Comment by ndiddy

Comment by ndiddy 2 days ago

9 replies

View on Hacker News

If you look at the article, the network they disrupted pays software vendors per-download to sneakily turn their users into residential proxy endpoints. I'm sure that at least some of the time the user is technically agreeing to some wording buried in the ToS saying they consent to this, but it's certainly unethical. I wouldn't want to proxy traffic from random people through my home network, that's how you get legal threats from media companies or the police called to your house.

londons_explore 2 days ago

> that's how you get legal threats from media companies or the police called to your house.

Or residential proxies get so widespread that almost every house has a proxy in, and it becomes the new way the internet works - "for privacy, your data has been routed through someone else's connection at random".

Reply View 4 replies
  • [removed] 2 days ago
    [deleted]
    Reply View 0 replies
  • Imustaskforhelp 2 days ago

    > Or residential proxies get so widespread that almost every house has a proxy in, and it becomes the new way the internet works - "for privacy, your data has been routed through someone else's connection at random".

    Is this a re-invention of tor, maybe I2P?

    Reply View 2 replies
    • chii a day ago

      > Is this a re-invention of tor

      in a way, yes - the weakness of tor is realistically the lack of widespreadness. Tor traffic is identifiable and blockable due to the relatively rare number of exit nodes (which also makes it dangerous to run exit nodes, as you become "liable").

      Engraining the ideas of tor into regular users' internet usage is what would prevent the internet from being controlled and blockable by any actor (except perhaps draconian gov't over reach, which while can happen, is harder in the west).

      Reply View 0 replies
    • rolph 2 days ago

      IP8 address tumbler? to wit, playing the shell game, to obstruct direct attribution.

      Reply View 0 replies
dataviz1000 2 days ago

They provide an SDK for mobile developers. Here is a video of how it works. [0] They don't even hide it.

[0] https://www.youtube.com/watch?v=1a9HLrwvUO4&t=15s

Reply View 3 replies
  • ndiddy 2 days ago

    Of course they're pitching it like everything's above board, but from the article:

    > While many residential proxy providers state that they source their IP addresses ethically, our analysis shows these claims are often incorrect or overstated. Many of the malicious applications we analyzed in our investigation did not disclose that they enrolled devices into the IPIDEA proxy network. Researchers have previously found uncertified and off-brand Android Open Source Project devices, such as television set top boxes, with hidden residential proxy payloads.

    Reply View 2 replies
    • direwolf20 2 days ago

      If popup ads that open the play store are ethical, this is ethical.

      Reply View 0 replies
    • calgoo a day ago

      I love how its the "evil" Open Source project devices, and "other app stores" that are the problem, not the 100s of spyware ridden crap that is available for download from the Play store. Would be interesting to know how many copies of the SDK was found and removed from their own platform.

      Reply View 0 replies