Supermariofan67

joined 1 year ago

Do not use Kiwi Browser. It's based on an extremely out of date version of chromium and therefore very vulnerable.

At first I thought it was just some edgy troll community, but it didn't take long for me to find a fairly upvoted comment saying "look, I just don't like immigrants" or something like that. So yeah, seems like that kind of place over there...

[–] Supermariofan67@lemmy.fmhy.ml 18 points 1 year ago (3 children)

Sure enough, the .zip TLD is just being used for malicious activity

[–] Supermariofan67@lemmy.fmhy.ml 8 points 1 year ago (3 children)

There are far more robust methods of fingerprinting to spy on users anyway (adding up all the details of screen size, available fonts, language, os, etc, etc), so I don't think removing the user agent would have much impact in reducing fingerprinting alone. It's also useful as a quick and simple way to check the type of device, os, or browser the user is on and serve the correct content (download link for one's OS) or block troublesome clients (broken bots)

[–] Supermariofan67@lemmy.fmhy.ml 27 points 1 year ago (1 children)

Meta joining the fediverse is like Raytheon joining anti-war protests. They are not there for sincere participation.

True with Bitcoin. Not with Monero if I understand correctly.

.ml tends to be one of the most abused top level domains for malware, spam, etc (in terms of ratio of malicious to non malicious domains) similar to .top, .buzz, .club, etc. So, many DNS filters on company networks simply filter all domains of these TLDs (and maybe whitelist a few known good ones) since they tend to be almost certainly malicious.

I filter them on my home network too via pihole (though not .ml)

The poneytelecom IPs would just constantly remain connected to me without actually downloading or uploading anything, which is quite unusual because torrent clients normally are supposed to disconnect from peers that they have no use for. And there would be like 15-30 IPs doing the same thing on the same few torrents. They were using Deluge, a legitimate client, which is quite weird, so maybe their shit was just misconfigured accidentally somehow. I looked up one of them on iknowwhatyoudownload.com and it was active on thosands of random torrents (including lots of CP apparently). I also recall in the past another IP from that range repeatedly downloading the same 80 GiB torrent which I am the only seed on, wasting my bandwidth for no apparent reason. So I just banned the entire IP range since clearly it's not doing anything legitimate to me and is just acting strangely in all sorts of ways. It's sort of a mini DDoS attack (intentionally or not) since I have my qBittorrent configured with a max number of connections.

The Xunlei IPs aren't really attackers per se, but the client doesn't follow the BitTorrent protocol standard and seeding to them is useless since they are incapable of seeding to other people. Some people just ban China entirely but I can't do that because there are lots of legitimate Chinese users on the torrents I have and I don't want to cut them off over something other people do

[–] Supermariofan67@lemmy.fmhy.ml 0 points 1 year ago (2 children)

I've found that the block lists on the net tend to contain extremely outdated information and blocks a lot of legitimate activity, while ultimately being ineffective at actually blocking copyright trolls sufficiently. Best to have a vpn to prevent that. Since I have a vpn, I don't care who downloads from me so long as they aren't abusing my resources. So I manually create a blocklist for IP blocks I've observed malicious activity from. The blocklist file syntax is a note and an IP or IP range (not cidr notation) on each line, separated by a colon. for example, to block 195.154.0.0/16:

Poneytelecom:195.154.0.0-195.154.255.255

(That's an IP range I actually block, belonging to poneytelecom, a very low reputation hosting provider I was getting some weird denial of service looking activity, like 40+ simultaneous connections who wouldn't actually download anything)

Also, if you download torrents popular in China you may come across the Xunlei client, which always reports its progress as 0% and never seeds. Banning these would be impractical game of whack a mole. So instead, simply enable super seeding mode on those torrents. Gone instantly. Might be slower at seeding, but at least now you can seed to legitimate users.