> Isn't identifying real humans an unsolved problem?

I'm not sure this was ever a problem to begin with. The obsession with "confirm you are human" has created a lot of "bureaucracy" on technical level without actually protecting websites from unauthorised use. Why not actually bite the bullet and allow automations to interact with web resources instead of bothering humans to solve puzzles 10 times per day?

> Cloudflare defining "trusted"

They would love to monetise the opportunity, no doubt

If sentiment and personal bias were a factor in classifying malware then I'd be rid of all of faang and social media.

I wonder whether by now the botnets moved on to authenticating C2 server and using fallbacks methods if the malware discovers an endpoint to be "compromised"

This wouldn't raise serious concerns. Ask the customers/community if doing it before hand is something they agree with in some form of poll, then just do it. At the end of the day DNS is a million years old, out-dated and the mission is to help make a better internet. If Cloudflare straight up asked us all if it was cool to modify their DNS servers to identify / disrupt malicious use from botnets I'd agree. People not using DoH or internal things like dnscrypt-proxy need to get with the times.

There's ethical ways to do things: https://www.justice.gov/archives/opa/pr/court-authorized-ope...

I'm not saying I agree with it but we're all engineers, the internet and everything built on it was engineered, to put up with script kiddies and hacked computers and not-so-tech-savvy internet citizens using their devices and installing Infatica, and other malware/proxy services on their devices because it came within the agreement for installing some free app where their kids could 'pop bubbles' on their parents phones or some free desktop app included it; then distinguishing their IP addresses and IP-scores as they blend in with their regular human traffic makes it hard to block it. Ain't nobody got time for whack-a-mole internet, families and businesses will need to secure their networks.

Honestly I'd be ok with an up-to-date live list of all known infected IP addresses and their last timestamp for what, and who detected them as a bot/malicious IP address so I could just use some simple ipsets and iptables, or make a simple script to disallow things like posting, interactions while still allowing them to see content on websites would be ideal. Add a little banner 'you're infected, or somebody on your network is infected, this is how to fix it and practice best security, and more info on the subject'

These services switched from DDoS/attacks to renting out their hacked network spaces. They don't need to be making bank at our expense.

People make mistakes. Security engineers need to understand what sort of mistakes people are making and mitigate that risk. Brushing it under the rug as silly users making mistakes doesn't protect anyone.