I think its worth mentioning that DDOS protection has become a tool to control online discourse. Once you get kicked off Cloudfare, thats mostly it for you if you have a determined attacker. Thats quite a beneficial situation for governments.
Have you actually run any sort of web service/website without Cloudflare? This sounds like something straight out of a sales reps mouth, obviously there is more solutions than just Cloudflare out there...
I dont think you appreciate the threat scenario discussed here if you think its reasonable to ask for personal experience. Leaves me to wonder if i am supposed to deny having committed any crimes while we are at it?
Still thank you for the response, gives the ability to clarify that this is by no means an advertisement. You have of course endless options for ddos mitigation right now. But once cloudflare no longer wants you, your other options have a tendency to evaporate as well.
>But once cloudflare no longer wants you, your other options have a tendency to evaporate as well
This! If the forces persecuting you made Cloudflare to drop you, and you go, you establish your own site and your own platform your own infrastructure, unless you have some billions lying around to put fiber optical cables over the oceans physically connecting your servers to the rest of the world, you will depend on other people. And the forces persecuting you, they could just go the next level and start to demand Tier 1 providers to drop you. And the whole thing start to derailing into a cat a mouse game. Where you will have to constantly be thinking "Okay, what is their next move to deplatform me?"
Because as you said. Usually when Cloudflare drops you... it's not very absurd to assume banking institutions, Mastercard, Visa, Google, Microsoft, Amazon, etc... will also drop you. And the law pretty much allows those multibillion dollar companies to deny service to a paying costumer, which is a pretty dangerous precedent in my opinion.
I believe cloudflare drops if they cannot withstand the level of traffic you’re being hit with, which is an exception to your suggestion. As per other posts, if CF drops you, you won’t be able to build your own ddos mitigating infra without billions. Microsoft and Amazon offer similar services, but I’m guessing cloudflare offers the best resiliency based on ops specific naming of CF.
I think generally with cloudflare is they may be quick to drop you (or demand payment) if large DDoS is a regular occurrence for you. The free tier is generous but it dries up if your a huge target.
My company runs a a bunch of large community products and we run cloudflare in front of them to handle frequent DDoS attacks. We also pay for a cloudflare enterprise plan though.
The other side of the coin is them dropping a custom for other reasons.
Is immediately after. And a person died. Clouflare are aware that they shouldn’t exist. They exist because they solve a problem that our telecoms networks and government/regulatory apparatus won’t. And it’s regarding the daily stormer.
Cloudflare keeps protecting the Russian state because if they don’t Russia will develop the technology themselves and then eat some of Cloudflare’s lunch. The effectiveness of a single period of successful DDOS attacks in a whole war is debatable.
It’s easy to stop a handful of neo Nazis. The Russian state is a lot harder. If you want Cloudflare to do it get the government to force them.
If cloudflare dropped someone because they couldn't withstand the traffic, that would be an exceptional event that would not go unnoticed. I don't believe they do that.
As someone who has run services online for the last two decades, without ever using Cloudflare, you do have "options". Those options tend to be rooted in proper network engineering, DDoS mitigation, owning and operating your own ASN and advertising routes through multiple physical POPs and proper distributed hosting, with low-dynamic content.
But if by "options" you are talking about "pay someone else to deal with the problem", then sure you might be right.
A lot of these solutions don't actually mitigate large DDoS attacks, or have enormous loopholes that can be bypassed by a novice attacker. I've heard that OVH's DDoS protection used to let in other OVH servers, for example.
When I checked, some of the equivalents to Cloudflare's lower plans cost hundreds of dollars a month.
> OVH's DDoS protection used to let in other OVH servers
And why wouldn't they? If you're getting ddos'd on OVH from OVH, they'll just turn off the source of the traffic rather than trying to fight it on the receiving end.
It really isn't that dire, AWS has Shield (or really just Cloudfront), GPC has Cloud Armor, Azure has "Azure DDoS Protection", everything on Digital Ocean is protected by default. And if you're on-prem or colo then even a modestly sized edge router can handle quite a bit of traffic. And if all you want is the CDN part and not origin protection then every commercial CDN does DDoS protection.
If you mean "providing expensive protection services for free on a $5/mo VPC" then sure Cloudflare might be your only bet.
Not a question of money. If i recall, all of these are as easy to reach for governments as cloudfare itself. Especially with the threat of KYC. Would be happy to be wrong here though.
"If a government decides they want you offline" is quite a big difference from the original "Once you get kicked off Cloudfare, thats mostly it for you".
Somebody else asked this but deleted before i could respond, so i am glad you asked.
