Comment by ndiddy

11 hours ago

If you look at the article, the network they disrupted pays software vendors per-download to sneakily turn their users into residential proxy endpoints. I'm sure that at least some of the time the user is technically agreeing to some wording buried in the ToS saying they consent to this, but it's certainly unethical. I wouldn't want to proxy traffic from random people through my home network, that's how you get legal threats from media companies or the police called to your house.

8 comments

ndiddy

Reply
londons_explore  11 hours ago

> that's how you get legal threats from media companies or the police called to your house.

Or residential proxies get so widespread that almost every house has a proxy in, and it becomes the new way the internet works - "for privacy, your data has been routed through someone else's connection at random".

  • Imustaskforhelp  11 hours ago

    > Or residential proxies get so widespread that almost every house has a proxy in, and it becomes the new way the internet works - "for privacy, your data has been routed through someone else's connection at random".

    Is this a re-invention of tor, maybe I2P?

    • chii  41 minutes ago

      > Is this a re-invention of tor

      in a way, yes - the weakness of tor is realistically the lack of widespreadness. Tor traffic is identifiable and blockable due to the relatively rare number of exit nodes (which also makes it dangerous to run exit nodes, as you become "liable").

      Engraining the ideas of tor into regular users' internet usage is what would prevent the internet from being controlled and blockable by any actor (except perhaps draconian gov't over reach, which while can happen, is harder in the west).

    • rolph  9 hours ago

      IP8 address tumbler? to wit, playing the shell game, to obstruct direct attribution.

dataviz1000  10 hours ago

They provide an SDK for mobile developers. Here is a video of how it works. [0] They don't even hide it.

[0] https://www.youtube.com/watch?v=1a9HLrwvUO4&t=15s

  • ndiddy  10 hours ago

    Of course they're pitching it like everything's above board, but from the article:

    > While many residential proxy providers state that they source their IP addresses ethically, our analysis shows these claims are often incorrect or overstated. Many of the malicious applications we analyzed in our investigation did not disclose that they enrolled devices into the IPIDEA proxy network. Researchers have previously found uncertified and off-brand Android Open Source Project devices, such as television set top boxes, with hidden residential proxy payloads.