zlacker

[return to "Mitigating a DDoS on Mastodon"]
1. pjc50+RJ[view] [source] 2019-12-06 15:34:01
>>dredmo+(OP)
Decentralisation fans take note: despite wanting to remain independent, the only effective solution was in this case to re-insert a giant global intermediary (Cloudflare) and block all the anonymous unaccountable Tor users.

If a decentralised system is to stay decentralised, it needs to consider spammy bad actors.

◧◩
2. genera+OP[view] [source] 2019-12-06 16:06:51
>>pjc50+RJ
How come private contract clauses can't be initiated to protect from malicious actors?

What if I own a server and connect it to an ISP under an agreement where the ISP is accountable for clearly malicious behavior coming from its connection (regardless of origin)?

Then, that ISP requires the same agreement from me, and everyone connecting to that ISP, and on down the chain.

Wouldn't we all be very active in policing bad actors in the networks we manage?

◧◩◪
3. Analem+FX[view] [source] 2019-12-06 16:46:23
>>genera+OP
1) This doesn't deal with botnets and other compromised devices. Would you want your ISP to terminate your service if you (or worse, your roommate) got a virus?

2) This would require ISPs to do even more invasive monitoring of all traffic to be in compliance. They'd essentially have to DPI everything, or even break TLS between you and your destination, to know if your traffic was malicious. No thank you.

3) Many ISPs simply don't care. A lot of malicious traffic comes from countries where ISPs will just look the other way for a bit of cash. I suppose we could come up with a system that depeers bad ISPs, but this would have tons of collateral damage to innocents as well as reintroducing the exact centralization we're trying to avoid (where's the "master list" of bad ISPs to depeer?)

Whatever the solution to bad actors online is, it isn't ISPs.

[go to top]