Centralized DDOS protection and DDOS seem to be two sides of the same coin, so i dont understand what the distinction would entail.
edit: You could argue that DDOS is an equal opportunity tool, while the threat of getting kicked off cloudflare is reserved for a selected few. So the difference would be which is more at threat of getting exploited. Hope that helps.
Who got kicked off of Cloudflare? Because both the cases I can think of weren't because of governments and were the sorts of schmucks that you really don't want hanging around.
A few companies with enough resources being able to decide who is a "schmuck that you really don't want hanging around" is worse than a government doing it IMO. At least the latter have to pretend to follow process and be accountable to the people
Though I'm not sure how to really solve it. I support ISPs being considered utilities with an obligation to serve any customer unless they can argue a compelling reason why they can't, but DDoS protection is not a technical essential like an internet connection is. Even if it's almost essential for a popular site in 2023
It's not a few companies. It's private people deciding who they want to serve. And yes that can mean that you find it impossible to publish neoNazi rags online.
It was a generic statement about a path to get rid of unwanted public discourse. The problem is that paths that exist get taken. Examples of who that happened to already and your opinion of who deserves what are not the point.
Its totalitarian rot, it doesnt stop, its like a moldy fruit.
Wait so your point is that if Cloudflare (or anybody?) doesn't want to do business with lying Nazis, then, the world is on an inexorable slippery slope to totalitarian fascism? That's obviously false.
That perspective is how being wrong looks here. Its an incredible shortsightedness, you have no basis for that degree of certainty. For starters, if it was so obvious you could explain how.
We are talking about a barrier to enter public discourse enforced through DDOS, not freedom to do business with whom you please. This robs you of the ability to self host. With zero checks and balances. You being certain that the likes of the daily stormer shouldnt exist in the public discourse doesnt absolve you of the responsibility for the delete function you just created. For which you have zero concern. That is how a totalitarian slope looks, totalitarians prick holes into the public discourse with no regards for the safe use of such holes. Unsurprising as there is no safe way to do this. Its building a horrific weapon with no targeting mechanism or safety.
You having made yourself a totalitarian through your flagrant disregard for the consequences of your actions. Your error lies in believing your intention matters more then the outcome. To the degree that safeguards became unnecessary. You could and should know better, reality always wants its toll for such behavior.
edit: Please check the comment a bit down starting with " Naive being the key point." on the use of the term totalitarian. I also mentioned stuff to read on the topic by people a lot more capable then me and and hopefully a lot harder to ignore.
Remember when google was one of the “not evil” companies? When it comes to internet companies we have got burned so many times it’s good to keep a healthy dose of skepticism when it comes to a company that potentially decides if you are able to survive on the internet.
One of my favorite illegal streaming websites that streamed old nickelodion tv shows and the xfiles from the 90s. they had problems with cloudflare and had to deal with a lot of problems from a rival hacker group ddosing
With those shows narratives heavily influencing how we think. With some no longer available after falling through the cracks of DRM (like Malcolm in the Middle in some countries).
At-least in my experience, OVH was the only hosting company where their network engineers spoke to me when we had a ddos problem.
Had a situation where one of my servers were getting ddosed we tried multiple providers both cloud and dedicated, but the attack was not getting stopped by anyone, the customer service was useless on most other places its either we get null routed, or hours of back and forth with customer service without any solution.
We moved our servers to OVH the customer service rep directed us to an engineer within a few minutes. I remember we had to send a few packet captures during an attack to one of their network engineers and, not only did they block the attack in a few hours, the engineer in charge explained exactly what happened was such a nice learning experience, that one interaction with them will always make me recommend them.
There are quite a few options, but what could be heard through the grapevines with Kiwifarms most turn out to be theoretical once attackers are motivated enough. Think about them what you will, they make a great canary.
Worth mentioning that totalitarianism is often characterized by being the rule of the stupid. Shortsighted actionism and signaling in spite of reality with the resulting corruption growing like a self destructive cancer. Bonhoeffer’s Theory of Stupidity puts it great and Meerloo giving a vivid description of what kind of societies this creates.
edit: Willful naivete is not a good life choice. Staying away from darwin awards and are not accidentally creating a fourth reich both require ongoing effort, no falling asleep on the wheel. History tells you this is a valid risk if you dont consider certain things when acting. With the guys having fought the nazis advising you to be less stupid to not repeat that. Seeing how horrible that was, maybe at least try to stay away from that instead of just intending to. This is insanely bad on the severity scale and justifies some effort. Reality is clearly lacking a bright red warning sign here with technology offering ever greater levers for less and less intentioned actions.
I can not overstate how bad of an idea it is to ignore that out of group think/tribalism and ego. It simply does not work and in hindsight you could have known. Failing so badly that nobody risks a "having told you so".
