Comment by kmeisthax
18 days ago
This is already a thing for basically all of the second[0] and third worlds. A non-trivial amount of Cloudflare's security value is plausible algorithmic discrimination and collective punishment as a service.
[0] Previously Soviet-aligned countries; i.e. Russia and eastern Europe.
Yep. Same for most of Asia too.
Cloudflare's filters are basically straight up racist.
I have stopped using so many sites due to their use of Cloudflare.
If 90% of your problem users come from 1-2 countries, seems pretty sensible to block that country. I know I have 0 paying users in those countries, so why deal with it? Let them go fight it out doing bot wars in local sites
Keep in mind, this is literally why stereotypes and racism exists. It’s the exact same process/reasoning.
3 replies →
Well, not racist per-se - if you visit the countries (regardless of race) you’re screwed too.
Geo-location-ist?
People hate collective punishment because it works so well.
Anecdatally, by default, we now block all Chinese and Russian IPs across our servers.
After doing so, all of our logs, like ssh auth etc, are almost completely free and empty of malicious traffic. It’s actually shocking how well a blanket ban worked for us.
Being slightly annoyed by noise in SSH logs I’ve blocked APNIC IPs and now see a comparable number of brute force attempts from ARIN IPs (mostly US ones). Geo blocks are totally ineffective against TAs which use a global network of proxies.
~20 years ago I worked for a small IT/hosting firm, and the vast majority of our hostile traffic came from APNIC addresses. I seriously considered blocking all of it, but I don’t think I ever pulled the trigger.
> Anecdatally, by default, we now block all Chinese and Russian IPs across our servers.
This. Just get several countries' entire IP address space and block these. I've posted I was doing just that only to be told that this wasn't in the "spirit" of the Internet or whatever similar nonsense.
In addition to that only allow SSH in from the few countries / ISPs legit trafic shall legitimately be coming from. This quiets the logs, saves bandwidth, saves resources, saves the planet.
1 reply →
[flagged]
1 reply →
Putting everyone in jail also works well to prevent crime.
Having a door with a lock on it prevents other people from committing crime in my house. This metaphor has the added benefit of making some amount of sense in context.
Works how? Are these blocks leading to progress toward solving any of the underlying issues?
It's unclear that there are actors below the regional-conglomerate-of-nation-states level that could credibly resolve the underlying issues, and given legislation and enforcement regimes sterling track record of resolving technological problems realistically it seems questionable that solutions could exist in practice. Anyway this kind of stuff is well outside the bounds of what a single org hosting an online forum could credibly address. Pragmatism uber alles.
The underlying issue is that countries like russia support abuse like this. So by blocking them perhaps the people there will demand that their govt stops supporting crimes and absuse so that they can be allowed back into the internet.
(In the case of russians though i guess they will never change)
1 reply →
Innocent people hate being punished for the behavior of other people, whom the innocent people have no control over.*
FTFY.
The phrase "this is why we can't have nice things" springs to mind. Other people are the number one cause of most people's problems.
1 reply →
I have a growing Mastodon thread of this shit: https://mastodon.social/@grishka/111934602844613193
It's of course trivially bypassable with a VPN, but getting a 403 for an innocent get request of a public resource makes me angry every time nonetheless.
Exactly. I have to use a VPN just for this kind of bu**it. :/
The difference between politics and diplomacy is that you can survive in politics without resorting to collective punishment.
unrelated: USSR might have been 2nd world. Russia is 3rd world (since 1991) -- banana republic
No, Russia is by definition the 2nd world. It's about spheres of influence, not any kind of economic status. The First World is the Western Bloc centered around the US, the Second World is the Eastern Bloc centered around then-USSR and now-Russia (although these days more centered on China), the Third World is everyone else.
By which definition? Here’s the first result in google: “The term "second world" was initially used to refer to the Soviet Union and countries of the communist bloc. It has subsequently been revised to refer to nations that fall between first and third world countries in terms of their development status and economic indicators.” https://www.investopedia.com/terms/s/second-world.asp#:~:tex....
Notice the word economic in it.