bluefirecorp_
|
|
October 01, 2018, 02:37:05 PM |
|
I don't like CloudFlare. I consider it quite likely to be some sort of government-run honeypot; or if it isn't already, then it could be easily transformed into one. Far too much of the Internet goes through CloudFlare. Why do we even use it if you think this could possibly be the case? Is it really worth the risk? How effective is CloudFlare at even stopping DDOS attacks or whatever? We've still had a few here whilst we've used it, right? Is a better Cloudflare-like service something that could be created (I remember you briefly mentioning how you would create one somewhere)? I've suggested in the past that we could use funds that the forum could generate from things like extra ad slots and premium ranks etc for projects that would benefit the community and even the world and this surely could be one, especially with your concerns about it. Cloudflare is like the defacto standard in anti-ddos services. Also, it's hard to beat free. Honestly, if the web forum software were designed better, it could be built to be more resistant to DDoS attacks (proper gateways, rate limiting at multiple tiers, etc...). I don't think the new software is going to solve this issue though. I've been considering trying to build a new forum software myself that allows high horizontal scalability rather than the traditional vertical scaling that we have now.
|
|
|
|
Cøbra
Bitcoin.org domain administrator
Full Member
Offline
Activity: 123
Merit: 474
|
|
October 02, 2018, 10:51:39 PM |
|
I just managed to log in now, but couldn't use the site at all yesterday. Even today it took me way too long because of the captcha (wasted so much time training Google AI to improve its spying capability ). The initial Cloulflare page with the captcha isn't the problem, it's the log in page with the issues. I think some sort of creative solution as suggested by some is possible here. Maybe a whitelist of PGP keys? Users can put their public key in their account somewhere, and those with enough trust can log in without the captcha by signing some arbitrary text?
|
|
|
|
drwhobox
Full Member
Offline
Activity: 756
Merit: 133
- hello doctor who box
|
|
July 17, 2023, 08:17:48 PM |
|
I think a bump is really necessary considering the discussions already on my last topic which you can find on this url https://bitcointalk.org/index.php?topic=5460048.0I have no use of that topic, hopefully the extended discussions on this topic will bring a new idea against CF. Thank you.
|
|
|
|
LoyceV
Legendary
Offline
Activity: 3500
Merit: 17685
Thick-Skinned Gang Leader and Golden Feather 2021
|
I'll quote myself here: Can the forum get a .onion domain for Tor users? That doesn't stop DDOS entirely, but at least it leaves an option without Cloudflare.
|
| | Peach BTC bitcoin | │ | Buy and Sell Bitcoin P2P | │ | . .
▄▄███████▄▄ ▄██████████████▄ ▄███████████████████▄ ▄█████████████████████▄ ▄███████████████████████▄ █████████████████████████ █████████████████████████ █████████████████████████ ▀███████████████████████▀ ▀█████████████████████▀ ▀███████████████████▀ ▀███████████████▀ ▀▀███████▀▀
▀▀▀▀███████▀▀▀▀ | | EUROPE | AFRICA LATIN AMERICA | | | ▄▀▀▀ █ █ █ █ █ █ █ █ █ █ █ ▀▄▄▄ |
███████▄█ ███████▀ ██▄▄▄▄▄░▄▄▄▄▄ █████████████▀ ▐███████████▌ ▐███████████▌ █████████████▄ ██████████████ ███▀███▀▀███▀ | . Download on the App Store | ▀▀▀▄ █ █ █ █ █ █ █ █ █ █ █ ▄▄▄▀ | ▄▀▀▀ █ █ █ █ █ █ █ █ █ █ █ ▀▄▄▄ |
▄██▄ ██████▄ █████████▄ ████████████▄ ███████████████ ████████████▀ █████████▀ ██████▀ ▀██▀ | . GET IT ON Google Play | ▀▀▀▄ █ █ █ █ █ █ █ █ █ █ █ ▄▄▄▀ |
|
|
|
ranochigo
Legendary
Offline
Activity: 3038
Merit: 4420
Crypto Swap Exchange
|
|
July 18, 2023, 07:23:29 AM Last edit: July 18, 2023, 07:45:36 AM by ranochigo |
|
The core of the issue is how susceptible onion addresses are to DDOS, which is arguably harder to block due to the nature of anonymity. There's some progress with trying to resolve this issues (PoW requirement, etc) , presumably due to the massive DDOS a while back. I assume theymos doesn't want to mess with Tor for now, and sacrifice having to deal with tons of DDOS coming in from Tor at the expense of having the user jump through loops using CloudFlare.
