From an average of significantly below 500k to almost 2.5M users.
This drives up the global number of connecting users from approx. 3M to almost 5M.
Hard to imagine that so many people in Germany suddenly switched to TOR, especially since there has not been any significant event lately that may have triggered such a decision (afaik)?
My personal experience with TOR (as an administrator of various websites and services) is that it is a major source of unwanted/malicious traffic (spam, etc.) and most of it is automated. The big increase is probably not users but bots?
The interesting question is if there is a bot net spreading in Germany since the 17th of June. What would be the likelihood of that going undetected. If you like conspiracy theory, the rise in one country could point to state actors.
Off the top of my head - Germany hosts a disproportionate amount of sensitive data because it's the location of choice for cloud providers storing things for EU member countries. They have lots of fiber, lots of ISPs, plenty of datacenter space, a stable government, and data security laws that meet or exceed everyone else in the EU.
Germany hosts a disproportionate amount of sensitive data because it's the location of choice for cloud providers storing things for EU member countries.
Hat tip to this. My German teammate and I have discussed exactly this point. The Microsoft Azure cloud has a German specific cloud that targets exactly this market. Some marketing genius made billions for Microsoft with that idea.
One weird thing to me: You are right about "lots of fiber" -- specifically Frankfurt Internet Exchange is (was?) the busiest in the world for a long time. Why does non-urban, non-commercial (retail) Internet access suck so hard in Germany? It is the topic of endless (but understandable) crying by German residents on HN!
> Why does non-urban, non-commercial (retail) Internet access suck so hard in Germany?
To cut a very long story short, what should have happened a long time ago in Germany is to treat internet access at a reasonable speed (however that is determined) like access to electricity or the plain old telephone system: It's the law you get connected like everyone else at the price everyone else pays, even when you are in a very rural setting. Leaving that decision to commercial interests, has lead to very slow or unavailable rural internet infrastructure because either the price would be ridiculously high to become connected or the companies would lose money.
It's political failure, plain and simple.
Looking back in time, the original sin was committed in Germany in the early 80s when the SPD run government understood that fiber optic networks were the future for the telephone system and television distribution. They had a 30 year plan to convert West-Germany's telecom infrastructure to fiber. That was way before the internet, but would that plan have been enacted, Germany would have sat on a high speed fiber infrastructure in the 90s when the Internet exploded onto the scene.
Unfortunately the conservative CDU government under Kohl immediately scrapped that plan when they came into power and went for cable as the distribution medium for TV and the telephone system continued to operate on copper at least on the last mile. So here we are in the 2020s with crappy cable modems and crappy DSL connections. (Where available.)
Did modern Germany (after reunited) ever discuss the idea of a national broadband network, like Australia and New Zealand? I cannot belive more highly industrialised countries have not followed this route. The long term economic impacts will be HUGE.
> Why does non-urban, non-commercial (retail) Internet access suck so hard in Germany?
Lack of competition and laws tailored to the privatized Deutsche Telekom: If I dig up the street to put fiber optics, they may join in for free. So may I, if they dig up streets - they just don't.
My guess is that a certain router is getting infected with a botnet because ISPs usually hand out the same router to their customers. And ISPs are usually limited to a single country.
That would be an explanation and probably by okhams razor be more likely. But wouldn't that ISP notice the difference in traffic patterns drastically and react? It is just unlikely (but far from impossible) that this is something 'normal' happening.
My fear would be that someone still is trying to gather a critical mass of nodes to contact controll servers via TOR to cause mass havoc in a single country from within a single country. Generally IMHO Germany would be a good target for destabilisation currently. But I think and hope this could just a bit of overinterpreting. Probably one would need a good statistic on the subnets the users come from.
I can't speak to German ISPs or anyone outside of these USA. But I believe that ISPs are absolutely the weakest link when it comes to malicious botnets and other types of widespread network-based compromises.
