Category Archives: Internet

What is the cloud?

The term “cloud” typically refers to cloud computing or cloud services. In the context of technology, the cloud refers to a network of remote servers that are hosted on the internet and used to store, manage, and process data. These servers are usually owned and maintained by a third-party provider, such as Amazon Web Services (AWS), Microsoft Azure, or Google Cloud.

Cloud computing allows users to access computing resources and services over the internet on-demand, without the need for local infrastructure or hardware. It provides a convenient way to store and access data, run applications, and perform various computational tasks without relying heavily on physical devices.

One of the key advantages of cloud computing is scalability. Users can easily scale up or scale down their computing resources based on their needs, without having to invest in expensive hardware upgrades or worry about infrastructure maintenance. The cloud also offers flexibility, as users can access their data and applications from any device with an internet connection.

Cloud services are typically offered in different models, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). These models provide varying levels of control and management over the underlying infrastructure, allowing users to choose the level of abstraction that best suits their requirements.

Overall, the cloud has revolutionized the way businesses and individuals store, access, and utilize data and computing resources, offering increased efficiency, cost-effectiveness, and flexibility compared to traditional on-premises solutions.

(Ed: written by ChatGPT; verified by jrivett.)

What is cryptocurrency?

(Ed: before cryptocurrency showed up, the abbreviation ‘crypto’ usually referred to cryptography. Now it’s almost always used to refer to cryptocurrency.)

Cryptocurrency is a digital or virtual currency that uses cryptography for security and operates independently of a central bank. Cryptocurrencies use a decentralized network of computers to maintain and verify transactions, which are recorded on a public ledger called a blockchain.

Unlike traditional currencies, which are backed by governments or other centralized authorities, cryptocurrencies are not issued or regulated by any single entity. Instead, they rely on complex mathematical algorithms and protocols to create new units and verify transactions.

The most well-known cryptocurrency is Bitcoin, which was created in 2009. Since then, thousands of other cryptocurrencies have been developed, each with its own unique features and use cases.

Cryptocurrencies are often used for online purchases, investments, and as a store of value. They have gained popularity due to their ability to operate independently of government or financial institutions, and their potential for anonymity and privacy. However, cryptocurrencies are also subject to volatility and regulatory uncertainty, which can make them a risky investment.

(Ed: written by ChatGPT; verified by jrivett.)

What is a VPN?

VPN stands for Virtual Private Network. It is a technology that creates a secure and encrypted connection between two points on the internet. This connection is established by using VPN client software on a device that connects to a VPN server, typically located in a different geographic location.

When a user connects to a VPN server, the user’s device becomes part of the private network established by the VPN server. This allows the user to access the internet as if they were physically located in the same location as the VPN server.

The primary benefit of using a VPN is that it provides a secure and private connection, which is especially important when accessing sensitive information, such as financial data or personal information, over public Wi-Fi networks or when accessing geo-restricted content. It also helps to protect against hackers, identity theft, and other online threats by masking the user’s IP address and encrypting their internet traffic.

(Ed: written by ChatGPT; verified by jrivett.)

What is spyware?

Spyware is a type of malicious software designed to gather sensitive information from a computer system without the user’s knowledge or consent. This information can include personal information such as passwords, credit card numbers, and online browsing habits, as well as system information such as installed software and hardware specifications. Spyware can be installed on a computer through a variety of means, such as email attachments, infected websites, and bundled software. Some spyware is designed to monitor a user’s activities for advertising purposes, while others are used for more malicious purposes such as identity theft and financial fraud. Spyware can cause a number of problems for a computer user, including decreased system performance, slow internet speeds, and a loss of privacy. It is important to protect your computer from spyware by using anti-virus software and avoiding downloading suspicious files from the internet.

(Ed: written by ChatGPT; verified by jrivett.)

What is a proxy?

A proxy is a server or computer that acts as an intermediary between a user and the internet. Proxies can be used for a variety of purposes, such as to improve network performance, to access blocked websites, or to protect a user’s identity and location. For example, a user can connect to a proxy server, which will then make requests on the user’s behalf and return the results to the user. This can help to hide the user’s IP address and location from the websites they are accessing.

