Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Meanwhile, there is a whole grey market built around this. People sell “CGNAT mobile proxies” that ride on carrier and ISP NAT, and the whole point is that they are a pain to block without nuking huge ISP ranges. So they get marketed as a convenient way to dodge shadowbans, spam filters, and basically any abuse defense that relies on IP reputation.


> the whole point is that they are a pain to block

What makes them a pain to block? Angry users or some central database that lists these addresses as "do not block"?


> What makes them a pain to block?

Not wanting to cut off access to your users from, for example, every AT&T device (and their MVNOs).


Since cgnat means NATing a huge number of legimate device to a single ip. So angry users is the answer. Also note mobile users are usually the cgnat.

reply


It would be nice if we had a blackout CGNAT day where a bunch of major sites don't serve traffic to people behind CGNAT to give the ISPs a bit of a scare.


This is a win for the consumer though, we don't want to be tracked, your inability for abuse prevention is my ability to stay hidden in the crowd. Why should I care?

reply


Heh, if you think your ISP wouldn't sell port connection timing data to advertisers then you've missed all the history of them selling everything else. CGNAT is not a VPN.

reply


my ISP is bound by my countries privacy regulation, I replace the trust of one party with every website i visit that could be located in fascist regimes without such laws.

reply




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: