this post was submitted on 18 May 2022
32 points (100.0% liked)

Technology

34795 readers
285 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.

Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.

Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago
MODERATORS
MinutePhrase@lemmy.ml
32
Blocking Google+Amazon+Cloudflare? [asking for a friend] (lemmy.ml)
submitted 2 years ago* (last edited 2 years ago) by JoeBidet@lemmy.ml to c/technology@lemmy.ml
8 comments fedilink hide all child comments
 

A friend of mine has a project that is accross an art project and a political statement, in the form of an experiment:

To exemplify the power of the surveillance capitalists on the very fabric of what we still call "the Internet", they want to configure a computer to block all connections going to all known services belonging to Google, Amazon and Cloudflare (and later potentially extend this to other companies).

(yes, my friend is very much aware that in practice most of the commercial web would become totally unusable. that's partly the point of the demonstration to exemplify this...)

For google, they rely on an old (long) list of domains known to belong to the multiple entities composing the behemoth... an /etc/hosts points all of them to 127.0.0.1. brutal but efficient, until new domains, subdomains etc.. appear.

How would you do it for amazon and its gigantic AWS platform? how would you do it for cloudflare? collect lists of their IPs (and update them over time)? edit firewall lists based on them that would sink all packets?

Anyone knows of any project going in that direction?

you are viewing a single comment's thread
view the rest of the comments
[–] metawish@lemmy.ml 8 points 2 years ago (4 children)

https://bigboy.us/other/aws/

That's a how to guide for blocking Amazon and their web services! Will friend be sharing the project? Sounds cool!

[–] JoeBidet@lemmy.ml 2 points 2 years ago (3 children)

curl https://ip-ranges.amazonaws.com/ip-ranges.json | jq '.prefixes[].ip_prefix' | paste -sd "," - | sed 's/"//g'

seems indeed interesting... the rest of the page mentions some obscure/proprietary technology...

so a few questions remain:

how would one use these list of IP addresses using free/libre software?

also can we trust Amazon themselves to declare all their IPs?

How do you do the same for Google? Cloudflare?

[–] ailiphilia@lemmy.ml 1 points 2 years ago

I'm not an expert for these kind of things, but your friend my find the guys from Crimeflare interesting when dealing with Cloudflare, see https://github.com/zidansec/CloudPeler

The people behind https://dnsprivacy.org may also be useful.

load more comments (2 replies)
load more comments (2 replies)