|
|
|
|
mocacinno
Legendary
Offline
Activity: 3584
Merit: 5243
https://merel.mobi => buy facemasks with BTC/LTC
|
|
July 18, 2023, 07:39:20 AM |
|
Tor can't completely mitigate all abuse, but it does make it a lot harder for an attacker tough: https://support.torproject.org/abuse/what-about-ddos/I've ran hidden services in the past, it's actually quite easy to setup and maintain... But in the end it's up to Theymos to see if he has the time and resources, since i can only assume that the time investment in setting up a hidden service for bitcointalk is a different magnitude than the time to setup a hidden service for a testnet faucet
|
|
|
|
NotATether
Legendary
Offline
Activity: 1792
Merit: 7382
Top Crypto Casino
|
|
July 18, 2023, 11:21:15 AM |
|
|
|
|
|
dkbit98
Legendary
Offline
Activity: 2422
Merit: 7572
|
|
July 18, 2023, 05:14:56 PM |
|
You mean that using Bitcointalk with onion address would remove all cloudflare and any similar boxes that needs to be checked? That would certainly speed things up, and in theory it should improve privacy, but I think it would increase cost of purchasing and maintaining another domain. Does anyone know how much needs to be paid for long term .onion domain address?
|
|
|
|
LoyceMobile
|
|
July 18, 2023, 05:29:26 PM |
|
Does anyone know how much needs to be paid for long term .onion domain address? Nothing. Onion domains are more or less like Bitcoin addresses, created from a private key.
|
|
|
|
dkbit98
Legendary
Offline
Activity: 2422
Merit: 7572
|
|
July 18, 2023, 07:43:08 PM |
|
Nothing. Onion domains are more or less like Bitcoin addresses, created from a private key.
Interesting. I am reading more about it now and I see there is a way of generating vanity address similar like for Bitcoin, so maybe we could create btctalk... btctlk, or something similar that doesn't have a lot of characters. Maybe what I saw before with people selling onion addresses was for this vanity addresses.
|
|
|
|
examplens
Legendary
Offline
Activity: 3472
Merit: 3501
Crypto Swap Exchange
|
|
July 18, 2023, 10:34:02 PM |
|
I am reading more about it now and I see there is a way of generating vanity address similar like for Bitcoin, so maybe we could create btctalk... btctlk, or something similar that doesn't have a lot of characters.
As far as I know, the .onion domain cannot be that short, and certainly not easy to remember. I think 16 random strings is the minimum (up to 56), plus if you want to add something at least a little recognizable. (like btctalk ...) Check Sinbad for example: sinbadiovkigdbafpqvwfwjh2tfrisahtxmrskiovt62nirragcnkcad.onion 56 characters.
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18747
|
|
July 19, 2023, 06:07:43 AM |
|
I've just generated the following, which theymos can have for free. btctalkhfmnva2746gkwhsxpirz3w7bu3ocut7uzjlszsxlou4naruyd.onion
|
|
|
|
LoyceV
Legendary
Offline
Activity: 3500
Merit: 17685
Thick-Skinned Gang Leader and Golden Feather 2021
|
I think 16 random strings is the minimum (up to 56) The shorter v2 addresses can't be used anymore, now 56 characters (v3) is the default. I've just generated the following, which theymos can have for free. btctalkhfmnva2746gkwhsxpirz3w7bu3ocut7uzjlszsxlou4naruyd.onion As always: "not your keys, not your coins address" applies here too.
|
| | Peach BTC bitcoin | │ | Buy and Sell Bitcoin P2P | │ | . .
▄▄███████▄▄ ▄██████████████▄ ▄███████████████████▄ ▄█████████████████████▄ ▄███████████████████████▄ █████████████████████████ █████████████████████████ █████████████████████████ ▀███████████████████████▀ ▀█████████████████████▀ ▀███████████████████▀ ▀███████████████▀ ▀▀███████▀▀
▀▀▀▀███████▀▀▀▀ | | EUROPE | AFRICA LATIN AMERICA | | | ▄▀▀▀ █ █ █ █ █ █ █ █ █ █ █ ▀▄▄▄ |
███████▄█ ███████▀ ██▄▄▄▄▄░▄▄▄▄▄ █████████████▀ ▐███████████▌ ▐███████████▌ █████████████▄ ██████████████ ███▀███▀▀███▀ | . Download on the App Store | ▀▀▀▄ █ █ █ █ █ █ █ █ █ █ █ ▄▄▄▀ | ▄▀▀▀ █ █ █ █ █ █ █ █ █ █ █ ▀▄▄▄ |
▄██▄ ██████▄ █████████▄ ████████████▄ ███████████████ ████████████▀ █████████▀ ██████▀ ▀██▀ | . GET IT ON Google Play | ▀▀▀▄ █ █ █ █ █ █ █ █ █ █ █ ▄▄▄▀ |
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18747
|
|
July 19, 2023, 06:40:41 AM |
|
Of course, and I'm sure theymos is more than capable of generating a suitable .onion address. Just pointing out it is easily done.
