Slashdot Mirror
CloudFlare Puts Pirate Sites on New IP Addresses, Avoids Cogent Blockade (torrentfreak.com)
Earlier this month, several users worldwide reported that they were unable to access pirate websites including the Pirate Bay. It was because the internet backbone network of Cogent Communications had blackholed the CloudFlare IP-address of pirate websites. Less than a week later, CloudFlare is fighting back. From a report on TorrentFreak: The Pirate Bay and dozens of other pirate sites that were blocked by Cogent's Internet backbone are now accessible again. CloudFlare appears to have moved the sites in question to a new pair of IP-addresses, effectively bypassing Cogent's blackhole. [...] As of yesterday, the sites in question have been assigned the IP-addresses 104.31.16.3 and 104.31.17.3, still grouped together. Most, if not all of the sites, are blocked by court order in the UK so this is presumably done to prevent ISP overblocking of 'regular' CloudFlare subscribers.
LOL WHAT!?!
These paid bots are bad. This comment makes no sense in regards to this story.
But all Cogent has to do is resolve the names and update their block to reflect it, this could be automated
Twinstiq, game news
They need to identify UK government websites that are using cloudflare, and put them on the blackholed IP's.
Level3 should have nuked it when they were caught hot-potato routing in violation of peering agreements
Surely there are some MPAA/RIAA members who use Cloudfare.
Cloudfare should switch their sites to the previously blocked IP addresses.
We already have nations cutting off Internet during times of unrest, and applying massive filtering and spying efforts against communications to and from their populations regardless.
If you're going to apply national laws to an international system, that system is going to need to be chopped up into pieces that fit the political borders.
That really sucks if your nation is surrounded by nations who disagree on what should be passed through their borders, so ultimately there needs to be some kind of Internet Treaty, where it is agreed that traffic is only to be interfered with if one of the end points is domestic, or by agreement with one of the governments with authority over an end point.
Let governments be responsible for the border filters (and, presumably, spying), and then private companies like Cogent will have no interest in taking actions like IP block blacklisting.
Something about interpreting censorship as damage and routing around it.
Internet censorship is an exercise in futility. If there is connectivity, you can get anything through. Anything. The only way to censor the internet is to not allow access to it at all.
Why didn't they move someone important...oh, sorry, the most pertinent site in their top 10 is medium.com.
You can limit the bandwidth severely, and if you control the chokepoints for the trunks you can choose to only let through what you can scan and approve.
Yes, people can pass messages through steganography, or sneakernet, or radio links... but that's trivial to make illegal and while you can't easily enforce such laws they can be enforced well enough to reduce state-prohibited communications significantly.
So yes, the Internet can route around it... but when 'around it' means around the 'around the area containing the destination' that's not really a solution.
Fuck those greedy nI-ggers
... who didn't see this coming?
It little behooves the best of us to comment on the rest of us.
Not true.
It's a game of diminishing returns but there's never an absolute winner.
You can make it nearly impossible to circumvent, and then someone can build a complex circumvention...and so on. Remember when 'hacking' was dumping the plaintext password database after booting off a floppy?
You can make censorship difficult enough to circumvent that people will find something else to do...but the cost (implementation and maint) in that is very high.
You can get rich if you own a politician, but you have to be rich to buy one in the first place.
No, that's the fantasy that all the wannabe internet censors entertain, but it doesn't work that way. Making things illegal doesn't make them extinct. Prohibition doesn't work. There are always people who think they can make it work, but they are just delusional idiots.
If someone paid for this then they got screwed hard.
Your memory is embarrassingly short, since it's not been that long since we've actually seen governments kill their Internet.
You can indulge in your 'information wants to be free' fantasies all you want, but the only thing stopping governments from effectively controlling their Internet is the cost of the required infrastructure and the negative effect it would bring to their economy.
Reducing the 'Information Superhighway' to a pedestrian path with a guard at the border crossing isn't impossible.
Sounds Confusing as Fu*k..
Meanwhile, The Pirate Bay has .onion address on TOR, and that one was still running during the whole situation.
(It can't technically be blocked that easily.)
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Prevention = best medicine (& what you can't touch can't hurt you) via NEW APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/
Ads & malware rob speed/security/privacy
Hosts add speed (via hardcodes/adblocks), security (vs. bad sites/malware/poisoned dns), reliability (vs. dns down), & anonymity (vs. dns requestlogs/trackers).
Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus + less security bugs/complexity & faster vs. addons/routers/remote dns!
Avoids DNSChangers in routers/IP settings & dns redirects (99.999% of ISP DNS != patched vs. it) + lightens DNS load & resolves faster from local system RAM!
