A friend of mine has a project that is accross an art project and a political statement, in the form of an experiment:
To exemplify the power of the surveillance capitalists on the very fabric of what we still call “the Internet”, they want to configure a computer to block all connections going to all known services belonging to Google, Amazon and Cloudflare (and later potentially extend this to other companies).
(yes, my friend is very much aware that in practice most of the commercial web would become totally unusable. that’s partly the point of the demonstration to exemplify this…)
For google, they rely on an old (long) list of domains known to belong to the multiple entities composing the behemoth… an /etc/hosts points all of them to 127.0.0.1. brutal but efficient, until new domains, subdomains etc… appear.
How would you do it for amazon and its gigantic AWS platform? how would you do it for cloudflare? collect lists of their IPs (and update them over time)? edit firewall lists based on them that would sink all packets?
Anyone knows of any project going in that direction?
You can find some gigantic filter lists out there. Check https://filterlists.com.
not sure this project shares the objectives i described:
"Privacy
We respect your privacy. That is the whole point of this project. The only minor data we collect about visitors is what our infrastructure providers collect. These include:
GitHub Azure DevOps Application Insights DigitalOcean Cloudflare
"
That’s a how to guide for blocking Amazon and their web services! Will friend be sharing the project? Sounds cool!
curl https://ip-ranges.amazonaws.com/ip-ranges.json | jq ‘.prefixes[].ip_prefix’ | paste -sd “,” - | sed ‘s/"//g’
seems indeed interesting… the rest of the page mentions some obscure/proprietary technology…
so a few questions remain:
how would one use these list of IP addresses using free/libre software?
also can we trust Amazon themselves to declare all their IPs?
How do you do the same for Google? Cloudflare?
I don’t know where yoyr friend lives, but in Europe / EU there are possibly opps to fund this project.
I’m not an expert for these kind of things, but your friend my find the guys from Crimeflare interesting when dealing with Cloudflare, see https://github.com/zidansec/CloudPeler
The people behind https://dnsprivacy.org may also be useful.
And, yes, the people behind https://www.sphere-transgression-watch.org may also be of interest. The Sphere Transgression project may also be of interest for others to contribute. You’ll find information on the site.