Technology

37724 readers

488 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago

MODERATORS

alyaza@beehaw.org

TheRtRevKaiser@beehaw.org

gyrfalcon@beehaw.org

rs5th@beehaw.org

Los@beehaw.org

coldredlight@beehaw.org

SemioticStandard@beehaw.org

TheRtRevKaiser@kbin.social

remington@beehaw.org

Too big to care? Cloudflare comes again under pressure for enabling abusive sites, anti-spam NGO says (www.spamhaus.org)

submitted 3 months ago by 0x815@feddit.org to c/technology@beehaw.org

6 comments fedilink hide all child comments

Archived link

Research into websites that are openly advertising services to a cybercriminal audience, such as bulletproof hosting, reveals that many of these domains are supported by Cloudflare’s services, the NGO Spamhaus says.

For years, Spamhaus has observed abusive activity facilitated by Cloudflare’s various services. Cybercriminals have been exploiting these legitimate services to mask activities and enhance their malicious operations, a tactic referred to as living off trusted services (LOTS).

With 1201 unresolved Spamhaus Blocklist (SBL) listings, it is clear that the state of affairs at Cloudflare’s Connectivity Cloud looks less than optimal from an abuse-handling perspective, Spamhaus writes on its website. 10.05% of all domains listed on Spamhaus’s Domain Blocklist (DBL), which indicates signs of spam or malicious activity, are on Cloudflare nameservers . Spamhaus routinely observes miscreants moving their domains, which are already listed in the DBL, to Cloudflare to disguise the backend of their operation, be it spamvertized domains, phishing, or worse.

you are viewing a single comment's thread
view the rest of the comments

[+] skullgiver@popplesburger.hilciferous.nl 4 points 3 months ago* (last edited 2 months ago) (1 children)

[deleted]

[–] garrett@infosec.pub 1 points 3 months ago* (last edited 3 months ago)

There's a balance to be struck here but Cloudflare is truly the most miserable entity I have to work with from an abuse perspective. They're not necessarily "ignoring" warrants but most phishing doesn't get reported with a legal takedown request. In those cases, Cloudflare will be almost intentionally obtuse. I'm happy to outline the misery of a host working with Cloudflare but it's not necessarily important to this. TLDR; Cloudflare takes steps that don't make sense for its "we're not responsible" stance while also having zero automation in the year of our lord 2024.

I suppose everything could be a legal request but that just makes the whole process so infinitely worse for NGOs like Spamhaus and only serves to make lawyers excited that their consultation fees are going up. I see that the laziest pathway is "Youtube-like strikes" which is misery as well but they could just shift to investigating accounts receiving a high volume of reports as potential fraud or abuse actors since it is a drag on their services and these accounts are not paying or are paying with stolen credit cards.

Ultimately, I don't disagree with you that much but there's a lot of room for CF to improve their management of fraud & abuse without becoming a trash platform or invalidating legal protections. Happy to get into the weeds on this a bit more since it's a lil' bit close to home. 😅