Re: [Cin] Cin-GG & Tor
Correction below... matheu: [...] > Not sure it would be so. Most of the browsing with Tor can be done just > fine. I've been unable to access, say reddit.com (or whatever the Reddit s/I've been unable/I've never been unable/' > address is, or any of the plethora of Debian sites, or DuckDuckgo.com, > or startpage.com, and so many other sites, many of them also WordPress > and even small DIY servers... I meant: I was never banned, using Tor, to access so many sites, of all kinds. [...] > matheu > -- Cin mailing list Cin@lists.cinelerra-gg.org https://lists.cinelerra-gg.org/mailman/listinfo/cin
Re: [Cin] Cin-GG & Tor
Hi! I also read your previous email. Sam: > Hi Matheu, > > I have new insights into the problems of Tor networks and CleanTalk. > > In fact, the Tor exit nodes are being blocked by CleanTalk because many > spammers abuse Tor for their spam purposes. The amount of spam from the > Tor network must have been so large that CleanTalk generally blocks Tor. > > There are also brute force attacks registered, but these are far less > significant than spam attacks. CleanTalk also recommends not releasing > these exit nodes, as this will drastically increase spam traffic. > > Here are some of the spam & brute force statistics: > > https://cleantalk.org/blacklists/185.220.101.27 > https://cleantalk.org/blacklists/185.220.101.70 Yup! As you say below, people are using Tor for bad purposes. There is no doubt about that... But I still believe CleanTalk must be doing it wrong, as it allows too few nodes... I tried many times (in the span of many days, non-intenisevely, scattered in time) to access cinelerra-gg.org and too few exit nodes they allow, too few nodes! > The use of other means would also lead to the same result, because after > a few attacks from the Tor network, the IP address would automatically > be blocked for a few hours/days. As a result, other honest Tor users > would not be able to access the website. Not sure it would be so. Most of the browsing with Tor can be done just fine. I've been unable to access, say reddit.com (or whatever the Reddit address is, or any of the plethora of Debian sites, or DuckDuckgo.com, or startpage.com, and so many other sites, many of them also WordPress and even small DIY servers... > It's a shame that such a great project would be misused for such > inglorious purposes. > > I'm going to have to take a closer look at the Tor concept, because I'm > still a little under-acquainted with it. > > Sam > That definitely will take a little time. I hope you manage to do it. Not at all an easy go, the depths of Tor... (And neither is true, professional, advanced use of Cinelerra :) ) matheu -- Cin mailing list Cin@lists.cinelerra-gg.org https://lists.cinelerra-gg.org/mailman/listinfo/cin
Re: [Cin] [CinCV TNG] about Cin-GG
Hi! Sam: > Hi Matheu, > > I'm sorry you had trouble subscribing to the mailing list. > > I can disable all the security mechanisms, but as a result we have more > work with all the manual cleanups caused by spammers. We are exposed to > many spam attacks every day and use existing protection mechanisms to > protect ourselves and our community from such attacks. Here are some > numbers about spam, last weeks 2786 attacks were blocked based on IP > address. 17 direct login attempts with blacklisted email addresses have > been blocked. 7 brute force attacks and 70 complex attacks. All > attackers want to remain anonymous. However, blacklisting Tor exit nodes is usually not doing anything to the attackers, because of the way Tor works. E.g., one of the addresses that you blacklist is: http://metrics.torproject.org/exonerator.html?ip=185.220.101.27=2019-07-08=en a Tor exit node with probably heavy traffic of all kinds of people, most of them probably legitimate visitors. The malicious ones, esp. if they are expert or just more advanced, your ban does pretty much nothing to them, because they can do so much more than just change identity in the top right corner of Tor browser (which means change who you appear to be to the website that you are visiting, i.e. the exit node)... So banning an exit node, which is what the CleanTalk probably does (no time to investigate, but I think I saw some address with that name in some instances when I tried visiting https://www.cinelerra-gg.org and was banned, is just wrong thing to do... Also there are FOSS captcha's available, way more benign to users, but I have no time to search for links to those... > I also prefer to surf the Internet > anonymously as far as possible, but we use these protection techniques > to protect ourselves and not to use our visitors for advertising > purposes. These security tools help us spend our time on more important > things, such as more time improving Cinelerra. I would love to do > without such tools, but unfortunately this would make dynamic content of > our users impossible. > > I can add you manually. I'll send you an email But whatever you use to counter spam and attacks is blacklisting exit nodes that I used today as well. [...] > Sam [...] -- Cin mailing list Cin@lists.cinelerra-gg.org https://lists.cinelerra-gg.org/mailman/listinfo/cin