Tor’s history of D/DoS attacks and future strategies for mitigation(forum.torproject.org) |
Tor’s history of D/DoS attacks and future strategies for mitigation(forum.torproject.org) |
Still thank you for the response, gives the ability to clarify that this is by no means an advertisement. You have of course endless options for ddos mitigation right now. But once cloudflare no longer wants you, your other options have a tendency to evaporate as well.
When I checked, some of the equivalents to Cloudflare's lower plans cost hundreds of dollars a month.
99.9% of the time you literally don’t need their services.
If you mean "providing expensive protection services for free on a $5/mo VPC" then sure Cloudflare might be your only bet.
Though I'm not sure how to really solve it. I support ISPs being considered utilities with an obligation to serve any customer unless they can argue a compelling reason why they can't, but DDoS protection is not a technical essential like an internet connection is. Even if it's almost essential for a popular site in 2023
Its totalitarian rot, it doesnt stop, its like a moldy fruit.
Had a situation where one of my servers were getting ddosed we tried multiple providers both cloud and dedicated, but the attack was not getting stopped by anyone, the customer service was useless on most other places its either we get null routed, or hours of back and forth with customer service without any solution.
We moved our servers to OVH the customer service rep directed us to an engineer within a few minutes. I remember we had to send a few packet captures during an attack to one of their network engineers and, not only did they block the attack in a few hours, the engineer in charge explained exactly what happened was such a nice learning experience, that one interaction with them will always make me recommend them.
In addition to a lot of clever tricks ddos protection comes down to a simple question. Who has more resources to keep going.
Sending pictures of pieces of hand written paper over email would be a more user friendly and usable interface than this javascript mess.
https://support.torproject.org/abuse/what-about-ddos/
So, is this an attack using a different method?
And what about mitigating attacks on other networks/sites that originate from tor? The site I linked only said "attackers who control enough bandwidth to launch an effective DDoS attack can do it just fine without Tor." They didn't say anything about mitigating the use of tor by attackers. And what they're saying about attacks not being possible on the network is clearly wrong.
So far using i2p has been very nice to use and the tools are well developed. I run a node myself. The way i2p works is very interesting. Some services like Dread which provide i2p access have only been accessible via i2p in recent times due to the load on tor.
We'll have to see how i2p holds up when it inevitably takes over Tor and becomes a target of ddos itself.
Like is it like that Swiss encryption company that kept bricking the encryption for the CIA and employees kept noticing intentional encryption flaws and being told to work on something else?
or something else
Benefits of I2P over Tor
...
Java, not C (ewww)
```
Excuse me?
Nobody was able to decloak the server even being in NonAnonymous mode but the bigger issue was the ability to reach the server. At least at the time not many people had a browser that could talk to .onion sites. I don't know how many people use Brave or the Tor Browser these days so maybe now it would be less of an issue now. Maybe I will try it again soon. It's easy to send people to the Tor Onion version of your site using the Onion-Location header [1] to see how many people would be able to reach the .onion side of your site.
[1] - https://community.torproject.org/onion-services/advanced/oni...
These[0][1][2]?
[0]: https://blog.torproject.org/whats-new-tor-0298/
[1]: https://2019.www.torproject.org/docs/tor-manual.html.en#Hidd...
[2]: https://2019.www.torproject.org/docs/tor-manual.html.en#Hidd...
Works great for combating human spam though. You tend to behave better if your login took half a day to get and expires quickly when not used. Plus build in cool down time after getting banned.
Discourse is one of the nicest to use forum platforms. Works on phones, has normal notifications, proper markdown, nice mention-subscription-quote system, nice plugins (such as abbreviation explainer) and it's not an eyesore.
Source: Was on the team (but not the decision-maker) to replace a very large legacy forum with Discourse.
For reference, me saying that emailing around pictures of handwritten text would be preferable to discourse was not an endorsement of mailing around pictures of handwritten text.
Also, as a side note, mailing list deliverability sucks because mailing list maintainers are sometimes stuck in the past and think that impersonating users while modifying messages is a good idea.
All the well ran mailing lists either don't modify messages and instead add unsubscribe headers and pass things on, or modify the messages as well as the from email addresses to avoid falling afoul of DKIM and therefore causing deliverability problems due to DMARC rejections.
