| ▲ | progbits 17 hours ago |
| I'm surprised by the negative takes... Yes, proxies are good. Ones which you pay for and which are running legitimately, with the knowledge (and compensation) of those who run them. Malware in random apps running on your device without your knowledge is bad. |
|
| ▲ | vlovich123 10 hours ago | parent | next [-] |
| > Some users may knowingly install this software on their devices, lured by the promise of “monetizing” their spare bandwidth. Sounds like they’re targeting networks even if the users are ok participating in, precisely what you’re saying is ok. As for malware enrolling people into the network, it depends if the operator is doing it or if the malware is 3rd parties trying to get a portion of the cash flow. In the latter case the network would be the victim that’s double victimized by Google also attacking them. |
| |
| ▲ | wmf 10 hours ago | parent | next [-] | | Users are OK with acting as proxies because they don't understand all the shady stuff their proxy is being used for. Also consumer ISPs generally ban this. | | |
| ▲ | chii 8 hours ago | parent | next [-] | | But then would you make the same arguments for running a tor node (presumably, you don't know what shady stuff is there, but you know there's shady stuff)? | | |
| ▲ | Spooky23 an hour ago | parent | next [-] | | Running a tor node is pretty stupid from a liability perspective, but at least you have more deniability and you are making an informed choice. These residential proxies are pretty much universally shady. I doubt most of the users understand what they are consenting to. | | |
| ▲ | sitzkrieg 8 minutes ago | parent [-] | | tor nodes are zero risk as long as they're not an exit been running nodes since 2017 on two providers and zero issues |
| |
| ▲ | jraph 2 hours ago | parent | prev [-] | | That's totally something you should consider, even if you decide for running the tor node anyway in the end. |
| |
| ▲ | iammrpayments 7 hours ago | parent | prev | next [-] | | You could say the same about google’s terms of service. | | | |
| ▲ | JasonADrury 4 hours ago | parent | prev [-] | | Why would the users care either way? | | |
| ▲ | jraph 4 hours ago | parent [-] | | Some people care about ethics, and try to avoid doing bad stuff, or helping the bad stuff. | | |
|
| |
| ▲ | xhcuvuvyc 9 hours ago | parent | prev [-] | | > These SDKs, which are offered to developers across multiple mobile and desktop platforms, surreptitiously enroll user devices into the IPIDEA network. ? |
|
|
| ▲ | throwoutway 13 hours ago | parent | prev | next [-] |
| > Malware in random apps running on your device without your knowledge is bad. And ones that have all the indicators of compromise of Russia, Iran, DPRK, PRC, etc |
| |
| ▲ | bigiain 10 hours ago | parent [-] | | Am I the only one cynically thinking that "Russia, Iran, DPRK, PRC, etc" is the "But think of the chiiildren!!!" excuse for doing this? And when Google say "IPIDEA’s proxy infrastructure is a little-known component of the digital ecosystem leveraged by a wide array of bad actors." What they really mean is " ... leveraged by actors indiscriminately scraping the web and ignoring copyright - that are not us." I can't help but feel this is just Google trying to pull the ladder up behind then and make it more difficult for other companies to collect training data. | | |
| ▲ | shit_game 5 hours ago | parent | next [-] | | >I can't help but feel this is just Google trying to pull the ladder up behind then and make it more difficult for other companies to collect training data. I can very easily see this as being Google's reasoning for these actions, but let's not pretend that clandestine residential proxies aren't used for nefarious things. The vast majority of social media networks will ban - or more generally and insiously - shadow ban accounts/IPs that use known proxy IPs. This means that they are gating access to their platforms behind residential IPs (on top of their other various blackboxes and heuristics like fingerprinting). Operators of bot networks thus rely on residential proxy services to engage in their work, which ranges from mundane things like engagement farming to outright dangerous things like political astroturfing, sentiment manipulation, and propaganda dissemination. LLMs and generative image and video models have made the creation of biased and convincing content trivial and cheap, if not free. The days of "troll farms" is over, and now the greatest expense for a bad actor wishing to influence the world with fake engagement and biased opinions is their access to platforms, which means accounts and internet connections that aren't blacklisted or shadow banned. Account maturity and reputation farming is also feeling a massive boon due to these tools, but as an independent market it also similarly requires internet connections that aren't blacklisted or shadow banned. Residential proxies are the bottleneck for the vast majority of bad actors. | | |
| ▲ | throwaway10948 2 hours ago | parent [-] | | > The vast majority of social media networks will ban - or more generally and insiously - shadow ban accounts/IPs that use known proxy IPs. This means that they are gating access to their platforms behind residential IPs (on top of their other various blackboxes and heuristics like fingerprinting) Social media will ban proxy IPs, yet gleefully force you to provide your ID if you happen to connect from the wrong patch of land. I find it difficult not to support any and all attempts to bypass such measures. The fact is that there's now a perfectly legitimate use for residential proxies, and the demand is just going to keep growing as more websites decide to "protect their content", and more governments decide to pass tyrannical laws that force people to mask their IPs. And with demand, comes supply, so don't expect them to go away any time soon. This really just sounds like a rehash of the argument against encryption. "Bad people use it, so it should go away" - never mind that there are completely legitimate uses for it. Never mind that using a residential proxy might be the only way to get any privacy at all in a future where everyone blocks VPNs and Tor, a future where you may not even be able to post online without an ID depending you where you live, a future which we're swiftly approaching. It's already here, in fact. Imgur blocks UK users, but it also blocks VPNs and Tor. The only way somebody living in the UK can access Imgur is through a residential proxy. | | |