ISPs certainly have the tooling and the positioning to be able to detect C&C channels, outgoing DDOS attacks, and compromised customer premises equipment. But do they? And if they do detect any of it, do they take action? When is the last time you heard about an ISP disconnecting a paying customer because of the customer's compromised device(s)? When is the last time you even heard of an ISP notifying a customer about such a thing?
Two months ago, my router was compromised and joined to some sort of botnet in the capacity of a DNS resolver. I would never have been able to detect such WAN-side traffic if I hadn't had a special setup on my part. My ISP was the first to hear when I'd detected it, and I sincerely doubt that they receive many such reports, especially with logs as evidence.
Can you imagine receiving a phone call, "Hello, this is your ISP! You're pwned! Please follow through these remediation steps as I prompt you: ..." You'd undoubtedly think it was a phishing scam. Because ISPs just don't seem to care about abuse.
They will send you copyright strikes and prosecute you for BitTorrent, but it does't seem like they'd lift a finger to prevent the next big DDOS or spam factory originating from their own customers.
My parents home lan got caught up in a bot net and their isp was sending emails about it to their isp provided email address.
But it's possible they were just passing on abuse reports from the numerous targeted victims of this botnet who bothered to complain.
The intrusion point was a Linux system with a 3 letter password and ssh exposed on a nonstandard port. So if you're someone who still thinks the bad guys won't find your computer because you changed the port, know that that is very outdated thinking.
I don't even know how to log in to my ISP provided email., so it goes without saying that I'm not reading it. I'm surpised that ISPs still offer email.
In Germany, I doubt they have the tooling or staff anymore. For almost a decade we've been in a race to the bottom regarding pricing and as a result, service quality. I wouldn't be surprised if critical parts of the infrastructure are maintained by outsourced jobs from half around the world.
The only somewhat professional player is the Deutsche Telekom, which was kinda the Bell of Germany and got privatized in the 90s, when the phone network was also opened to other players. They are more expensive though. Other than that, you might be lucky and have some small regional ISP that's competent enough. Otherwise there are just two other companies left that offer service nationwide, after a lot of mergers.
My ISP actually sent me an email that said that one of my devices have an open TCP 445 port and advised me to fix it. Apparently Windows opens it by default and it can be exploited by some malware.
But I've never received a threatening letter about piracy. ISPs in my country simply don't send those.
My ISP will send letters or emails, but only if they get a complaint from the company in question. Usually what ends up happening is a company watches a torrent, and takes down a list of all the ip addresses downloading it. They then send boilerplate complaints to the isps associated with said ip addresses, who are legally required to do something about it. My little brother got in trouble this way lmao, they sent a letter to our house about it.
Many ISPs have clauses in their TOS that prohibit running any server of any kind. So it may be the case that your ISP regularly runs sweeps to detect customers who are running servers, and this warning may be a side effect of that sweep.
I often used to poke holes in my firewall and run VPN or ssh servers that were discoverable using my dynamic DNS service. My ISP never got involved with that. Of course, that was a case of me running a server for my exclusive use, rather than some sort of public web or login server that would have randos sending traffic across my link.
> That would be an explanation and probably by okhams razor be more likely. But wouldn't that ISP notice the difference in traffic patterns drastically and react?
I hope to be wrong but I am afraid you are overestimating the technical competency of the average ISP.
> My guess is that a certain router is getting infected with a botnet because ISPs usually hand out the same router to their customers.
This seems trivial to figure out with an analysis of the connecting IPs - which is absent on TOR's report page.
I'm also a bit confused why no one here on HN has asked about the connecting IP data (at this writing). Are these commercial IPs, dynamic (biz/residential) IPs or a mix? If they're mostly dynamic IPs, are they from more than one ISP?
TOR has country of origin data so it seems reasonable they'd also have network of origin.
All that said, I don't precisely know how TOR determines country of origin. Entry node data would seem to be the likely source. However I've long assumed that entry nodes are public supplied, like Relay and Exit nodes. Within that assumption it isn't clear to me how that data would flow to TOR - while maintaining anonymization of traffic.
