alt Hacker News> They argue that SIM card regulation could help “disincentivise” online manipulation, and say their tool can be used to test policy interventions the world over.
In Germany, you have to give ISP customer providers (help centers) a copy of your passport ID in a live video stream to authenticate. That was introduced since 2013, for all SIM registrations.
So explain to me, again, how did this help reduce botnet traffic from Russia that uses proxy services of third parties that installed their proxy backdoors in free apps on the PlayStore under the disguise of marketing and advertisement?
I don't understand why Google does not get any critique for allowing so much malware to be officially deployed via their PlayStore? They don't give a damn, have a history of not caring, and are the only point in the supply chain that is the problem. Every service provider that offers residential proxies is using those backdoors, and bought access for it from the advertisement companies.
If you report their Malware or Spamware, they ignore it. Try it, you will be disappointed. Because AdMob and other agencies are their customers. It's the same problem with Microsoft hosting Azure tenants that do spamming, sorry, "marketing campaigns".
Source: I track these companies and their rotating ASNs with zero tolerance for spam. [1]
Replies
How does blocking ASNs solve the problem you described, with proxy backdoors in apps? These will use residential/mobile IPs, right? That’s the point.
btw, may as well name and shame: the biggest culprit is Bright Data, formerly known as Luminati, also known as HolaVPN (the Chrome extension where they got their start, promising a VPN, routing traffic through a few DigitalOcean boxes, while selling each of their millions of users as a residential proxy endpoint to industrial scrapers). Nowadays they do the same but without the SPOF: they license their “SDK” to app developers, who launder the liability on their behalf.
Thank you for that work. I hope it's asymmetric meaning one hour of your work wastes thousands of hours for bad actors.
I don't think anyone made the claim that requiring identification while providing German phone numbers would do anything about abuse from Russian botnets or abuse from non-German phone numbers.