[Cin] [CinCV TNG] about Cin-GG

Sam cinelerra at posteo.de
Wed Jul 10 17:28:20 CEST 2019


Hi Matheu,

Thank you for that information. I wasn't even aware that this problem 
existed. CleanTalk seems to be the cause of this problem. I will look 
for ways to find a solution.  I can't promise to find a solution 
immediately, it will certainly take some time and testing. I will open a 
ticket and try to solve this problem after my vacation.

Sam

On 10.07.19 17:12, matheu wrote:
> Hi!
>
> Sam:
>> Hi Matheu,
>>
>> I'm sorry you had trouble subscribing to the mailing list.
>>
>> I can disable all the security mechanisms, but as a result we have more
>> work with all the manual cleanups caused by spammers. We are exposed to
>> many spam attacks every day and use existing protection mechanisms to
>> protect ourselves and our community from such attacks. Here are some
>> numbers about spam, last weeks 2786 attacks were blocked based on IP
>> address. 17 direct login attempts with blacklisted email addresses have
>> been blocked. 7 brute force attacks and 70 complex attacks. All
>> attackers want to remain anonymous.
> However, blacklisting Tor exit nodes is usually not doing anything to
> the attackers, because of the way Tor works.
>
> E.g., one of the addresses that you blacklist is:
> http://metrics.torproject.org/exonerator.html?ip=185.220.101.27&timestamp=2019-07-08&lang=en
> a Tor exit node with probably heavy traffic of all kinds of people, most
> of them probably legitimate visitors.
> The malicious ones, esp. if they are expert or just more advanced, your
> ban does pretty much nothing to them, because they can do so much more
> than just change identity in the top right corner of Tor browser (which
> means change who you appear to be to the website that you are visiting,
> i.e. the exit node)...
>
> So banning an exit node, which is what the CleanTalk probably does (no
> time to investigate, but I think I saw some address with that name in
> some instances when I tried visiting https://www.cinelerra-gg.org and
> was banned, is just wrong thing to do...
>
> Also there are FOSS captcha's available, way more benign to users, but I
> have no time to search for links to those...
>
>> I also prefer to surf the Internet
>> anonymously as far as possible, but we use these protection techniques
>> to protect ourselves and not to use our visitors for advertising
>> purposes. These security tools help us spend our time on more important
>> things, such as more time improving Cinelerra. I would love to do
>> without such tools, but unfortunately this would make dynamic content of
>> our users impossible.
>>
>> I can add you manually. I'll send you an email
>
> But whatever you use to counter spam and attacks is blacklisting exit
> nodes that I used today as well.
>
> [...]
>
>> Sam
> [...]
>


More information about the Cin mailing list