* Via what you NATIVELY have built into the TCP/IP stack in FASTER kernelmode!
APK
P.S. - Safe https://www.virustotal.com/en/file/e01211ca36aa02e923f20adee0a3c4f5d5187dc65bdf1c997b3da3c2b0745425/analysis/1433430542/
If you ignore all of the grandiose claims of stopping spam, disabling malware and blocking advertising, yes - running the software does create a rather large, correctly formatted hosts file, one which does include multiple custom host definitions which blackhole numerous known malware sites. By incorporating host entries for web browser favorites, the software does speed page load times by eliminating DNS lookups. In this regard, the Host File Engine performs exactly as promised, and exactly as expected. The benefits derived are from using a hosts file; the Host File Engine does significantly enhance the convenience of doing so and does result in a large but correctly formatted hosts file. While I might reasonably (and with only some effort) replicate much of this functionality with a few shell scripts in a UNIX environment, this software does perform the task well enough for users of the Windows operating system.
There are multiple benefits to using host file lookups in certain situations, and the Host File Engine does do a lot to make doing so more thorough and more convenient. Not unlike other software I've used, it's free and well worth the price.
With that said, to reap the vast majority of the benefits claimed by the system, it will be necessary to do considerably more. The Host File Engine (as its name implies) only generates a host file. Granted, a great deal of clerk-work is performed - notably in normalizing entries, ensuring that all entries are valid and correctly formatted - but if more is required (for example, enhancing the security of TOR/VPN access), a user must still ensure that appropriate host file entries are present. Host File Engine can accommodate such work but does not in and of itself actually perform this work, nor would I reasonably expect it to do so.
This is salient to the current article because one of the tools used to block/censor sites deemed by a government is the almighty domain seizure. Servers are left online at their existing IP addresses but without DNS lookups they become essentially inaccessible. Using host files makes overcoming such activities trivial, and the Host File Engine accommodates this.
My conclusion - APK's Host File Engine is a good tool for managing host files under Windows. It is not in and of itself a security solution. While APK's claims for the software are vastly overblown, the software itself is useful, usable and reasonably well-written. For those who wish to access the dark web (whether for nefarious purposes or not), this software or something like it will be quite useful. It could also play a part in adopting an enhanced security stance on a Windows platform.
You can see some of the sites here;
https://askdns.com/ip/104.31.16.3
https://askdns.com/ip/104.31.17.3
They can kill the internet, but they can't have the internet and censor it. If you think you're better off without the internet than with an internet that can't be censored, you're a special kind of stupid.
Well, at least you're smart enough to post your stupidity as AC so it doesn't stick to you.
See my subject: You're right but I know WHO does it & why. 1 of 5 types imo & experience - advertisers, webmasters, inferior competitors, & malware makers/botnet herders (the last ones care least - they just 'make more doritos' to compensate, yes costing them in domain fees hosted but they make MILLIONS (sometimes, I think I am in the WRONG game, per the film "Layer Cake", one of my favs)).
(There is ALSO lastly what I call "jealous wallies" in "ne'er-do-wells" but they are not even WORTH noting as their own wasted LIVES do them in, lol!)
* It makes me happy KNOWING that IF I WISH? I can just post again, NULLIFYING their unjustifiable abused downmods they use to "hide" their OWN failures (& to hide knowledge of my work, possibly that of others that adversely affect THEIR agendas... & this program, vs. the 1st 4 noted above respectively, ABSOLUTELY does - I've built a better mousetrap that does more for less, far more efficiently).
Scares them shitless & their effete "ReAcTioNs" PROVE THAT MUCH for me, lol...
APK
P.S.=> In any event, they're SO predictable & defeatable (I have NO posting limits like most ac posters do) that I can easily RUN THEM DRY of their abused modpoints but it's enough for me to KNOW most folks reading here do so WELL beneath the +1 easily sockpuppet cheated so-called "moderation systems" threshold default view & SEE MY POSTS ANYHOW, yours too!
(Which imo, the system here? Bogus, & IS constructed so that those doing abused downmods to 'bury' things can happen - /. doesn't even LET YOU CONFRONT THOSE DOING IT to defeat them with facts - that's bogus & wrong, but it's what "$" does & we all KNOW who holds the pursestrings on websites (advertisers my MAIN opponent above who are notorious for sockpuppetry fake accounts to abuse for downmoderation as noted above))... apk
"the Host File Engine performs exactly as promised, and exactly as expected" - by mmell (832646) on Thursday February 16, 2017 @07:17PM (#53882945)
See my subject: It's just waiting for Borland Delphi (it'll always be Borland to me) to do 64-bit Linux in 2018 per "The most exciting new feature on the roadmap is the coming Linux support, which weâ(TM)ll soon start previewing." from https://community.embarcadero.com/article/news/16418-product-roadmap-august-2016/ so the codebase stays EXACTLY the same (for most part, some small diffs between *NIX & Windows, in WinSock2 vs. *NIX sockets - these I have resolved already for the most part, drive letters vs. mounted devices (I don't use registry, it's a 'portable app' so it's VERY *NIX like, uses .ini file)).
