Coopr8

“As a final note: One of the websites in the network, known as “JVTVlive” and likely run by Neamati, openly claims to have “2,000 servers in 198 countries” (jvtvlive[.]com/faq/). Based on the data we’re tracking, these bold claims appear to be accurate.”

LOL, this is an advertisement, and not for security services either.

Yes, I know, thats why I lol’ed

Lol, yep, then do a malicious redirection attack after getting a large user base which forces a drive-by-download of a malware package alongside the requested FLAC file.

I mean, a website where you make requests to download many files are pretty ripe for a bate and switch scenario. That said, I’m looking for more cybersecuroty savvy folks than myself to chime in with the all-clear after doing some actual checks and analysis.

My bigger question is how secure is it? Looks like low trust score new Russian website, what’s the chance of malware or other attacks?

No one talking about how this could completely annihilate open source .apk development? First off the lead dev has to get identity verified to get a key, which will reduce the number of devs willing to push through friction to start a project. Then when the key is issued and it is posted to the repository, what keeps anyone from grabbing it and using it for another repo? We’ll they have an official app registration of some kind, ok, what about version control? Does every new version have to be registered before it can be loaded and tested? Same for forks?

This is about to be a terrible mess, Google is assassinating FOSS with this.

Here’s a thing about LLMs, they will effectively make laws like this meaningless. Law comes in to enforce against a company building a program to block ads, extension goes off market. Someone asks their LLM “create an extension function referencing the same data set for my browser that performs the same function” boom new extension with no central point of distribution. Share the prompt on a forum, now everyone has a custom ad blocker. Or not so far down the road, LLM is directly built into the browser, no extension needed just prompt “do not display known advertisements on pages I request before loading, but perform background activity which gives feedback to the site that ads have loaded” boom done.

In a way, local LLMs are like distributed applications, they make enforcement against specific program functions pretty much impossible.

deleted by creator

So the ISP redirects the request from the primary host to the CloudFlare cache under some conditions? but wouldn’t that be ineffective at blocking the sites of the browser still attempts to pull from the primary host first? I’m assuming this must be mediated by the ISP somehow otherwise it would just be a browser setting to only pull from the primary host of the domain.

I don’t understand how CloudFlare is intermediating the traffick in this case. How can CloudFlare block the sites if they aren’t hosted on CloudFlare or using CloudFlare services? Are they acting as an ISP in the UK?