I work in a German institution. I was recently hacked by such a botnet recently (lessons learned: use AuthorizedKeys, allow only one SSH user, proxy all http connections to a webhoster, and check your SSH and UFW logs often!)
It setup a virtual environment where it downloaded some kind of Tor node and ran some sort of code that used 100% of my CPU. My guess is crypto-mining. I purged the account, deleted everything before I could do forensics, but I checked the logs for the connections and they all came from Russia.
I remember there was a series of articles several years ago that German intelligence officers generated a lot activity in far-right websites. To the point that frequently it was mostly undercover „extremists“ discussing between themselves.
The closest article I can quickly find is about Germany intelligence informants doing the same in meatspace though.
> There was a "risk that sources of the intelligence service (Office for the Protection of the Constitution) could goad each other on to undertake bigger actions;" in other words, the system threatened to create an "incendiary effect."
> The interesting question is if there is a bot net spreading in Germany since the 17th of June.
A minor addendum: Looking at the csv file, it looks to me like traffic began drifting above the mean about June 6. From there I see a ramp-up, growing at an increasing rate.
I faced a recent distributed attack averaging 20,000 RPS[1] around the same time which makes me think that there might be a bot. I wonder if there’s a network of website operators similar to NANOG or the RIPE NCC mailing lists where I could compare my own experience with those of other operators.
I already have per-IP ratelimiting, and I'm against using captchas have bad UX (including the much-hailed Turnstile).
I'll probably migrate to some proof-of-work based schemes and some algorithms to detect anomalous requests, but it would require some engineering work on my part (for a free website FWIW), and the quickest way to mitigate it would be to block Tor.
IP blocking blocks most of the people on our local ISP. They are small, and use CGNAT, so one owned windows machine across town breaks sites like yours for everyone, and the root cause is extremely difficult to debug for end users.
As much as I deeply, deeply dislike captchas, ip blocking is far worse.
IP blocks also just don't work on IPv6. Unless you're prepared to block entire by ASN, an adversary can cheaply just buy up a lot of address space and churn through them. It gets even messier when dealing with real ISP networks because some hand out /40s for residential customers whereas others give just a /56.
>I'll probably migrate to some proof-of-work based schemes and some algorithms to detect anomalous requests, but it would require some engineering work on my part
Note that the growth is not just in Germany. Ireland, Sweden, Switzerland also show jumps (however in absolute terms they are still much smaller). I would not rule out it's people or bots connecting from third country/countries through VPNs based in Europe... for whatever reason.
VPSs in germany are much cheaper.
But I'm guessing this increase is paid with crypto or debit cards so pin pointing it to a specific provider like hetzner is hard
It would be much helpful if you could provide one or two reasons why the number could be wrong.... or maybe make some comments on the methodology, etc..
Just question about the accuracy without any context or reasons are not contributing to the argument.
No, the problem also applies to Tor. If a malicious actor controls large parts of the network, there is a high probability that the attacker controls your entire circuit or at least your entry and exit node.
In the latter case, you can do timing attacks to determine which traffic on the exit node belongs to whom on the entry node.
I would be shocked if any intelligence service in the world wouldn't have their hands in that, even in the most respected democracies. Infiltrating "underground" networks and communities, and breaking encryption, is literally their job.
Especially now that there's a war on our borders, the spooks have a plethora of reasons to use to justify their invasiveness.
We just need to make sure to keep them accountable, which is the tricky part, as their work is always classified and our human and privacy rights often clash with their jobs, so unless any whistleblower comes through we might never know the extent of their rule breaking.
I doubt it's either of those - it would be extremely unethical and illegal for academics to do, and governments don't need to take this approach because they have a bunch of systemic attacks that are less obvious. Perhaps someone with a botnet looking to sell unmasking, which has been popping up as a service recently. Or trying to use it against a specific DWM or vendor.
