←back to thread

Faking a JPEG

(www.ty-penguin.org.uk)
263 points todsacerdoti | 2 comments | 11 Jul 25 22:57 UTC | HN request time: 0.424s | source
Show context
derefr ◴[12 Jul 25 01:21 UTC] No.44538480[source]
> It seems quite likely that this is being done via a botnet - illegally abusing thousands of people's devices. Sigh.

Just because traffic is coming from thousands of devices on residential IPs, doesn't mean it's a botnet in the classical sense. It could just as well be people signing up for a "free VPN service" — or a tool that "generates passive income" for them — where the actual cost of running the software, is that you become an exit node for both other "free VPN service" users' traffic, and the traffic of users of the VPN's sibling commercial brand. (E.g. scrapers like this one.)

This scheme is known as "proxyware" — see https://www.trendmicro.com/en_ca/research/23/b/hijacking-you...

replies(2): >>44538482 #>>44541799 #
cAtte_ ◴[12 Jul 25 01:22 UTC] No.44538482[source]
sounds like a botnet to me
replies(3): >>44538505 #>>44538559 #>>44539257 #
1. derefr ◴[12 Jul 25 01:37 UTC] No.44538559[source]
Eh. To me, a bot is something users don't know they're running, and would shut off if they knew it was there.

Proxyware is more like a crypto miner — the original kind, from back when crypto-mining was something a regular computer could feasibly do with pure CPU power. It's something users intentionally install and run and even maintain, because they see it as providing them some potential amount of value. Not a bot; just a P2P network client.

Compare/contrast: https://en.wikipedia.org/wiki/Winny / https://en.wikipedia.org/wiki/Share_(P2P) / https://en.wikipedia.org/wiki/Perfect_Dark_(P2P) — pieces of software which offer users a similar devil's bargain, but instead of "you get a VPN; we get to use your computer as a VPN", it's "you get to pirate things; we get to use your hard drive as a cache node in our distributed, encrypted-and-striped pirated media cache."

(And both of these are different still to something like BitTorrent, where the user only ever seeds what they themselves have previously leeched — which is much less questionable in terms of what sort of activity you're agreeing to play host to.)

replies(1): >>44538613 #
2. tgsovlerkhgsel ◴[12 Jul 25 01:47 UTC] No.44538613[source]
AFAIK much of the proxyware runs without the informed consent of the user. Sure, there may be some note on page 252 of the EULA of whatever adware the user downloaded, but most users wouldn't be aware of it.