this post was submitted on 18 May 2022
32 points (97.1% liked)

Technology

34863 readers
142 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.


Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.


Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago
MODERATORS
 

A friend of mine has a project that is accross an art project and a political statement, in the form of an experiment:

To exemplify the power of the surveillance capitalists on the very fabric of what we still call "the Internet", they want to configure a computer to block all connections going to all known services belonging to Google, Amazon and Cloudflare (and later potentially extend this to other companies).

(yes, my friend is very much aware that in practice most of the commercial web would become totally unusable. that's partly the point of the demonstration to exemplify this...)

For google, they rely on an old (long) list of domains known to belong to the multiple entities composing the behemoth... an /etc/hosts points all of them to 127.0.0.1. brutal but efficient, until new domains, subdomains etc.. appear.

How would you do it for amazon and its gigantic AWS platform? how would you do it for cloudflare? collect lists of their IPs (and update them over time)? edit firewall lists based on them that would sink all packets?

Anyone knows of any project going in that direction?

top 8 comments
sorted by: hot top controversial new old
[–] panosalevropoulos@lemmy.ml 9 points 2 years ago (1 children)

You can find some gigantic filter lists out there. Check https://filterlists.com.

[–] JoeBidet@lemmy.ml 4 points 2 years ago

not sure this project shares the objectives i described:

"Privacy

We respect your privacy. That is the whole point of this project. The only minor data we collect about visitors is what our infrastructure providers collect. These include:

GitHub
Azure DevOps
Application Insights
DigitalOcean
Cloudflare

"

[–] metawish@lemmy.ml 8 points 2 years ago (1 children)

https://bigboy.us/other/aws/

That's a how to guide for blocking Amazon and their web services! Will friend be sharing the project? Sounds cool!

[–] JoeBidet@lemmy.ml 2 points 2 years ago (3 children)

curl https://ip-ranges.amazonaws.com/ip-ranges.json | jq '.prefixes[].ip_prefix' | paste -sd "," - | sed 's/"//g'

seems indeed interesting... the rest of the page mentions some obscure/proprietary technology...

so a few questions remain:

how would one use these list of IP addresses using free/libre software?

also can we trust Amazon themselves to declare all their IPs?

How do you do the same for Google? Cloudflare?

[–] ailiphilia@lemmy.ml 1 points 2 years ago

I don't know where yoyr friend lives, but in Europe / EU there are possibly opps to fund this project.

[–] ailiphilia@lemmy.ml 1 points 2 years ago

I'm not an expert for these kind of things, but your friend my find the guys from Crimeflare interesting when dealing with Cloudflare, see https://github.com/zidansec/CloudPeler

The people behind https://dnsprivacy.org may also be useful.

[–] ailiphilia@lemmy.ml 1 points 2 years ago

And, yes, the people behind https://www.sphere-transgression-watch.org may also be of interest. The Sphere Transgression project may also be of interest for others to contribute. You'll find information on the site.

[–] Fissionami@lemmygrad.ml 2 points 2 years ago

Here have a look at this project and the related ones mentioned below the page https://github.com/nickspaargaren/no-google