Delphi already does Win16/32/64, Android, MacOS X (iirc, 64-bit here already) but not Linux (used to in Kylix, they stopped it - not sure why, dumb move imo!).
I chose Object Pascal Delphi due to seeing it outrace MSVC++ in Oct 1997 VBPJ (competing trade rag) "Inside the VB5 Compiler" where it MORE-THAN-DOUBLED C++ in strings & math performance (which IS what the hosts engine does mostly).
APK
P.S.=> It does block most all advertising (if not all, this is how that works downloading scripts from adservers https://news.ycombinator.com/item?id=10221859/ ) IF not served on same site (99.999% isn't), spam & phish payload links (& if done by malicious attachment, it stalls it, stopping communique back to C&C servers if a botnet type) & it does stop MANY forms of malware (like C&C botnets I noted or other types that coordinate w/ other machines-botnet herders OR downloaders etc.)... apk
"While I might reasonably (and with only some effort) replicate much of this functionality with a few shell scripts in a UNIX environment, this software does perform the task well enough for users of the Windows operating system" - by mmell (832646) on Thursday February 16, 2017 @07:17PM (#53882945)
Like my last post said: Soon it'll be "savoir faire is EVERYWHERE" https://yro.slashdot.org/comments.pl?sid=10255867&cid=53883187/ as Borland releases that (soon).
Per my subject & what I quoted from you: Not all environs have BASH/CShell etc. & folks use GUI. That's a decades long fact now (I script too, & write character mode/tty apps galore but I don't put them out - heck, I wrote 4 DOS terminal apps to make this program that write part of this one's code, small apps, like 50 lines each or so (builds filters, 3582 to be exact currently x 4 vs. false positives)).
I had others TRY what you said & they failed badly (using over iirc, 13++ *NIX commands & I had to help show them WHERE they missed things galore or functionality), e.g. - https://slashdot.org/comments.pl?sid=1929880&cid=34728830/ , https://slashdot.org/comments.pl?sid=2019504&cid=35367694/ , https://slashdot.org/comments.pl?sid=1922942&cid=34687498/, & https://slashdot.org/comments.pl?sid=2019504&cid=35405580/
APK
P.S.-> Each of those 'attempts' resulted in MASSIVE screwups on the attempted imitators' part & that is 1 of, oh iirc, 6 that tried to here (failing badly most of all by NOT going GUI)... apk
"a great deal of clerk-work is performed - notably in normalizing entries, ensuring that all entries are valid and correctly formatted - but if more is required (for example, enhancing the security of TOR/VPN access), a user must still ensure that appropriate host file entries are present. Host File Engine can accommodate such work but does not in and of itself actually perform this work, nor would I reasonably expect it to do so." - by mmell (832646) on Thursday February 16, 2017 @07:17PM (#53882945)
See my subject: 9 of them are GREAT reliable, reputable & decades long existing security community sources but they do NOT get "everything" (nothing does, & I use security sources GALORE each day scouring THEIR NEWS for things like malicious servers, botnet C&C, etc. that my sources do NOT catch (they get most though - they overlap one another too, hence the sort/deduplicate portion)).
THIS IS WHY IT IS DESIGNED IN ITS GUI THE WAY IT IS (came from 4 smaller progs I used before I released it to the general public in 2012, they were used circa 2001-2011, but the "malware/malvertising explosion hit, so out the door she went gratis - right thing to do imo on MY end because of it - if the advertisers didn't be so negligent? It'd NEVER have seen the light of public day, so you know...).
Its GUI looks & functions as it does so users can add their own stuff just as I do, from other sources... even /. source articles HELP LIKE MAD for me here in fact!
(See, it's GUI is that way for that very reason - most unlike hostman which isn't 64-bit & depends on SQLite (my code is ALL mine, easily maintained - I didn't want dependence on others' patch turnaround time IF it could be patched that is if bugs crop up)).
This is WHY the IMPORT/NORMALIZE tabs are they way they are with right-click menu editing etc. tools for the data (users can "play" with it ALL they like, imo, it's important & helps them understand WHAT hosts do for them (which is, clearly, MORE than ANY OTHER SINGLE "so-called 'solution'" does & for less, natively, in PURE fast kernelmode as part of the IP stack itself).
