Comment by mschuster91
13 hours ago
> What would prevent a pirate site operator from registering a domain a few months in advance and sitting on it in the meantime?
It's driving up the cost and expenses. Operators of legitimate sites don't have to worry during that probation time about anything with the exception of customers in Spain during LL match hours.
LL has ~10 matches / weekend (Fri/Sat/Sun/Mon), that means pirates have to have about 40 domains/CF integrations per month plus more in standby - and more, for longer probation periods.
> How do you propose customers ought to be vetted?
I dunno... stuff like basic KYC measures would be a good start. Copies of ID cards. Government business licenses. Private entities (credit bureaus). Even phone number verification is a serious hurdle for malicious actors, and it ties activities to real world identities that can be held accountable.
Dangerous stuff (e.g. streaming) could only be made available upon a security deposit.
> Why should a host be expected to take on the duties of a hall monitor? Isn't that the judiciary's job?
No, and that we let ISPs get away with ignoring abuse@ emails is part of why the Internet is such a nasty place these days. You need a license to drive a car on public roads, you need an expensive license to fly a small plane, and you need a goddamn massively expensive license to fly a widebody aircraft. So why shouldn't you need to pass some set of verification before you get access to inarguably the Internet's most powerful data pipes?
> It's driving up the cost and expenses.
That's an interesting point. Are their margins so slim that they can't afford less than ~$50 per domain? I'm not familiar with their revenue model.
This is the sort of thing that could be done via the legislature if Spain were serious and playing by the rules. They could require ISPs to do DNS filtering based on domain age during matches. If they really wanted to do service level filtering they could require hosts such as CF to perform geoblocking in a similar manner during matches.
> Dangerous stuff (e.g. streaming) could only be made available upon a security deposit.
Let's set aside for a moment that I think this suggestion is completely absurd. Are these sites using some prepackaged streaming solution? Do you not realize that I can stream video from any machine using software I control? To an approximation the only thing required to scale streaming up to lots of customers is raw bandwidth. If you don't accommodate seeking you can potentially serve thousands of simultaneous streams with a single cheap VPS (in practice this won't work because a cheap VPS won't have a 100 Gbit pipe).
> So why shouldn't you need to pass some set of verification
Since when have you needed a license or verification to publish? You're acting as though a global impressum requirement is the natural state of affairs. Your demand is an affront to free society.
> we let ISPs get away with ignoring abuse@ emails
That seems like an entirely separate matter, if it's even true at all.
> No
Ah yes, a rousing argument. Obviously you must be correct.
You've failed to make a convincing case as to why deciding what is and isn't permissible isn't the job of the judiciary. If Spain wants to change that then they need to pass laws to that effect but in practice those won't have global reach. Thus they might (for example) engage in international lobbying efforts to incorporate a DMCA equivalent for illegal streaming into the global copyright regime.
Failing the above it is Spain that is in the wrong here and I'm happy to see that CF isn't going along with their overbearing and entirely unreasonable nonsense.
> Are their margins so slim that they can't afford less than ~$50 per domain?
It's not (just) about driving up the financial cost, that works out decently to combat "normal" spam. The thing is, it drives up the organizational effort - you need to acquire and maintain a constant fresh stream of fake identities, payment credentials and the likes.
> Let's set aside for a moment that I think this suggestion is completely absurd. Are these sites using some prepackaged streaming solution? Do you not realize that I can stream video from any machine using software I control?
At the moment, the pirates are streaming through Cloudflare, which is why CF is being targeted with the mass bans in the first place.
And yes, Cloudflare could go and say "we block everything looking like m3u8 HLS, DASH or other forms of video streaming for young accounts". Cloudflare has enough AI to dynamically detect and ban abusive clients - you can't seriously assume they could not detect someone running video streams on the server side.
> Since when have you needed a license or verification to publish? You're acting as though a global impressum requirement is the natural state of affairs. Your demand is an affront to free society.
One man's freedom ends where another man's freedom begins, society cannot survive without an "immune system" to ward off abuse, and Cloudflare are an accomplice to a whole lot of abusive behavior that is worthy to call out and confront.
> That seems like an entirely separate matter, if it's even true at all.
Have you ever heard about the term "bullet-proof hosting"?