7666 (npub1spu…rvh2) : the CA/B forum and browser manufacturers only serve the interests of (and is/are sponsored by) big tech; it's all about making big money.
End users have no influence whatsoever.
As a consequence, the internet is getting shittier every day. Too many people, like you (and those referred to in https://infosec.exchange/@ErikvanStraten/113725714810321495), believe the lies of big tech, or are part of them.
Just one example, based on unfinished research (by me):
One user of .bond domains wastes probably more than 10.000 Let's Encrypt certificates *PER DAY*. That means *MILLIONS PER YEAR*.
Why? Because those certs are "free" (they are for them), nobody asks questions, you obtain them instantaneously while remaining anonymous.
They register approx. 7000 *new* base domain names PER DAY, currently all pointing to an Amazon server at 13.248.197.209 (see https://www.virustotal.com/gui/ip-address/13.248.197.209/relations).
Often in the format *-#####.bond where # is a digit and * may be, for example, "electrician-jobs", "electrician-job" or "lung-cancer-treatment" - with a zillion of variations. Each gets its own cert (I've not seen any wildcards or subdomains).
Apart from that, they register the following subdomains (not in each case, but most):
www.*.bond
pr.*.bond
www.www.*.bond
www.pr.*bond
mx.www.*.bond
DNS for those points to either:
104.247.81.90 .. 104.247.81.94
104.247.82.90 .. 104.247.82.90
and a few to 185.53.179.94.
See, for example, https://www.virustotal.com/gui/ip-address/104.247.81.90/relations
Again each cert for exactly one domain name. That's why I think this one party obtains at least 10,000 LE certs per day.
For spammy websites.
Screenshots can be seen in
https://phishunt.io/ip/13.248.197.209
https://urlscan.io/ip/13.248.197.209
Somebody has to pay for the LE infrastructure: indirectly that's you and me, and people (or companies, hospitals etc.) robbed online in particular.
Every party involved makes money from cybercrime (including Josh Aas' salary), and each of them says that preventing cybercrime not their responsibility - guess why they'd say that.
They thank you and the EFF for promoting their BS.
npub126nsph7a2k9cd6kdr4cf0qu24ph5uv7ly25d8syfpnvk8rs5g4uqu5fq05 (npub126n…fq05)
#BigTech #Cybercrime #DV #Amazon #TeamInternetAG
Erik van Straten /
npub1yz…ql3r7
2024-12-27 20:09:48
in reply to nevent1q…gfxh
Author Public Key
npub1yzfshvmugq4nd4jhwve7hhwqzvvt7g9g23sharz5f5wdvg65r92qhql3r7Published at
2024-12-27 20:09:48Event JSON
{
"id": "fc08bedb11501e5c1a8a4a2942ac0c2609880f837fedc57cff26214d7c66f663",
"pubkey": "20930bb37c402b36d6577333ebddc01318bf20a854617e8c544d1cd623541954",
"created_at": 1735330188,
"kind": 1,
"tags": [
[
"p",
"8078b2e54466503ee8694ce5e7be1251c22e1aca9d8f66e4fbc1776c2bdeb45c",
"wss://nostr.sprovoost.nl"
],
[
"p",
"56a700dfdd558b86eacd1d7097838aa86f4e33df22a8d3c0890cd9638e144578",
"wss://nostr.sprovoost.nl"
],
[
"p",
"ef64a13c28f3b747b81b2bf7811aad358f037982647c69be4a0f191f4816e7d0",
"wss://nostr.sprovoost.nl"
],
[
"e",
"7470c2a210351cccfc72c0483c31f2a0e379a5a528e4f25496ca292361684cb4",
"wss://nostr.sprovoost.nl",
"reply"
],
[
"t",
"bigtech"
],
[
"t",
"cybercrime"
],
[
"t",
"dv"
],
[
"t",
"amazon"
],
[
"t",
"teaminternetag"
],
[
"proxy",
"https://infosec.exchange/users/ErikvanStraten/statuses/113726599235298322",
"activitypub"
]
],
"content": "nostr:npub1sput9e2yvegra6rffnj700sj28pzuxk2nk8kde8mc9mkc277k3wq0urvh2 : the CA/B forum and browser manufacturers only serve the interests of (and is/are sponsored by) big tech; it's all about making big money.\n\nEnd users have no influence whatsoever.\n\nAs a consequence, the internet is getting shittier every day. Too many people, like you (and those referred to in https://infosec.exchange/@ErikvanStraten/113725714810321495), believe the lies of big tech, or are part of them.\n\nJust one example, based on unfinished research (by me):\n\nOne user of .bond domains wastes probably more than 10.000 Let's Encrypt certificates *PER DAY*. That means *MILLIONS PER YEAR*.\n\nWhy? Because those certs are \"free\" (they are for them), nobody asks questions, you obtain them instantaneously while remaining anonymous.\n\nThey register approx. 7000 *new* base domain names PER DAY, currently all pointing to an Amazon server at 13.248.197.209 (see https://www.virustotal.com/gui/ip-address/13.248.197.209/relations).\n\nOften in the format *-#####.bond where # is a digit and * may be, for example, \"electrician-jobs\", \"electrician-job\" or \"lung-cancer-treatment\" - with a zillion of variations. Each gets its own cert (I've not seen any wildcards or subdomains).\n\nApart from that, they register the following subdomains (not in each case, but most):\n\nwww.*.bond\npr.*.bond\nwww.www.*.bond\nwww.pr.*bond\nmx.www.*.bond\n\nDNS for those points to either:\n104.247.81.90 .. 104.247.81.94\n104.247.82.90 .. 104.247.82.90\nand a few to 185.53.179.94.\n\nSee, for example, https://www.virustotal.com/gui/ip-address/104.247.81.90/relations\n\nAgain each cert for exactly one domain name. That's why I think this one party obtains at least 10,000 LE certs per day.\n\nFor spammy websites. \n\nScreenshots can be seen in\nhttps://phishunt.io/ip/13.248.197.209\nhttps://urlscan.io/ip/13.248.197.209\n\nSomebody has to pay for the LE infrastructure: indirectly that's you and me, and people (or companies, hospitals etc.) robbed online in particular.\n\nEvery party involved makes money from cybercrime (including Josh Aas' salary), and each of them says that preventing cybercrime not their responsibility - guess why they'd say that.\n\nThey thank you and the EFF for promoting their BS.\n\nnostr:npub126nsph7a2k9cd6kdr4cf0qu24ph5uv7ly25d8syfpnvk8rs5g4uqu5fq05 \n\n#BigTech #Cybercrime #DV #Amazon #TeamInternetAG",
"sig": "cfeb1c6a251df972d2c05a513a041c6283cee154fb04b404995cd6d283886ad92552cbc69f2fa3dde7fc22e0b29bef5ecf1e6cc7db907adfa44ba24ebce1771d"
}