Mentioned it because there's been many papers which specifically used the live network to do such a thing already. Some researchers have spun up large numbers of relays in the past to conduct their work.
I personally don't see how it's unethical for either academics or governments to do this? Both have an interest in breaking tor, even when in the governments case where they both utilise it and want to know who else is using it.
The tor people themselves acknowledge the work in their blogs
That's an interesting argument. Not sure it would hold up. I don't think an IP alone counts as PII, since the ISP would have to be queried to actually get any contact info.
Silk Road was a hidden service so exit nodes were not involved (they would use rendezvous points). If my recollection from American Kingpin is correct, Silk Road was caught because it leaked its IP address in error messages, and Ulbricht posted questions about bitcoin on Stack Overflow using the same name as the bitcointalk post announcing Silk Road. Its clearnet IP was visible for almost the entire lifespan of the site, I believe.
Most of the comments suggest strange conspiracy theories, but the traffic is an exponential ramp (drive into 2023). Also, there has been rapid growth in some neighboring countries.
It could be organic growth. There have apparently been a few wiretapping scandals this year; people may be using it to access Ukraine/Russia, and a bunch of laws passed last year that incentivize US companies to block EU traffic (to avoid fines for data leaks).
Any of those seem more plausible than a single actor renting a rack or dc in one country, and using tor to try to evade detection.
Clicking around and looking at the chart for random other countries shows a spike for Sweden too, whereas Finland has a different but interesting pattern all of its own.
I can think of a country currently at war that has a much more aggressive and longer history of being a bad actor on the internet than NATO countries...
Don't know how Finland's government deal with Ukraine/Russian agenda, but here in Czechia, government acts like totalitarian authority. Blames Putin for every economical problems (there is official guide how to propagate problems with food shortage [1]), they block on DNS level (cz.nic) some websites that, according to government, spread Russian propaganda [2] and also announced that supporting Russian invasion is crime by law and Russia is terrorist state.
No wonder, that Tor users in Czechia rised over 60% since 2020, when government use totalitarian practices like state that they trying to fight against.
Also overall trust in government is historical low here. 74% citizens disapprove what government does here. [3] Which does not mean that we approve invasion on Ukraine at all. We host far more Ukrainian refugees as we should - over 500 000 which is 5% of Czechia population [4].
I'm guessing that there is some automatic system that works on certain words in comments. Flame detection has been mentioned before. Probably in combination with account age or karma. I also imagine that users vouching for these might offset the behaviour.
I have noticed a trend that some of my friends accounts get rate limited extremely easily while others don't. Not sure what's happening there, I assume there's a flag set by a mod or its otherwise calculated by karma total number of times the account has been flagged. it doesn't seem to correlate with recent controversial posting
If the number of comments in a post or subthread exceeds the upvotes, this leads to the flame detector activating.
But also some accounts are just banned.
Banned accounts can still comment, but they start dead and have to be vouched first before showing to anybody who didn't enable showdead in their profile.
Doubt it. Hetzners smallest machine is something like $4/month, additional IPv4 addresses come with extra cost. They have quite tight service quotas, and this 2M additional IPs would be almost their entire IPv4 pool.
I don’t know about the details, but I know Hetzner has quite a backstory with their servers being abused by spammers. I don’t know how the state is today, but maybe it’s not as unlikely as it seems?
If they even think you are spamming, you get banned. Pretty much closed to individuals (according to Reddit, if they don’t even like the way your ID looks, you’re banned) while businesses get more leeway to do things.
I have an account with them for my website/email. No problems. Even asked them to open up the IP for SMTP requests and they asked how many emails I wanted to send per month, and I told them it was my personal email and less than 100/month. They happily granted me access.
I didn’t realize they’re that strict. I have an individual account with them I occasionally use and didn’t encounter any issues with ID (I can’t even recall being ID’d tbh). That being said, I am located in Germany and have a German billing address, so maybe international customers have more issues?
