Hi! Sam:
Hi Matheu,
I'm sorry you had trouble subscribing to the mailing list.
I can disable all the security mechanisms, but as a result we have more work with all the manual cleanups caused by spammers. We are exposed to many spam attacks every day and use existing protection mechanisms to protect ourselves and our community from such attacks. Here are some numbers about spam, last weeks 2786 attacks were blocked based on IP address. 17 direct login attempts with blacklisted email addresses have been blocked. 7 brute force attacks and 70 complex attacks. All attackers want to remain anonymous. However, blacklisting Tor exit nodes is usually not doing anything to the attackers, because of the way Tor works.
E.g., one of the addresses that you blacklist is: http://metrics.torproject.org/exonerator.html?ip=185.220.101.27×tamp=20... a Tor exit node with probably heavy traffic of all kinds of people, most of them probably legitimate visitors. The malicious ones, esp. if they are expert or just more advanced, your ban does pretty much nothing to them, because they can do so much more than just change identity in the top right corner of Tor browser (which means change who you appear to be to the website that you are visiting, i.e. the exit node)... So banning an exit node, which is what the CleanTalk probably does (no time to investigate, but I think I saw some address with that name in some instances when I tried visiting https://www.cinelerra-gg.org and was banned, is just wrong thing to do... Also there are FOSS captcha's available, way more benign to users, but I have no time to search for links to those...
I also prefer to surf the Internet anonymously as far as possible, but we use these protection techniques to protect ourselves and not to use our visitors for advertising purposes. These security tools help us spend our time on more important things, such as more time improving Cinelerra. I would love to do without such tools, but unfortunately this would make dynamic content of our users impossible.
I can add you manually. I'll send you an email
But whatever you use to counter spam and attacks is blacklisting exit nodes that I used today as well. [...]
Sam
[...]
Hi Matheu, Thank you for that information. I wasn't even aware that this problem existed. CleanTalk seems to be the cause of this problem. I will look for ways to find a solution. I can't promise to find a solution immediately, it will certainly take some time and testing. I will open a ticket and try to solve this problem after my vacation. Sam On 10.07.19 17:12, matheu wrote:
Hi!
Sam:
Hi Matheu,
I'm sorry you had trouble subscribing to the mailing list.
I can disable all the security mechanisms, but as a result we have more work with all the manual cleanups caused by spammers. We are exposed to many spam attacks every day and use existing protection mechanisms to protect ourselves and our community from such attacks. Here are some numbers about spam, last weeks 2786 attacks were blocked based on IP address. 17 direct login attempts with blacklisted email addresses have been blocked. 7 brute force attacks and 70 complex attacks. All attackers want to remain anonymous. However, blacklisting Tor exit nodes is usually not doing anything to the attackers, because of the way Tor works.
E.g., one of the addresses that you blacklist is: http://metrics.torproject.org/exonerator.html?ip=185.220.101.27×tamp=20... a Tor exit node with probably heavy traffic of all kinds of people, most of them probably legitimate visitors. The malicious ones, esp. if they are expert or just more advanced, your ban does pretty much nothing to them, because they can do so much more than just change identity in the top right corner of Tor browser (which means change who you appear to be to the website that you are visiting, i.e. the exit node)...
So banning an exit node, which is what the CleanTalk probably does (no time to investigate, but I think I saw some address with that name in some instances when I tried visiting https://www.cinelerra-gg.org and was banned, is just wrong thing to do...
Also there are FOSS captcha's available, way more benign to users, but I have no time to search for links to those...
I also prefer to surf the Internet anonymously as far as possible, but we use these protection techniques to protect ourselves and not to use our visitors for advertising purposes. These security tools help us spend our time on more important things, such as more time improving Cinelerra. I would love to do without such tools, but unfortunately this would make dynamic content of our users impossible.
I can add you manually. I'll send you an email
But whatever you use to counter spam and attacks is blacklisting exit nodes that I used today as well.
[...]
Sam [...]
Hi Matheu, I have new insights into the problems of Tor networks and CleanTalk. In fact, the Tor exit nodes are being blocked by CleanTalk because many spammers abuse Tor for their spam purposes. The amount of spam from the Tor network must have been so large that CleanTalk generally blocks Tor. There are also brute force attacks registered, but these are far less significant than spam attacks. CleanTalk also recommends not releasing these exit nodes, as this will drastically increase spam traffic. Here are some of the spam & brute force statistics: https://cleantalk.org/blacklists/185.220.101.27 https://cleantalk.org/blacklists/185.220.101.70 The use of other means would also lead to the same result, because after a few attacks from the Tor network, the IP address would automatically be blocked for a few hours/days. As a result, other honest Tor users would not be able to access the website. It's a shame that such a great project would be misused for such inglorious purposes. I'm going to have to take a closer look at the Tor concept, because I'm still a little under-acquainted with it. Sam
Hi! I also read your previous email. Sam:
Hi Matheu,
I have new insights into the problems of Tor networks and CleanTalk.
In fact, the Tor exit nodes are being blocked by CleanTalk because many spammers abuse Tor for their spam purposes. The amount of spam from the Tor network must have been so large that CleanTalk generally blocks Tor.
There are also brute force attacks registered, but these are far less significant than spam attacks. CleanTalk also recommends not releasing these exit nodes, as this will drastically increase spam traffic.
Here are some of the spam & brute force statistics:
https://cleantalk.org/blacklists/185.220.101.27 https://cleantalk.org/blacklists/185.220.101.70
Yup! As you say below, people are using Tor for bad purposes. There is no doubt about that... But I still believe CleanTalk must be doing it wrong, as it allows too few nodes... I tried many times (in the span of many days, non-intenisevely, scattered in time) to access cinelerra-gg.org and too few exit nodes they allow, too few nodes!
The use of other means would also lead to the same result, because after a few attacks from the Tor network, the IP address would automatically be blocked for a few hours/days. As a result, other honest Tor users would not be able to access the website.
Not sure it would be so. Most of the browsing with Tor can be done just fine. I've been unable to access, say reddit.com (or whatever the Reddit address is, or any of the plethora of Debian sites, or DuckDuckgo.com, or startpage.com, and so many other sites, many of them also WordPress and even small DIY servers...
It's a shame that such a great project would be misused for such inglorious purposes.
I'm going to have to take a closer look at the Tor concept, because I'm still a little under-acquainted with it.
Sam
That definitely will take a little time. I hope you manage to do it. Not at all an easy go, the depths of Tor... (And neither is true, professional, advanced use of Cinelerra :) ) matheu
Correction below... matheu: [...]
Not sure it would be so. Most of the browsing with Tor can be done just fine. I've been unable to access, say reddit.com (or whatever the Reddit s/I've been unable/I've never been unable/' address is, or any of the plethora of Debian sites, or DuckDuckgo.com, or startpage.com, and so many other sites, many of them also WordPress and even small DIY servers... I meant: I was never banned, using Tor, to access so many sites, of all kinds. [...]
matheu
Hi Matheu, We will revise the concept and see how we can find a solution to this problem. Sam
participants (2)
-
matheu -
Sam