These are likely nation state actors who have the ability to fund these attacks. I wouldn’t be surprised if they’re using advanced techniques to slow down the network and track the routes as they traverse. I would be wary of anonymity while using tor during one of these attacks.
Eh, the techniques don't need to be that advanced or even expensive, and there are plenty of markets with motivation to DDOS their competitors. The government might even prefer that the markets stay up, so they can continue monitoring them and honeypotting criminals using them.
Absolutely not. Most mailing lists are run horribly. With horrible deliverability, security ("don't use an important password here"-clownery plus no SRS, ARC or DKIM) and a plethora of MUA idiocy sprinkled on top. Not to mention way obsolete opinions such as "no HTML at all" or "40kB maximum".
Discourse is one of the nicest to use forum platforms. Works on phones, has normal notifications, proper markdown, nice mention-subscription-quote system, nice plugins (such as abbreviation explainer) and it's not an eyesore.
Jeff Atwood is one of the co-founders of Discourse and probably knows what he is doing. Compared to much of the legacy forum software, it's a big upgrade. His team also, in my experience, has offered very good support for corporate customers.
Source: Was on the team (but not the decision-maker) to replace a very large legacy forum with Discourse.
It's weird how <insert painful and idiotic method of communicating here> gets treated as an endorsement on this website.
For reference, me saying that emailing around pictures of handwritten text would be preferable to discourse was not an endorsement of mailing around pictures of handwritten text.
Also, as a side note, mailing list deliverability sucks because mailing list maintainers are sometimes stuck in the past and think that impersonating users while modifying messages is a good idea.
All the well ran mailing lists either don't modify messages and instead add unsubscribe headers and pass things on, or modify the messages as well as the from email addresses to avoid falling afoul of DKIM and therefore causing deliverability problems due to DMARC rejections.
HTML emails are also an abomination for replying so I am not sure what your point is there. There's basically one standard for in-line replies for plain text emails but there is no agreement on how to in-line reply to HTML emails.
But I can see how someone might dislike emails and don't think its the right solution for forums. That being said, they're still better than discourse.
List of advantages over discourse:
- Don't need a modern PC or phone to render all the javascript
- There's no mandatory (or any) javascript
- My keyboard isn't hijacked for the purposes of implementing an input scheme which doesn't match the rest of my browsing experience and therefore requires me to re-learn how to use my web browser when I go on the website
- I archive the content easily, index it myself and search through it at my leisure
- The UI is as simple as I want it to be
Forum websites should not require javascript for rendering, or even ideally posting, it was never needed it in the past and I never felt like adding javascript added anything to the user experience. It should be simple, secure, easily searchable and above all else shouldn't hijack your keyboard.
One of the design goals of Discourse was that it should work well on mobile phones. I guess most other forum software is either from the time of before widespread smartphone use or it doesn't consider mobile users. With that being said, I actually don't like discourse's UI and prefer more classical forums like PHPbb.
Working well on crappy toy devices = working shittily on actual computers
Smart watches should have taken off, so everything could have been made post stamp-sized to work well on them and become completely unusable on a screen larger than your hand.
Discourse goes a bit overboard with the javascript and all the bells and whistles but I don't understand how anybody could prefer PHPbb over it, other than familiarity. That being said I always found PHPbb abysmal to use, even in the early 2000, so clearly I'm biased.
My main issue with Discourse is that I prefer HN/Reddit-like threading for replies rather than linear comments, but PHPbb does the same and there are pros and cons for both formats anyway.
For some context, I use a keyboard driven vim binding plugin for firefox to deal with the web. Discourse, aside from just being slow on older machines due to all the JS, binds half my keyboard to some nonsense. Apparently due to how firefox works, these bindings take precedence over everything else and there's no way to turn them off.
This is a frustrating web experience for anyone who uses any custom bindings in a browser and it repeats itself every time I use one of these websites.
Lastly, I have no idea why forum software needs absolutely any javascript to just render a basic page. Discourse renders as a blank page with javascript disabled, that's just extremely unnecessary.
Ah yes I love how email is set up so any conversation becomes indented 200 times by quoting the entire previous chain so I have to add another monitor to see the whole thing, while being a complete mishmash of styles from different mail providers.
I donʼt have many strong points, it mostly feels nice to use, be it browsing or participating.
But to name a couple of points: itʼs index-able by search engines (compared to a certain similarly named popular “alternative”); robust topic tracking system: I know exactly where I left each topic off.
And what about mitigating attacks on other networks/sites that originate from tor? The site I linked only said "attackers who control enough bandwidth to launch an effective DDoS attack can do it just fine without Tor." They didn't say anything about mitigating the use of tor by attackers. And what they're saying about attacks not being possible on the network is clearly wrong.