No one I know has had issues like that. They also don’t spam, but Hetzner is generally considered in ny circles to be a pretty newbie-friendly service especially for people looking to use basic baremetal machines. Maybe we’ve just gotten lucky, or maybe we all hail from the right geographies.
Some VPNs have a “then connect to tor” option for extra anonymity against malicious tor entrypoints and against your local ISP seeing that you are browsing tor [hosted sites].
„These estimates are derived from the number of directory requests counted on directory authorities and mirrors.“
Depending on how these numbers are obtained, there is a non-zero chance at least part of this increase is caused by us.. note that this number is not indicative of the amount of users or origins (i.e. physical source addresses), but only count directory requests.
I'm not sure who titled this post, but the word "drastic" isn't found in the target web page. And as a native English speaker, "drastic" feels wrong for this usage. I would say it's an inadvertent swap of meaning with the term "dramatic" which would make more sense.
"Drastic" has a negative connotation of intent behind it. For example, "drastic increase in police enforcement of laws in Germany" would make sense. In the case of the headline, it just rubs me the wrong way.
Probably submitted by a Genglish speaker? The German word is drastisch. Dramatisch also exists, but as a native speaker I would say drastisch is the better choice here. Dramatisch would suggest that there a serious consequences like e.g. bringing Tor to its knees.
What English word would fit best I leave native speakers to comment.
Tor metrics don't really tell you much about the actual human users of the networks. They mostly tell you about current bot/etc usage. It's why inferred tor v3 datarates have been wildly inflated (10gbps) ever since support was turned on in the release binaries despite 99% of human people using tor v2 (at the time).
You've been posting about Onion v3 and "human people" for years at this point, nothing is going to happen. v2 onion addresses are not secure, plain HTTP is not secure unless you run it over Wireguard or IPSec with path filtering and use DNSSEC, and almost no one ever does that.
Might also depend on how it’s enforced. The blocks in Austria basically do not exist because they are only done by carrier DNS servers. Use 1.1.1.1 or 8.8.8.8 and you would not know.
I don’t think that is relevant here. If in one country you need a VPN to bypass blocking but others you only need a different DNS server I would expect most users to go for the latter if given a choice.
It's more defensible! Propaganda is far, far, less effective as a blind radio broadcast or air pamphlets than micro-targeted interactive sessions intricately engineered to maximize neurological reinforcement loops. Absolutely insidious.
> No, it's far less defensible, because people have the internet to look up and verify things as needed.
Actual it is far more defensible, as I already clarified earlier. Propaganda remains effective regardless if there is the ability to verify it or not - and that is assuming everything can and will be checked by every person, which isn't realistic.
> This kind of censorship is just nannying, which I'm generally against.
It's not nannying at all. It's basic national self defense. Pen is mightier than the sword and all that. Brainworms are an insidious contagion.
You're confusing opinion with facts. If I say the sky is blue and you say it is yellow, one of us is sharing an opinion, and it isn't me.
Moderation and removal is the correct action, so are you flatly incorrect. I'm not going to argue with the stubborn child that wants to put their fingers in the outlet. This isn't up for discussion.
> You're confusing opinion with facts. If I say the sky is blue and you say it is yellow, one of us is sharing an opinion, and it isn't me.
The irony and lack of self-awareness in this statement is honestly astounding.
You hoenstly think your opinion is objetive fact, lol.
> Moderation and removal is the correct action, so are you flatly incorrect.
Because you say so? lol.
> I'm not going to argue with the stubborn child that wants to put their fingers in the outlet. This isn't up for discussion.
There is no discussion to be had with someone that asserts their opinion as fact but can't corroborate it as such. Such a person is indeed a stubborn child, and them calling others a stubborn child can be dismissed like any other nonsense a child may say in an emotional state.
Because that is also a thing, even though not as blatant.
The problem with banning information, is that it is easy to abuse this and it creates a martyr effect. I rather would like people be able to judge information by themself and not decide for them.
NATO member Turkey is regulary doing raids in Syria and they also annected territory there. And they did not really take it from evil Assad, but from the kurds.