|
|
|
|
nutildah
Legendary
Offline
Activity: 3178
Merit: 8570
Happy 10th Birthday to Dogeparty!
|
|
July 19, 2023, 07:06:02 AM |
|
The core of the issue is how susceptible onion addresses are to DDOS, which is arguably harder to block due to the nature of anonymity. There's some progress with trying to resolve this issues (PoW requirement, etc) , presumably due to the massive DDOS a while back.
A couple months back the PoW requirement was merged into the next, forthcoming Tor update. This should work a lot of wonders as far as mitigating DDOS attacks is concerned. I think a Bitcointalk onion would be pretty useful for those who are using BTC in jurisdictions where it is frowned upon or heavily monitored... probably a safer approach than using a regular 'ol VPN, who probably keeps logs and may or may not turn them over to certain governments when requested.
|
|
|
|
ranochigo
Legendary
Offline
Activity: 3038
Merit: 4420
Crypto Swap Exchange
|
|
July 19, 2023, 07:25:15 AM |
|
A couple months back the PoW requirement was merged into the next, forthcoming Tor update. This should work a lot of wonders as far as mitigating DDOS attacks is concerned. I think a Bitcointalk onion would be pretty useful for those who are using BTC in jurisdictions where it is frowned upon or heavily monitored... probably a safer approach than using a regular 'ol VPN, who probably keeps logs and may or may not turn them over to certain governments when requested. Yep, but it might be quite a while before it gets released, officially. I was following the progress of it and the documentation is still in the progress I think. Bitcointalk over Tor is still somewhat usable, not really totally inaccessible. Anyhow, CloudFlare actually allows for Onion routing as well. Allowing the site to be served over onion while still allowing for the site to piggyback on CloudFlare's CDN. I assume that there is a very good reason why this isn't used currently.
|
|
|
|
LoyceV
Legendary
Offline
Activity: 3500
Merit: 17685
Thick-Skinned Gang Leader and Golden Feather 2021
|
|
July 19, 2023, 07:31:35 AM |
|
Of course, and I'm sure theymos is more than capable of generating a suitable .onion address. Just pointing out it is easily done. Reading into this, I realize there will be more complications. For instance, I often link to a topic by using an absolute URL instead of a relative URL (update: and even relative links get stored as absolute links after posting). All those links need to be replaced to avoid sending users from the .onion forum to the clearnet forum. The image proxy should also get a .onion entry. Unfortunately, it's not as straight forward as I initially expected.
|
| | Peach BTC bitcoin | │ | Buy and Sell Bitcoin P2P | │ | . .
▄▄███████▄▄ ▄██████████████▄ ▄███████████████████▄ ▄█████████████████████▄ ▄███████████████████████▄ █████████████████████████ █████████████████████████ █████████████████████████ ▀███████████████████████▀ ▀█████████████████████▀ ▀███████████████████▀ ▀███████████████▀ ▀▀███████▀▀
▀▀▀▀███████▀▀▀▀ | | EUROPE | AFRICA LATIN AMERICA | | | ▄▀▀▀ █ █ █ █ █ █ █ █ █ █ █ ▀▄▄▄ |
███████▄█ ███████▀ ██▄▄▄▄▄░▄▄▄▄▄ █████████████▀ ▐███████████▌ ▐███████████▌ █████████████▄ ██████████████ ███▀███▀▀███▀ | . Download on the App Store | ▀▀▀▄ █ █ █ █ █ █ █ █ █ █ █ ▄▄▄▀ | ▄▀▀▀ █ █ █ █ █ █ █ █ █ █ █ ▀▄▄▄ |
▄██▄ ██████▄ █████████▄ ████████████▄ ███████████████ ████████████▀ █████████▀ ██████▀ ▀██▀ | . GET IT ON Google Play | ▀▀▀▄ █ █ █ █ █ █ █ █ █ █ █ ▄▄▄▀ |
|
|
|
|