APK
P.S.=>
" It is not in and of itself a security solution" - by mmell ( 832646 ) on Thursday February 16, 2017 @07:17PM (#53882945)
MANY security pros & web pros back me on the fact hosts IS good "layered-security/defense-in-depth" (from ESET/NOD32, Malwarebytes whose employees verified my code + HOST & RECOMMEND IT (helped me build False Postives filter too), SYMANTEC/NORTON, Steve Gibson, & more https://yro.slashdot.org/comments.pl?sid=10245269&cid=53870029/ )... apk
IN SOVIET RUSSIA, bitch looks like YOU!!!!!
What a country!
the Host File Engine performs exactly as promised - by mmell
his hosts program is actually pretty good by xenotransplant
his hosts tool is actually useful for those cases in which one does indeed want to locally block stuff outright while consuming minimum system resources by alexgieg
I've never tried to belittle (APK's) work, I've flat out said it's good by BronsCon
take a look at the APK hosts file engine by SuperKendall
APK is kinda right. I've tried his hosts file generating software. It works by bmo
APK is totally right on this count. Adblock Plus on Firefox mobile is a dog on older, or lower end, phones. A hostfile based adblocker makes for a much better experience by chihowa
I like your host file system by Karmashock
I find your hosts file admirable by vel-ex-tech
* My code's liked + recommended & hosted by Malwarebytes' hpHosts!
APK
P.S.=> More coming... apk
I support APK's stand on the hosts file by Trax3001BBS
Your premise that hostfiles are a good way to deal with advertising and malvertising is quite valid by JazzLad
No complaints from me, I like APK... Reminds me to use a host file. Also, his stuff is free by aaaaaaargh!
APK's monolithic hosts file is looking pretty good by Culture20
APK... Awesome to see he's still spreading the good word by Molochi
ABP is insufficient as a solid hosts file does everything that APK reminds us about by fast turtle
APK isn't wrong by cfalcon
APK, I know people give you a lot of shit regarding hosts, but please don't ever stop by nasredin
You need APK's hosts file by Teun
APK solution STILL relevant by Thud457
you're right about hosts files by drinkypoo
APK
P.S.=> They're in addition to https://yro.slashdot.org/comments.pl?sid=10255867&cid=53886247/ many more earlier + 1,000's worldwide - there's no arguing w/ success... apk
So instead of maybe stop doing business with pirate sites, they acknowledge they are hosting the pirate content.
"Your claims that it's practically the cure for all the internet's woes are over-the-top" mmell
I never say hosts do all: Show where I did. You answered before I never have. You claim I 'imply' it - you misinterpreted.
What do I 'exaggerate' per list @ it's download page @ Start64.com (still on front page there)
?
APK
P.S.=> My rep's fine - sockpuppets can say what they want behind fake names online (lol) for their FAKE lives. I can show otherwise, even from you. My naysayers don't prove me wrong. It's what matters... apk
"Have fun languishing in your self-imposed obscurity. Nearly all Slashdot users know who you are and won't even give a second thought to anything you write, suggest or say" -
If this is obscurity, I'll take it (best antimalware in the world hosts & recommends my work) https://yro.slashdot.org/comments.pl?sid=10255867&cid=53886247/ & https://yro.slashdot.org/comments.pl?sid=10010777&cid=53510613/ & it seems many /.ers gave me MORE than just a 2nd thought too!
* :)
APK
P.S.=> Many 1,000's worldwide use my program & if you recall, I stopped what? 10 botnets in a week's time not too long ago also https://news.slashdot.org/comments.pl?sid=10020701&cid=53529963/ so again, if that's obscurity on MY end? Hey - I'll take it... apk
"I'm going to continue using the Host File Engine - Your software is well written, functional" mmell
FULLY err-trapped UNCRASHABLE code via a custom centralized/refactored errhandler overriding default structured errhandling
&
Virus-proofed in 280 procs/functions in ~27,000 lines of SINGLE space Object Pascal code check INLINE (4 speed) & 40 check .exe size "on the fly" via a central proc (virus can't add 1 byte w/out it shutting down)
* "Hyper-Alloy Combat Chassis - Microprocessor controlled: FULLY armored, VERY tough" - Sgt. TechCom DN38416 "assigned to protect you - you've been targetted for termination!"
APK
P.S.=> Does more 4 less vs. ANY 1 "so-called 'solution'" 4 more speed, security, reliability & anonymity online NATIVELY vs. "illogic logic" "Bolting on 'MoAr'" complexity using more resources doing less w/ more bugs + room for breakdown/exploit in SLOW usermode (addons/dns/antivirus) for most all parts vs. hosts in FAST kernelmode (part of IP stack)... apk