And when 47% of americans believed, that Hussein was responsible for 9/11, than this is also the result of propaganda to create support for a illegal war.
But I also see russian propaganda, so I can compare and confirm it is not at all on the same level.
But if I would not been able anymore to see the russian point of view, then I would start to suspect they have a point I am not allowed to see, to keep me under control. But now I can see it and so I can see that their point is just russian nationalism/empire thinking with zero interest of truth, just power. Full of literal lies. So yes, you also can find lies and manipulation in western reporting. But I have a hard time understanding why anyone can think it is the same.
Looking into it you appear to be right, thanks; that single study is almost exclusively the single source of all similar articles, too. Admittedly I don't use twitter, so I don't have first hand experience in this.
It's still pretty obvious that there is a propaganda effort from NATO as well, and one that seems to work a lot more than Russia's on western audiences.
> There are literally viral tweets blaming Ukraine for creating COVID-19.
"There are literally viral tweets blaming Ukraine for creating COVID-19.
lmao that's so insane it almost sounds like a bit "
Ah well, people exposed to propaganda can believe all kinds of weird stuff. For example many (43%!) US people believed, that Hussein was responsible for 9/11:
"Do you think Saddam Hussein's regime in Iraq was directly involved in planning, financing, or carrying out the terrorist attacks of September 11th, 2001?"
September 2003 responses: 47% Yes"
> lmao that's so insane it almost sounds like a bit
It sounds like a bit but the Russians have some wild state based propaganda stuff like that Ukraine was using mutant super soldiers, that Ukraine had black magic witch battalions and that Ukraine was breading pigeons that where modified to spread viruses to kill Russians.
Not really. I preferred the approach of pre-Musk twitter that clearly labeled it as Russian state media. Also banning it had little effect. The war propaganda coming out of Russia was hilariously incompetent.
The real insidious anti-Ukrainian propaganda is coming from pro-Russian Westerners, pre-dominantly the American populist right.
Maybe related to the Proto-Nazi party AfD winning a district a few days ago. And this 5 day old news story: https://www.politico.eu/article/germany-far-right-afd-securi... "Germany’s far-right AfD placed under security service surveillance" - "The party is now treated as a ‘suspected case’ for far-right extremism".
I wonder if anyone can see inside the right-wing chat networks and if they've been mentioning Tor.
Although in the raw CSV's the spike started around mid-June...
As a Danish person who has been to Eastern Germany (outside Berlin) I'm really not surprised by the rise of the AfD. It's common to see people on social media praise Germans for de-Nazification and criticize the Japanese for not confronting their past in the same way. Those people have clearly not interacted with Eastern Germans. In Eastern Germany the underlying neuroticism, persecution complex, and willingness to believe in every conspiracy theory, things that were foundational for the rise of Nazism, is very much still alive.
The german lands east of the river Elbe have been different from the western parts of Germany for more than a 1000 years. In the historical record you see a pretty sharp change in marriage patterns,land ownership and political structure when crossing the Elbe.
The enlightenment was less influential in the rural estates of the ultra conservative east elbian Junkernklasse than it was in the more densely populated Rhineland regions. Fukuyama has a nice chapter on the matter in “The Origins of Political Order”.
On top of that you have the separation, and the dislike of the GDR to foster critical thinking and the economic collapse of the east after reunification that lead to a lot of brain drain.
Disenfranchisement, after reunification they were left with little generational wealth, liberalism spiraled them deeper into a hopeless situation, no jobs, no economic future, impoverishment. Under liberalism the only alternative offered to them is the far right.
During the cold war and after, the US and anglosphere was mostly interested in the destruction of left ideology, labor unions, left parties etc. were all targeted. The right offers a safe outlet for people with those grievances, it doesn't threaten capital, so it was always allowed to linger in Germany not just in the east. It's deeply rooted in establishment and civil organizations, in university fraternities (schlagende verbindungen, the CSU etc.). The allied supported and used and bolstered far right groups all around Europe (Gladio, NSU, etc.) in their fight against socialism and people on the left. We still feel the effects to this day and state and federal police and intelligence still operate this way.
