mostly rely on common sense on account of the server administrator(s).
It makes me feel a lot more comfortable that bots are only allowed to run with administrator approval. I don't want to accidentally ban someone good for shyness because crackers exist who abuse the service with headless blink.
In general, for official bots yes - Administrators are the only ones with permissions to add bots to servers, but the permission prompt is usually one that asks for full Administrator permissions and they often don't bother to go back in and remove access to certain channels for eg. music bots.
Another problem is User bots - ie. clients that look like a regular user but are still doing bot stuff or simply ingesting all messages they see, which is easy since Discord's client implementation between bots and users are almost exactly the same. They could have used some wasm/javascript virtual machine thing that would make it hard to figure out what the Discord client is doing and would make it harder to sign in to Discord via a user bot, but then we'd probably have another set of HN users complain about Discord hiding stuff from users or something.
Discord deserves a binary lambda calculus virtual machine, to protect our telecommunications. https://justine.lol/lambda/ This will serve the interests of app developers too, since anyone who manages to figure out a way to game it will probably be able to get a PhD from Berkeley afterwards.
Yes, something similar to this actually happened with a giant directory of users. They still could have gone about the rollout much better by adding features that the community requested to slash commands before forcing everyone onto them.
