| ▲ | lucasfin000 4 hours ago |
| The real frustrating part is that Cloudflare's "definition" of suspicious keeps changing and expanding. VPN users, privacy-first browsers, uncommon IP ranges, they all get flagged. The people most likely to get caught by these systems are exactly the ones who care most about their privacy, and not the bots that they are apparently targeting. |
|
| ▲ | gruez 4 hours ago | parent | next [-] |
| >The real frustrating part is that Cloudflare's "definition" of suspicious keeps changing and expanding. That's... exactly expected? It's a cat and mouse game. People running botnets or AI scrapers aren't diligently setting the evil bit on their packets. |
| |
| ▲ | jagged-chisel 3 hours ago | parent | next [-] | | That’s obviously because they’re not being “evil” | |
| ▲ | lxgr 3 hours ago | parent | prev [-] | | So the stable state here is all humans eventually being locked out? (Bots are getting better every day; I doubt the same is true for all humans, including those with weird browsers or networks unwilling to install some dystopian Cloudflare "Internet passport".) But hey, at least some bots are also not making it past Cloudflare! | | |
| ▲ | WatchDog an hour ago | parent | next [-] | | The inevitability is that these kinds of services just won't be offered without identifying yourself. Claude's free tier requires a phone number just to try it. | |
| ▲ | small_scombrus an hour ago | parent | prev [-] | | > So the stable state here is all humans eventually being locked out? Yep. The most easy to implement stable state for any system where you're aiming to prevent misuse is to just prevent use |
|
|
|
| ▲ | Aurornis 39 minutes ago | parent | prev | next [-] |
| > The people most likely to get caught by these systems are exactly the ones who care most about their privacy, and not the bots that they are apparently targeting. In my brief experience with abuse mitigation, connections coming from VPNs or unusual IP ranges were very significantly more likely to be associated with abuse. It depends on your users. VPNs aren’t common at all, even though you hear about them a lot on Hacker News. For types of social sites where people got banned for abuse (forums) the first step to getting back on the forum was always to sign up for a VPN and try to reconnect. It got so bad that almost every new account connecting via VPN would reveal itself as a spammer, a banned member trying to return, or someone trying to sock puppet alternate accounts for some reason. The worst offenders are Tor IP addresses. Anyone connecting from Tor was basically guaranteed to have bad intentions. I heard from someone who dealt with a lot of e-mail abuse that the death threats, extortion, and other serious abuse almost always came from Protonmail or one of the other privacy-first providers that I can’t remember right now. He half-jokingly said they could likely block Protonmail entirely without impacting any real users. It’s tough for people who want these things for privacy, but the sad reality is that these same privacy protections are favored by people who are trying to abuse services. |
|
| ▲ | whatisthiseven 4 hours ago | parent | prev [-] |
| Which VPNs are people using that actually care about the user's privacy? Most of them don't, sell their home IP to buyers, sell their DNS history to others, etc. Worse, some of them could require invasive MITM cert stuff most users will just click yes through. I have yet to see a use case for VPNs for the casual internet audience, and for a tech savvy user, their better off renting through some datacenter or something, which at that point is hardly a VPN and more home IP obfuscation. All the same downsides, and at least you get real privacy. |
| |
| ▲ | traceroute66 3 hours ago | parent | next [-] | | > Which VPNs are people using that actually care about the user's privacy? Mullvad. It has been proven in a court of law that when Mullvad says "no logging", they mean it. They also regularly have security audits and publish the results[2][3] [1]https://mullvad.net/en/blog/mullvad-vpn-was-subject-to-a-sea...
[2]https://mullvad.net/en/blog/new-security-audit-of-account-an...
[3]https://mullvad.net/en/blog/successful-security-assessment-o... | | | |
| ▲ | evilduck 4 hours ago | parent | prev | next [-] | | Using any popular datacenter's IP range for a personal VPN is likely to be outright blocked. | | |
| ▲ | Imustaskforhelp 3 hours ago | parent [-] | | Also you only get 1 IP so its not really anonymous and you definitely would have a fingerprint. | | |
| |
| ▲ | lxgr 3 hours ago | parent | prev | next [-] | | I'm forced to use a VPN to occasionally check my US bank account, since a foreign IP address is obviously a harbinger of unspeakable evil (while the friendly Youtube advertised neighborhood VPN is obviously evidence of pure intentions). | |
| ▲ | gruez 4 hours ago | parent | prev | next [-] | | >Most of them don't, sell their home IP to buyers, sell their DNS history to others, etc. Worse, some of them could require invasive MITM cert stuff most users will just click yes through. Source? I haven't seen any evidence that the major paid VPN providers engage in any of those things. At best it's vague implications something shady is happening because one of the key people was previously at [shady organization]. | |
| ▲ | Imustaskforhelp 3 hours ago | parent | prev [-] | | ProtonVPN with bitcoin which you get from a monero swap is a good idea for complete privacy if you want port forwarding. MullvadVPN is also another great one. I have heard some good things about AirVPN, but I can absolutely attest for mullvad and to a degree ProtonVPN (Just with Proton, depending upon your threat model, do make the necessary precautions like buying with monero for example) There are others, but mostly its the 2-3 that I trust. |
|
