#28 is concerning. Sponsorship? Consultancy?
Readit NewsDeleted Comment
piggg commented on Advice for new principal tech ICs (i.e., notes to myself) eugeneyan.com/writing/pri... · Posted by u/7d7n
Deleted Comment
Deleted Comment
piggg commented on How I block all 26M of your curl requests foxmoss.com/blog/packet-f... · Posted by u/foxmoss
Some of the bad actors, and Chrome, randomize extensions, but only their order. I think it's ja3n that started to sort the extensions, before doing the hashing.
Blocking on source IP is tricky, because that frequently means blocking or rate-limiting thousands of IPs. If you're fine with just blocking entire subnets or all of AWS, I'd agree that it's probably better.
It really depends on who your audience is and who the bad actors are. For many of us the bad actors are AI companies, and they don't seem to randomize their TLS extensions. Frankly many of them aren't that clever when it comes to building scrapers, which is exactly the problem.
For my use cases I block src IP for some period of time (minutes). I don't block large pools of IPs as the blast radius is too large. That said - there are well established shit hosters who provide multiple /24s to proxy/dirty VPN types that are generally bad.
piggg commented on How I block all 26M of your curl requests foxmoss.com/blog/packet-f... · Posted by u/foxmoss
Blocking on ja3/ja4 signals to folks exactly what you are up to. This is why bad actors doing ja3 randomization became a thing in the last few years and made ja3 matching useless.
Imo use ja3/ja4 as a signal and block on src IP. Don't show your cards. Ja4 extensions that use network vs http/tls latency is also pretty elite to identify folks proxying.
piggg commented on Some interesting stuff I found on IX LANs blog.benjojo.co.uk/post/i... · Posted by u/todsacerdoti
I remember in the 2000s a large-ish Telco network in the US was running ospf on an IX. A few of us on IRC did the what if? And one of us brought up the adjacency and it worked.
Same network also had all their network links in MRTG public too with no auth - if you only knew the hostname/URL you could see it all (which their staff would sometimes drop in Noc communication when linking a graph and you attempted to go there to poke around).
piggg commented on US High school students' scores fall in reading and math apnews.com/article/naep-r... · Posted by u/bikenaga
Because of legal problems if the job is performed improperly or someone is injured. This is basic administration.
Also once again, this sounds like what someone would imagine they did in wood shop if they never took wood shop.
At my HS in the 90s students were frequently used to do stuff like this. Ex: this ravine/brush area we want to clean it out and chop some stuff down to make it a "nature center".
Similar in woodshop and metal working - doing stuff to fix the schools infra/bldg.
https://hola.org/legal/sdk
https://hola.org/legal/sla
> How is it free? > > In return for free usage of Hola Free VPN Proxy, Hola Fake GPS location and Hola Video Accelerator, you may be a peer on the Bright Data network. By doing so you agree to have read and accepted the terms of service of the Bright Data SDK SLA (https://bright-sdk.com/eula). You may opt out by becoming a Premium user.
This "VPN" is what powers these residential proxies: https://brightdata.com/
I'm sure there are many other companies like this.
On top of that - lots of free tv/movie streaming stuff that also makes yourself a proxy/egress node. Sometimes you find it on tv/movie streaming devices sold online where it's already loaded on when it arrives.