This is for protecting against attacks against the Tor network and onion services. Not for preventing people using Tor to conduct ddos attacks on normal websites which is what your linked page discusses
There have been cases of darknet markets employing enormous botnets to layer 7 DDoS their rivals, by constantly requesting data from the site through seemingly legitimate requests. Considering that Proof of Work is one of the primary things they're looking into, it's probably something similar to this.
I’ve heard passing mention of people switching to i2p because they feel the design choices of the Tor project are questionable - suggesting compromise. But these were vague assertions, is there more reading or ability to substantiate this?
I2P has been designed with "hidden services" in mind. AlphaBay, which until a few months ago was the most modern and progressive dark web market had fully moved to I2P. Stating that they saw no future in Tor, as the Tor Project refused to address major design issues even though they have heaps of money.
So far using i2p has been very nice to use and the tools are well developed. I run a node myself. The way i2p works is very interesting. Some services like Dread which provide i2p access have only been accessible via i2p in recent times due to the load on tor.
We'll have to see how i2p holds up when it inevitably takes over Tor and becomes a target of ddos itself.
Yeah I think I saw AlphaBay’s complaint and was hoping there was an elaboration
Like is it like that Swiss encryption company that kept bricking the encryption for the CIA and employees kept noticing intentional encryption flaws and being told to work on something else?
I feel like “written in a memory-safe language” is a fair selling point, especially when we are talking about a tool designed to accept completely untrusted data from the network and keep you safe from attackers with significant resources.
I've run it in NonAnonymous mode as an experiment. Not to replace a CDN for DDoS protection but to replace the CDN as a way to anonymize where the server is because people play games to try to cancel hosting accounts when they get mad about topics being discussed. When they can't control the narrative they will start emailing abuse@ making false claims and some hosting providers are lazy. From the DDoS aspect, people could send Tor to 100% CPU but the httpd server wasn't even passing 1% CPU. This was long ago however so this observation is likely outdated. early days of v3
Nobody was able to decloak the server even being in NonAnonymous mode but the bigger issue was the ability to reach the server. At least at the time not many people had a browser that could talk to .onion sites. I don't know how many people use Brave or the Tor Browser these days so maybe now it would be less of an issue now. Maybe I will try it again soon. It's easy to send people to the Tor Onion version of your site using the Onion-Location header [1] to see how many people would be able to reach the .onion side of your site.
The problem is, that it still requires an address (be it tor or IP). Even if you run the script locally, there is still a need to communicate input and output. So people can just ddos that page.
Works great for combating human spam though. You tend to behave better if your login took half a day to get and expires quickly when not used. Plus build in cool down time after getting banned.
Impact from moderation always goes both ways. The more you insert yourself, the higher the chances that your own stupidity warps the entire communication channel for the worse leading to shrinkage and echo chambers. And people dont vanish, chances are they are already attempting the next tower in babel a few ips over and get up to who knows what.
The merits of proof of work should be discussed for the specific scenario. If it allows for reputationless discussions and throwaway accounts, how high is the cost really? In comparison to banevasion problems, moderation overhead and the resulting attack surface requiring more resources while deteriorating the channel? Otherwise impact less emergency breaks for idiots might be reasonable solution. Its not much different from timed bans.
How do you determine a user is an idiot or not when good ideas look like bad ideas initially? Experts can have blind spots.
The option for reputationless discussion should always remain open in my opinion.
> how high is the cost really?
The cost can be proportional to the proof of work.
Everything has a cost. How about determining the cost and providing means to pay for it? Paying works for many things in the world. It works for ads, for example.
Why must the cost be annoying a human by requiring reputation instead of a monetary cost? How is annoying a human a better solution than letting people pay? Do you really think pissing people off will stop them from expressing what they want? It might be more likely that people will express what they want, nobody will hear them, and they'll leave, taking good ideas with them.
Just as there is a cost to moderation, there is a cost to losing good ideas. How about letting a free market decide?
My post was indeed rather convoluted. I dont think we are disagreeing.
With idiot breaks i am talking about timeouts to artificially lengthen the reaction time and with it reduce emotional bias and excitement. Its the same idea as with "count till 10 before you start screaming at someone". I share your concern with reality models and the confidence in them, trying to determine and dictate TRUTH is a dangerous fools errand. I would also go further, that its not just a matter of annoyance, communication channels dictate our reality models. With no error correction for identity based errors (group think, tribalism, ego, fear of loosing credibility/ social capital ...) we are majorly screwed.
With proof of work i am talking purely practical necessity to operate a reputation less communication channel. Going zero moderation with one just hasnt worked so far. And its arguably less bad then the old system of IP bans. And i dont see many alternatives, there will always be a stupid person with a short fuse jamming the channel. Who has likely some interesting points but is ruining the efficiency and with it the appeal of the channel.