HTML emails are also an abomination for replying so I am not sure what your point is there. There's basically one standard for in-line replies for plain text emails but there is no agreement on how to in-line reply to HTML emails.
But I can see how someone might dislike emails and don't think its the right solution for forums. That being said, they're still better than discourse.
List of advantages over discourse:
- Don't need a modern PC or phone to render all the javascript
- There's no mandatory (or any) javascript
- My keyboard isn't hijacked for the purposes of implementing an input scheme which doesn't match the rest of my browsing experience and therefore requires me to re-learn how to use my web browser when I go on the website
- I archive the content easily, index it myself and search through it at my leisure
- The UI is as simple as I want it to be
Forum websites should not require javascript for rendering, or even ideally posting, it was never needed it in the past and I never felt like adding javascript added anything to the user experience. It should be simple, secure, easily searchable and above all else shouldn't hijack your keyboard.
This is a frustrating web experience for anyone who uses any custom bindings in a browser and it repeats itself every time I use one of these websites.
Lastly, I have no idea why forum software needs absolutely any javascript to just render a basic page. Discourse renders as a blank page with javascript disabled, that's just extremely unnecessary.
We really need a user agent that actually acts in the interest of the user.
Now, try to do encourage that behavior in a corporate environment, and you'll just get blank stares.
And why wouldn't they? If you're getting ddos'd on OVH from OVH, they'll just turn off the source of the traffic rather than trying to fight it on the receiving end.
https://www.ovhcloud.com/en/security/anti-ddos/ddos-attack-m...
But to name a couple of points: itʼs index-able by search engines (compared to a certain similarly named popular “alternative”); robust topic tracking system: I know exactly where I left each topic off.
That perspective is how being wrong looks here. Its an incredible shortsightedness, you have no basis for that degree of certainty. For starters, if it was so obvious you could explain how.
We are talking about a barrier to enter public discourse enforced through DDOS, not freedom to do business with whom you please. This robs you of the ability to self host. With zero checks and balances. You being certain that the likes of the daily stormer shouldnt exist in the public discourse doesnt absolve you of the responsibility for the delete function you just created. For which you have zero concern. That is how a totalitarian slope looks, totalitarians prick holes into the public discourse with no regards for the safe use of such holes. Unsurprising as there is no safe way to do this. Its building a horrific weapon with no targeting mechanism or safety.
You having made yourself a totalitarian through your flagrant disregard for the consequences of your actions. Your error lies in believing your intention matters more then the outcome. To the degree that safeguards became unnecessary. You could and should know better, reality always wants its toll for such behavior.
edit: Please check the comment a bit down starting with " Naive being the key point." on the use of the term totalitarian. I also mentioned stuff to read on the topic by people a lot more capable then me and and hopefully a lot harder to ignore.
People are naively willing to look to other for a dangerous precedent went it is happening to a person or group that they dislike.
Worth mentioning that totalitarianism is often characterized by being the rule of the stupid. Shortsighted actionism and signaling in spite of reality with the resulting corruption growing like a self destructive cancer. Bonhoeffer’s Theory of Stupidity puts it great and Meerloo giving a vivid description of what kind of societies this creates.
edit: Willful naivete is not a good life choice. Staying away from darwin awards and are not accidentally creating a fourth reich both require ongoing effort, no falling asleep on the wheel. History tells you this is a valid risk if you dont consider certain things when acting. With the guys having fought the nazis advising you to be less stupid to not repeat that. Seeing how horrible that was, maybe at least try to stay away from that instead of just intending to. This is insanely bad on the severity scale and justifies some effort. Reality is clearly lacking a bright red warning sign here with technology offering ever greater levers for less and less intentioned actions.
I can not overstate how bad of an idea it is to ignore that out of group think/tribalism and ego. It simply does not work and in hindsight you could have known. Failing so badly that nobody risks a "having told you so".
The merits of proof of work should be discussed for the specific scenario. If it allows for reputationless discussions and throwaway accounts, how high is the cost really? In comparison to banevasion problems, moderation overhead and the resulting attack surface requiring more resources while deteriorating the channel? Otherwise impact less emergency breaks for idiots might be reasonable solution. Its not much different from timed bans.
How do you determine a user is an idiot or not when good ideas look like bad ideas initially? Experts can have blind spots.