Protests in Germany you see police protecting far right groups from leftists, not the other way around. It's a necessary aspect of liberalism to allow the disenfranchised the outlet into right wing extremism.
The unification wasn't exactly free. The immense costs for the most part were shouldered by western citizens through the Solidaritätszuschlag. The total price tag is estimated to be between 0.95 and 2 trillion Euro (https://de.wikipedia.org/wiki/Kosten_der_deutschen_Einheit#R...).
I read this comment earlier today, and my thoughts have returned to it through the day. It is an extremely bigoted comment, that prompted further bigoted comments below it. I'm not asking for it to be removed or censored but I have come back to express just how revoltingly bigoted it is, and I think the commenter should reflect on how they got to the mindset that produces statements like this one.
> In Eastern Germany the underlying neuroticism, persecution complex, and willingness to believe in every conspiracy theory, things that were foundational for the rise of Nazism, is very much still alive.
The grandparent (quoted above) is generalising a population as having these negative aspects and suggesting that support for the AfD is only due to these reasons. It is a form of shallow dismissal based on bigotry. It doesn't seek to understand the population and properly why support for the AfD is rising. It's much easier (for the bigot) to write off people as having entrenched negative characteristics.
And I wouldn't normally say this but if you have a browse through the grandparent's comment history, the majority of their comments are of this ilk, including one comment about 2 months back that they received a warning from dang for.
The right wing movements in Europe started around 2000 in Italy, Austria, the Netherlands and France. Germany was way behind.
In Germany the AfD won voters after Merkel let in too many refugees in 2015 against the will of many CDU voters.
The AfD is probably less extreme than MAGA and most European counterparts, including Scandinavian ones. But it is always easy to pile on Germany, isn't it?
(I don't vote for them, don't like them, but this is getting silly.)
Please you are whitewashing history. Hoyerswerda gruesst. This shit was happening already in the 90s right after reunification and in the context of OP - it’s not surprising at all, eastern germany had a very different take on denazificaiton.
"eastern germany had a very different take on denazificaiton."
As opposed to the BRD, where for example the "Auswärtiges Amt" had more ex NSDAP party members after 1945 than before?
There definitely was denazification in the east, but the totalitarian enclosed and literally walled of mindset did not help with creating an open mind towards the world. Add to that high unemployment and poverty after 1990 and you get the usual extremists on both sides of the spectrum.
And it bound the "Nazi vote" from 1990 until 2015? And they still don't vote NPD in 2023?
They vote AfD because the traditional parties have failed them and keep doubling down. The AfD would probably also fail them if in power, but that is the nature of protest votes.
Same story in France where Le Pen is currently leading the polls.
That is not sufficient in total numbers. That would be in the press that a whole part of the population goes Tor. They would never be quiet enough about it.
Looks anorganic and if it is organic I bet for Netflix and co related.
I use tor for exploring topics that I don't want to tie to my regular profile (ranging from professional software development, through health care issues, but also hobbies, fiction and nsfw content). Having these browsing in a separate profile and also IP address makes it much more relaxed to look for interesting stuff on the internet. (I am not really fond of advertisement that tries to sell me whatever I've visited in the past month, on unrelated pages.)
It saddens me that the default response is ban, increasingly so for services that need account, but even just reading a webpage can become tedious or impossible :(
Please, do not ruin this option, because even though you may not use it today, you may need it in the future.
Note: I also use tor for low volume crawling. When high volume is needed, it is more favorable to subscribe for domestic VPN proxies, so you may be blocking tor, but you won't block those ranges, and the robots will get their content anyway.