| ▲ | ErroneousBosh an hour ago | parent [-] | | > The only way somebody living in the UK can access Imgur is through a residential proxy. And very little of value was lost. > This really just sounds like a rehash of the argument against encryption. "Bad people use it, so it should go away" - never mind that there are completely legitimate uses for it. Except that almost everything that uses encryption has some legitimate use. There are pretty much no legitimate uses for residential proxies, and their use in flooding the Internet with crap greatly outweighs that. If I plumbed a 30cm sewage line straight into your living room would you be happy with it? Okay, well, tell you what, let's make it totally legit - I'll drop a tasty ripe strawberry into the stream of effluent every so often, how about that? |
|
| |
| ▲ | ErroneousBosh an hour ago | parent | prev | next [-] | | > Am I the only one cynically thinking that "Russia, Iran, DPRK, PRC, etc" is the "But think of the chiiildren!!!" excuse for doing this? Maybe. But until I dropped all traffic from pretty much every mobile network provider in Russia and Israel, I'd get up every morning to a couple of thousand new users of whom a couple of hundred had consistently within a few hundred milliseconds created an account, clicked on the activation link, and then posted a bunch of messages in every forum category spreading hate speech. | |
| ▲ | Craighead 6 hours ago | parent | prev [-] | | No, what they're saying is what they said, what you're implying reveals a strange bias. Web scraping through residential proxies? Please think through your thoughts more. There's much more effective and efficient ways to do so. Multiple bad actors, like ransomware affiliates, have been caught using residential proxy networks. But by all means, don't let facts and cyber threat intelligence get in the way. | | |
| ▲ | bomewish 4 hours ago | parent | next [-] | | What are the much more effective and efficient ways — since you said it ? | |
| ▲ | usefulposter 3 hours ago | parent | prev [-] | | >let facts and cyber threat intelligence get in the way Appeal to authority by way of invoking the megacorp-branded "threat intelligence" capability (targeted PR exercise). |
|
|
|
|
| ▲ | bdcravens 16 hours ago | parent | prev | next [-] |
| Many are "compensated" (in the way of software they didn't pay for), so the real question is that of disclosure (in which case many software vendors check the box in the most minimal way possible by including it as fine print during the install) |
| |
| ▲ | happyopossum 15 hours ago | parent [-] | | No, the question is not just disclosure. People have their bandwidth stolen, and sometimes internet access revoked due to this kind of fraud and misuse - disclosure wouldn’t solve that | | |
| ▲ | the_fall 15 hours ago | parent | next [-] | | Also, as a website owner, these residential proxies are a real pain. Tons and tons of abusive traffic, including people trying to exploit vulnerabilities and patently broken crawlers that send insane numbers of requests, and no real way to block it. It's just nasty stuff. Intent matters, and if you're selling a service that's used only by the bad guys, you're a bad guy too. This is not some dual-use, maybe-we-should-accept-the-risks deal that you have with Tor. | |
| ▲ | bigfatkitten 11 hours ago | parent | prev [-] | | If they're lucky. Sometimes people have their doors kicked in by armed police. |
|
|
|
| ▲ | riedel 4 hours ago | parent | prev | next [-] |
| I learn: proxy networks run by large corps are good. True internet is bad. While I understand that often we are talking about Malware/Worms etc that enable this. However, i find it often disturbing to here often a lot of libertarian speech from the tech scene, while on the other hand are feeling themselves very comfortable to take over state power like policing efforts to save the world. |
|
| ▲ | CodeMage 14 hours ago | parent | prev [-] |
| Getting rid of malware is good. A private for-profit company exercising its power over the Internet, not so much. We should have appropriate organizations for this. |
| |
| ▲ | vachina 12 hours ago | parent | next [-] | | The proxies is the reason why you get spam in your Google search result, spam in your Play store (by means of fake good reviews), basically spam in anything user generated. It directly affects Google and you, I don’t see why they should not do this. | | |
| ▲ | Nextgrid 11 hours ago | parent [-] | | Spam in Google search results is due to Google happily taking money from the spammers in exchange for promoting their spam, or that the spam sites benefit Google indirectly by embedding Google Ads/Analytics. I don't see any spam in Kagi, so clearly there is a way to detect and filter it out. Google is simply not doing so because it would cut into their profits. | | |
| ▲ | miki123211 9 hours ago | parent [-] | | The reason you don't see spam in Kagi is because nobody is targeting Kagi specifically. They can probably get away with a lot of stupid rules that would backfire if anybody tried to cater to them specifically. | | |
| ▲ | Nextgrid 9 hours ago | parent [-] | | "SEO spammers being more advanced than multi-billion-dollar search conglomerate" is a myth. Spam sites have an obvious objective: display ads, shill affiliate links or sell products. All these have to be visible, since an ad or product you can't see/buy is worthless. It is trivial to train a classifier to detect these. But let's play devil's advocate and say you are right and spammers are successfully outsmarting Google - well, Kagi does use Google results via SerpAPI by their own admission, meaning they too should have those spam results. Yet they somehow manage to filter them out with a fraction of the resources available to Google itself with no negative impact on search quality. |
|
|
| |
| ▲ | UqWBcuFx6NV4r 12 hours ago | parent | prev [-] | | Okay. You get right on that. In the meantime, would you rather they did nothing? What do you actually want, in concrete terms? |
|