The option for reputationless discussion should always remain open in my opinion.
> how high is the cost really?
The cost can be proportional to the proof of work.
Everything has a cost. How about determining the cost and providing means to pay for it? Paying works for many things in the world. It works for ads, for example.
Why must the cost be annoying a human by requiring reputation instead of a monetary cost? How is annoying a human a better solution than letting people pay? Do you really think pissing people off will stop them from expressing what they want? It might be more likely that people will express what they want, nobody will hear them, and they'll leave, taking good ideas with them.
Just as there is a cost to moderation, there is a cost to losing good ideas. How about letting a free market decide?
With idiot breaks i am talking about timeouts to artificially lengthen the reaction time and with it reduce emotional bias and excitement. Its the same idea as with "count till 10 before you start screaming at someone". I share your concern with reality models and the confidence in them, trying to determine and dictate TRUTH is a dangerous fools errand. I would also go further, that its not just a matter of annoyance, communication channels dictate our reality models. With no error correction for identity based errors (group think, tribalism, ego, fear of loosing credibility/ social capital ...) we are majorly screwed.
With proof of work i am talking purely practical necessity to operate a reputation less communication channel. Going zero moderation with one just hasnt worked so far. And its arguably less bad then the old system of IP bans. And i dont see many alternatives, there will always be a stupid person with a short fuse jamming the channel. Who has likely some interesting points but is ruining the efficiency and with it the appeal of the channel.
https://cr.yp.to/talks/2015.10.05/slides-djb-20151005-a4.pdf
Unfortunately, Java encryption libraries are far from boring.
https://www.bleepingcomputer.com/news/security/bouncy-castle...
https://www.cvedetails.com/vulnerability-list/vendor_id-7637...
> Benefits of Tor over I2P
> ...
> - C, not Java (ewww)
It's a joke.
This! If the forces persecuting you made Cloudflare to drop you, and you go, you establish your own site and your own platform your own infrastructure, unless you have some billions lying around to put fiber optical cables over the oceans physically connecting your servers to the rest of the world, you will depend on other people. And the forces persecuting you, they could just go the next level and start to demand Tier 1 providers to drop you. And the whole thing start to derailing into a cat a mouse game. Where you will have to constantly be thinking "Okay, what is their next move to deplatform me?"
Because as you said. Usually when Cloudflare drops you... it's not very absurd to assume banking institutions, Mastercard, Visa, Google, Microsoft, Amazon, etc... will also drop you. And the law pretty much allows those multibillion dollar companies to deny service to a paying costumer, which is a pretty dangerous precedent in my opinion.
My company runs a a bunch of large community products and we run cloudflare in front of them to handle frequent DDoS attacks. We also pay for a cloudflare enterprise plan though.
The other side of the coin is them dropping a custom for other reasons.
https://blog.cloudflare.com/why-we-terminated-daily-stormer/
HN discussion at the time: https://news.ycombinator.com/item?id=15031922
But they will continue to protect genocidal regime services: https://www.forbes.com/sites/thomasbrewster/2022/03/07/cloud...
But if by "options" you are talking about "pay someone else to deal with the problem", then sure you might be right.
Smart watches should have taken off, so everything could have been made post stamp-sized to work well on them and become completely unusable on a screen larger than your hand.
My main issue with Discourse is that I prefer HN/Reddit-like threading for replies rather than linear comments, but PHPbb does the same and there are pros and cons for both formats anyway.
Centralized DDOS protection and DDOS seem to be two sides of the same coin, so i dont understand what the distinction would entail.
edit: You could argue that DDOS is an equal opportunity tool, while the threat of getting kicked off cloudflare is reserved for a selected few. So the difference would be which is more at threat of getting exploited. Hope that helps.
Is immediately after. And a person died. Clouflare are aware that they shouldn’t exist. They exist because they solve a problem that our telecoms networks and government/regulatory apparatus won’t. And it’s regarding the daily stormer.
Cloudflare keeps protecting the Russian state because if they don’t Russia will develop the technology themselves and then eat some of Cloudflare’s lunch. The effectiveness of a single period of successful DDOS attacks in a whole war is debatable.
It’s easy to stop a handful of neo Nazis. The Russian state is a lot harder. If you want Cloudflare to do it get the government to force them.