Whenever I read something like this I look my access and sshd logs for abuse IPs and check if they are Tor exit nodes. The Tor traffic is always negligible like 100 failed ssh logins out of 170k are from Tor exit nodes. Or 670 out of 400k for my nginx access.log. Am I unique and everyone else sees vastly different numbers where blocking Tor exits makes a significant difference in the abuse they get?
I don't really care if somebody blocks a random port of sshd. I just don't understand why people are eager to block public https traffic, which is exposed to the public internet anyway.
Well, I’ve always tried to make my service available through Tor, but now that I faced an attack of 20,000 RPS distributed over all the exit nodes of the Tor network making requests to a computationally expensive (and non-cacheable) endpoint, and came out with 6x the hosting bill I usually get, I decided to block the entire network.
Maybe there’s an alternative reality where people do the right thing, and in that world I wouldn’t have to block Tor, but I don’t live in that world.
Shouldn't you protect that endpoint, regardless of the traffic coming from tor or not? It is really cheap to get traffic through domestic VPN proxies, so a dedicated attacker will get to it anyway...
I don't believe that I'm the one that ruined this option for you. Small web hosts simply don't have the capacity, budget, or patience to deal with the 95% garbage originating from these IP addresses. Tragedy of the commons, I guess.
I constantly use tor as a way to get a third view when debugging connection issues for customers and malware infected websites. If you ever experience the issue of a customer saying they can't connect, but when you test it it works perfectly fine, tor is great to verify if the issue might effect more customers. As a side effect of it being ipv4 only, you can also test issues when one protocol work but not the other (there are alternative tools but tor is by far easiest at hand).
The traffic my servers receive from China, India, South America, Africa, and Eastern Europe, and the UK is also almost exclusively boys and exploit scanners.
You can block whatever IP addresses you like but the bot to user ratio of any given IP address is absolutely terrible. Tor concentrates a lot of traffic into a few exit nodes but by this logic most small countries should be blocked from most websites.
Sadly for the concept of the Open Internet, plenty of sites either have or would consider blocking most countries besides their own and closely-linked neighbors e.g. US/CA, since they figure nobody in those other countries could be, say, legitimately placing a takeout order in Chicago, or entering an American contest, etc. So it’s all downside (malicious bots, DDOS etc) with no perceived benefit of allowing them. It’s sad, but it’s probably going to become even more common.
Have used Tor for accessing the Z-library and several other cases where sites where blocked or taken down. Not all of Tor is dark web shadiness or bots.
No the IP blocks are very effective. I don't believe that I have any obligation whatsoever to allow criminal groups on the other side of the world to spam burp suite scans over Tor against my websites nonstop.
It's amusing to me that you're getting crushed on here for blocking/ "defederating" known IPs that you don't want traffic from, but I would bet that these same people would champion your right to do the same if you were blocking a spammy mastadon or lemmy instance that you didn't like!
Honestly, the most notable political prosecution I could think of right now is police in Bavaria prosecuting climate activists under anti terror laws in anticipation of a possible crime.
As someone from the UK I’ve never seen anything blocked on my home Internet (except actual scam sites but you can turn that off, and yes that’s from my ISP and not the browser)
My mobile data does incorrectly flag some things as 18+ though
Only on my mobile data. They’re not actually 18+ sites though, for example someone’s blog that was posted here is blocked and it seems the Tor site is too
But I think that’s a Vodaphone thing rather than a UK thing
No - the law that may end up requiring that is a proposal that is at least several months from being enacted [0], although it's been gaining momentum for several years - so unfortunately is looking like it might actually happen
Looking at the chart it seems to line up with the war in Ukraine. Germany was a target of Prigozhin’s Internet Research Agency (troll farms). I wonder if we will see a drop in Tor usage now that his coup has failed and his organization is being dissolved.
Hard to imagine that so many people in Germany suddenly switched to TOR, especially since there has not been any significant event lately that may have triggered such a decision (afaik)?
My personal experience with TOR (as an administrator of various websites and services) is that it is a major source of unwanted/malicious traffic (spam, etc.) and most of it is automated. The big increase is probably not users but bots?