Platonides wrote:
Tim Starling wrote:
Some remote loaders use a rotating open proxy list, for example tramadol.tfres.net (warning, site contains some nasty javascript).
2002 popups blocked :O
This makes them slow, but apparently fast enough for the search engines to index them. What can we do about that, besides DoS the website?
Make an script doing a special request to autoblock it. Run it daily/hourly. They *can't* update their proxy list as fast as a bot requesting pages. You can even use their proxy list to avoid them filtering the server ip.
That's all very well, until they use a proxy that we don't want to block. It's been our policy so far to block anonymous editing from open proxies and p2p anonymity networks, but to allow page views. If they were blocked at the squid level, neither would be possible.
Gregory Maxwell wrote:
At some point a layer-8 approach becomes the most reasonable, although technical folks tend to shy away from interactions outside of their domain of expertise. ;)
Their money apparently comes from an affiliate scheme with DriveCleaner, which apparently is a scam where the "free version" of a purported spyware/virus checker reports a threat, and recommends that the user buy the "full version" of the software in order to remove it. It's been known to Symantec since June 2006, and what have the authorities done in that time to stop it? You can still go to drivecleaner.com and pick up a copy. There's a lack of international coordination, a lack of political will and a lack of funding.
And if they can't stop a blatant scam, defrauding people of money every day, so what makes you think they could be bothered to stop a borderline abuse of service?
As for vigilante action, we know from anti-spam activities that a technical attack could well be met by with revenge in kind, and we know that we could easily find ourselves outgunned. I don't really want to spend my time dealing with multi-gigabit DDoS attacks against Wikipedia once every week or two.
Civil action may be the only remaining option, but of course it is expensive. The hosting providers, ISPs and banks will defend their clients' right to privacy every step of the way.
Welcome to the Internet.
-- Tim Starling