(Ed: written by ChatGPT; verified and posted by jrivett)

Some VPN services should be avoided

People use VPNs (Virtual Private Networks) for lots of reasons, both legitimate and… less so. They are commonly required for remote access to workplace computers by employees. They are used by people who do their banking from public WiFi networks. They are used by people who can’t afford to pay for dozens of streaming and cable services and instead rely on still-considered-illegal downloads of copyrighted media. And some people use VPNs to get around ridiculous regional limitations on access to streaming media.

I myself fit into at least two of those general categories of VPN users. I won’t say which.

Because people want (and rightly feel they deserve) access to their culture, and because Big Media is willing to go after absolutely anyone who dares to defy their stranglehold on culture, savvy media consumers rely on VPNs to avoid costly (and absurd) lawsuits.

But sadly, some VPN services exist only to fleece gullible consumers. There are numerous ways in which a VPN provider can cause problems for its customers:

  • Faulty service can leave the customer’s activity exposed.
  • Logging customer activity, and being willing to provide those logs to Big Media’s law enforcement lackeys, essentially renders a VPN service pointless.
  • Requiring installation of software that is then used by the VPN provider to route other customer traffic through the customer’s computer is just a horrible idea.
  • Selling customer information to anyone who wants it.
  • Poor security can lead to customer data being exposed.

Recently, a group of VPN providers, all owned and operated by one company in Hong Kong, was discovered to be doing many of the problematic things listed above. Needless to say, all of these VPN providers should be avoided:

  • UFO VPN
  • FAST VPN
  • FREE VPN
  • SUPER VPN
  • Flash VPN
  • Secure VPN
  • Rabbit VPN

In general, VPN services should be carefully researched before using them. There are numerous VPN rating sites on the web, but many of them are maintained by the VPN providers themselves, and not to be trusted. TorrentFreak’s “Which VPN Providers Really Take Privacy Seriously” series is both trustworthy and comprehensive, and focuses on investigating the privacy claims of VPN providers.

There’s also a growing chorus of voices encouraging people to reconsider their reliance on VPN services for privacy, arguing that the way most of these services work provides little actual privacy for their customers. Techdirt has more along those lines.

There’s more on the welivesecurity site.

Brian Krebs recently investigated the extremely shady proxy service provider Microleaves (currently being rebranded as ‘Shifter.io’). This service uses a huge network of computers runing their software, often installed without the knowledge of their owners.

Blocking IP ranges at the router

I’m sure that Russia is a wonderful place, and I’m sure that the vast majority of people there are lovely, and have no interest in harming anyone.

Sadly, from the perspective of a server operator, it sometimes feels that nothing good ever comes from Russia.

Being the diligent server operator that I (hopefully) am, I monitor things pretty closely. That includes network traffic coming from the Internet. Over the years, I’ve noticed that a huge proportion of the probes, DDoS attacks, spam, phishing, and hack attempts against my network come from IP addresses in Russia.

It’s gotten to the point where I am now actively blocking huge swathes of Internet addresses (IPs) that originate in Russia and neighbouring countries like the Ukraine.

Blocking those nasty IPs

I run a Linux web server, as well as several Internet-enabled services, at my home office. All of the communications between my server and the Internet pass through a router, making it the ideal place to block unwanted traffic for my entire network, which includes media computers, development systems, and the Windows computer on which I’m writing this.

I’m using a commercial router, but I’ve replaced the original firmware with Advanced Tomato. Doing this provides many benefits, including making it easier to manage the router’s firewall, IPTABLES. Here’s a typical IPTABLES command to block an IP address from the router’s Linux command line:
iptables -I FORWARD -s 185.219.52.90 -j DROP

The DROP directive tells the router to unceremoniously drop any traffic from the specified IP, without logging this action. Traffic can also be logged when it’s dropped, but excessive logging can cause performance problems and fill up logs with junk, so I just drop this traffic.

I issue commands like the one above at my router’s command line to block the traffic immediately, and then I update the router’s startup firewall script with the same command, so that it persists after the next router restart.

So there’s this one guy

There’s been one particularly persistent attacker in the last year or so. This person wants desperately to gain access to one of my Internet-accessible services, but he’s not particularly intelligent, because he keeps trying the same things over and over, in rapid succession. So much so, that at times the traffic he generates comes within shouting distance of a DDoS attack.

I started paying particular attention to traffic associated with a series of ports that are used by the service, and blocking the IP addresses at the other end of that traffic. Whereupon we embarked upon a long game of whac-a-mole, in which I blocked an IP or IP range, and the attacker moved to another host or VPN provider and resumed his attacks from there. It seems clear that this was all being done by one attacker, based on his quick reactions to my blocking.

