Recent searches

No recent searches

Search options

Only available when logged in.
101010.pl is one of the many independent Mastodon servers you can use to participate in the fediverse.
101010.pl czyli najstarszy polski serwer Mastodon. Posiadamy wpisy do 2048 znaków.

Administered by:

Server stats:

502
active users

101010.pl: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.4.0-beta.2

#bulletproofhosting

0 posts0 participants0 posts today
Replied in thread
*
Erik van Straten

@SpaceLifeForm wrote:
<<< Why should a CDN have to police websites? >>>

They don't. However, because Cloudflare abuses the knowledge that cybercriminals know that blocking Cloudflare's IP-address ranges will result in lots if false positives (for decent websites), this doesn't imply that Cloudflare should be able to get away with this. They DO have a responsibility.

The only things they have to do, instead if trying to fool us with the usual "freedom of speech" rubbish:

(1) Refuse anonymous or obviously identity-spoofing customers, such as:

  • complaints-booking[.]info
  • defi-chainfix.pages[.]de
  • evri.mylocal-parcel-gb[.]com
  • loginmicrosoftonlinecom.pages[.]dev
  • ing.es-areacliente[.]com

See also trustwave.com/en-us/resources/ for abuse of Cloudflare's free workers.dev and pages.dev domains (the article is 1 year old but still very to the point);

(2) Refuse customers using known malicious IP-addresses and/or registrars;

(3) Treat complaints seriously - and listen to those who know, such as Mandiant (as can be seen in for example virustotal.com/gui/ip-address/: tap ••• a couple of times until you see Mandiant in the third column);

(4) Always first show a warning page (shown before proceeding to actual site) for new customers, and more often show such a page after receiving complaints and/or when in doubt regarding the customer's intentions.

Cloudflare is complicit to cybercrime if they continue to facilitate it for their own profit - which is exactly what they and other Big Tech firms are doing right now (I call that #internetCancer ).

It is simply unfair that, on the current internet, everybody says that nobody is to blame (except the victims) if innocent individuals have their bank accounts drained, or companies file bankrupcy after ransomware gangs managed to penetrate their network perimeters via phishing attacks and/or hosted malware.

See also infosec.exchange/@ErikvanStrat.

@dangoodin : thanks for the article: arstechnica.com/security/2024/

#DontBeEvil #LackOfAuthentication #ShortSightedness #Cybercrime #BulletProofHosting
#AllowingAnonymousBusinesses #Cloudflare #Google #Microsoft #Amazon #Fastly

www.trustwave.comIt’s Raining Phish and Scams – How Cloudflare Pages.dev and Workers.dev Domains Get AbusedIn today's world, more and more devices are connected to the Internet for on-the-go connectivity. Huawei has a mobile broadband service that allows Internet connectivity via cellular networks by using a small USB dongle.
TrendingLive feeds
About