If you write about the messy reality behind "free" internet services: we're seeing #OpenStreetMap hammered by scrapers hiding behind residential proxy/embedded-SDK networks.

fuzzle@chaos.social

@osm_tech @evawolfangel #hint , vielleicht was für dich.

joeress@mastodon.social

@osm_tech if you have anyone with a good microphone/audio setup, who's willing to speak on a podcast, I'd be happy to record something for one of the @latenightlinux shows.

eigen@mattstodon.panar.ooo

@osm_tech anything I can volunteer to help?

ifrit@masto.ai

@osm_tech
@404mediaco @josephcox

osm_tech@en.osm.town

@utf_7 See https://www.youtube.com/watch?v=qhie14YKa-w&t=790s

fluffykittycat@furry.engineer

@ClaireH @osm_tech @404mediaco here's a good story idea, OSM is having issues with AI scrapers

jakobthomsen@urbanists.social

@osm_tech perhaps people at the Chaos Computer Club would be interested to look into that:
https://www.ccc.de/en/
Or maybe someone at Netzpolitik:
https://netzpolitik.org/

gunchleoc@mastodon.scot

@fuzzle @osm_tech Oder @heiseonline oder @netzpolitik_feed

osm_tech@en.osm.town

@LMieldazis @geerlingguy oooh do we get to show him our out-of-band (remote access) Raspberry Pi with dual power feeds, 4G modem and loads of serial connections? Saved our skin a good few times.

osm_tech@en.osm.town

@BalooUriza We use fail2ban to handle some of this with custom rules, but eventually fail2ban becomes a bottleneck after 100,000 IP addresses.

osm_tech@en.osm.town

@eigen we're always looking for more volunteers to join our team. ️

osm_tech@en.osm.town

@joeress @latenightlinux Sounds interesting. We'll follow up by email.

sjvn@mastodon.social

@osm_tech Tell me more. You can reach me at sjvn01 <at> gmail.com

dalias@hachyderm.io

@osm_tech @BalooUriza For IPv4, a bitmask of the entire address space is a viable "efficient" implementation of blocking. I wonder if there are tools that can do it that way rather than needing a gigantic list.

dalias@hachyderm.io

@AliveDevil @utf_7 @osm_tech So ridiculous that Google and Apple won't just permaban any developer embedding one of these "SDKs".

azonenberg@ioc.exchange

@InsertUser @osm_tech Pulling them from app stores and banning developers of the SDKs would be a good start. Save the criminal charges for after the damage control is done.

dalias@hachyderm.io

@InsertUser @pietervdvn @osm_tech It goes against their whole ideology. The ideology says trust the machine to do what it copied from scraped Stack Overflow posts. If you try to intervene to make it do better, you're not trusting it.

dalias@hachyderm.io

@osm_tech @BalooUriza Like, a bitmask of IPv4 space is several times smaller than a Chrome instance.

alivedevil@tauri.earth

@dalias I'd wish for them to enforce policies, but they get Ad- and IAP-revenue, so why bother.

Also, these "Sdks" probably have kill-switches (or rather, delayed activation) built-in, to not immediately contact their C&C servers.

dalias@hachyderm.io

@AliveDevil Yes but they could still be banned when caught. A few devs getting banned would be a big deterrent for others to ship this malware.

The right *technical* defense, however, is not to allow apps arbitrary network access unless they're declared in the manifest as a "browser" or other "client software" that the user can use with any service they want (like IRC clients, mail clients, Mastodon clients, etc.).

Instead, the manifest should declare a single domain the app can contact, or multiple if the developer is willing to pay for more intensive vetting of them, and only allow network access to the declared domain(s).

Abspeckgeflüster – Forum für Menschen mit Gewicht(ung)

If you write about the messy reality behind "free" internet services: we're seeing #OpenStreetMap hammered by scrapers hiding behind residential proxy/embedded-SDK networks.