|
|
|
|
|
|
by cyphar
3284 days ago
|
|
|
As an aside, BlueCoat is not a very reputable company. They are responsible for the government-sponsored censorship of Burma's and Syria's internet[1]. Which means that Symantec is currently the (American) company responsible for the censorship blacklist of Syria and Burma. [1]: http://surveillance.rsf.org/en/blue-coat-2/ |
|
|
Regarding the advice, personally I think the advice is bogus. A lot of Mastodon instances have started legitimately using unconventional newTLDs. And I seem to see more URI shorteners, .com and .ru in spam than all the newTLDs put together (zero, from a hacked site, costs less than free). Country K-lining, while attractive to the lazy network operator, only works as an extreme temporary measure in a crisis - spammers adapt, but blocklists tend to only grow. And perhaps Symantec, given their business dealings with Verisign, might not be a 100% neutral party in making recommendations seemingly targeted primarily at severely disrupting the present and future business of cheaply-available TLDs?
Regarding Blue Coat, research shows Blue Coat devices are also used in the censorship/mass surveillance programmes of: Russia, UAE, Bahrain, Iran, and even China. Please also remember Blue Coat devices intercept, log and parse near-everything that goes through them. That puts them at a significantly elevated security risk above a network which didn't have them at all. I know I would find it unethical to report any vulnerabilities to that vendor, and I know I am not the only one who thinks so. And middleboxes like that are incredibly frustrating to the interoperability of the internet and present probably the single biggest hurdle to progress in internet protocols - ask someone in the IETF TLS Working Group currently working on TLS 1.3 just exactly what they think of them!