This went on for several months, but now he appears to have given up. Or at least he’s moved on to other methods.

In the process of blocking all these IPs and networks, the attacker has also helpfully provided me with a list of VPN providers that should be blocked by, well, everyone. Everyone who doesn’t specifically need to allow them.

IP addresses and ranges I’m blocking

Almost all of these IPs and IP ranges are in Russia and the Ukraine. A few are elsewhere in Asia. Most of the ranges are VPN providers.
103.48.51.116
104.129.18.0/23
104.237.192.0/19
104.237.203.0/24
141.98.10.0/24
173.244.208.60
176.67.85.0/24
185.156.72.0/24
185.156.74.0/24
185.193.88.0/24
185.217.69.157
185.219.52.112
185.219.52.90
185.219.52.91
193.106.191.25
193.106.191.35
193.106.191.41
193.32.164.85
193.93.62.0/24
195.54.160.27
198.8.81.220
216.131.114.0/24
216.131.116.0/23
216.131.68.0/24
216.131.88.0/23
217.138.255.202
31.43.185.29
31.43.185.9
37.120.218.0/24
45.134.26.0/24
45.143.203.121
45.145.64.0/23
45.145.65.11
45.146.164.0/23
45.146.166.0/23
45.155.204.0/24
45.155.205.0/24
45.227.253.0/24
45.9.20.0/24
5.188.206.230
71.19.251.0/24
76.180.16.74
77.243.191.120
77.83.36.0/24
78.128.112.18
82.145.32.0/19
84.17.41.141
84.17.41.151
87.251.75.0/24
89.187.182.87
89.187.183.76
91.191.209.110
92.204.240.75
92.255.85.0/24
94.232.40.0/21
98.175.213.148

Here are a few other ranges I’m blocking for various reasons:

  • Hungarian ISP MAGYAR-TELEKOM-MAIN-AS IP range (unceasing garbage): 94.27.128.0/17
  • MediaLand BPH IP range (generally just horrible): 45.141.84.0/24
  • EE-GIGAHOSTINGSERVICES (constant email relay attempts): 176.111.173.0/24

What is a web browser, anyway?

For the uninitiated, computer jargon often seems unintelligible. The resulting confusion even allows technical support people to determine a customer’s level of understanding by observing the way they use (and mis-use) common terms.

The confusion is understandable. If someone uses their computer only for web browsing and email, and especially if their email client is web-based, the dividing lines between hardware and software, software and service, and local and remote data… tend to blur.

Mozilla, the folks who develop and maintain the web browser Firefox, recently published a useful guide that disentangles some important, common terminology: “What is the difference between the internet, browsers, search engines and websites?

Anyone who’s ever wondered how a web browser is different from “the Internet” should read the article. There’s a good chance it will clarify things for you.

Deceptive design patterns

There’s an informative post over on the Mozilla Explains blog, about deceptive design patterns. From the article:

Deceptive design patterns are tricks used by websites and apps to get you to do things you might not otherwise do, like buy things, sign up for services or switch your settings.

The post goes on to list some common examples. I’m sure you’ll recognize at least some of these.

Unfortunately, this kind of deception is not limited to the online world, and most of us don’t even raise an eyebrow when we encounter shady sales practices in the ‘real’ world. But the online world is already much more confusing for many people, so recognizing deception can be difficult.

It’s an interesting read, and it may help you to understand some of what you see online, and on your connected devices.

Deciding whether to install a web ad blocker

I just discovered an interesting and useful web site: Should I Block Ads?

Created by Michael Howell, it’s collection of information that can be helpful in deciding whether to install an ad blocker in your web browser. It also provides ad-blocker recommendations for various platforms and browsers.

Michael’s analysis addresses all of the concerns I’ve had with web-based advertising, and confirms my choice to install and use uBlock Origin in Firefox, my primary web browser.

If you’re considering installing an ad blocker in your web browser, keep in mind that there can be a bit of a learning curve, and that blocking ads can cause some web sites to stop working. Blocking web ads usually ends up being an ongoing process; don’t expect it to be a magic bullet.

There are of course arguments against ad-blocking. Just keep in mind that a site owner always has the option of placing hand-crafted advertisements on their site; as long as they don’t use Javascript and are not associated with known advertising networks, they will not be blocked.