Comment by hipadev23
Comment by hipadev23 3 days ago
because they’re an amazing piece of technology that also happens to be a state sponsored man-in-the-middle platform.
Comment by hipadev23 3 days ago
because they’re an amazing piece of technology that also happens to be a state sponsored man-in-the-middle platform.
Nah that’d be a national security crisis.
But the presence of https://en.wikipedia.org/wiki/PRISM well over 10 years ago should be sufficient.
Gotcha. Yeah, I mean all of these platforms are certainly juicy targets for room 641A [0] shenanigans. I just wondered if there had been some public leaks or something which we might not all be aware of yet.
I'd also point out the following from Cloudflare CEO Matthew Prince's wiki page [1]:
> "Prince co-founded Unspam Technologies, which supported the development of Project Honey Pot [2], an open source data collection software created by Prince and Lee Holloway designed to gather information on IP addresses used by email-address harvesting services."
> In 2008, the Department of Homeland Security (DHS) contacted Unspam Technologies, asking, "Do you have any idea how valuable the data you have is?" The DHS' email served as the impetus for Cloudflare, a technology company Prince co-founded with Holloway and fellow Harvard Business School graduate Michelle Zatlyn the following year
> The DHS' email served as the impetus for Cloudflare
Emphasis mine. I love Cloudflare, their tech is amazing, but to bury our heads in the sand that it wasn't started from day one to be a government spying program would be extremely naive.
"Our Free plan gives Cloudflare access to unique threat intelligence"
Nobody remembers the "SSL added and removed here :)"?
https://www.agwa.name/blog/post/cloudflare_ssl_added_and_rem...
One half of the NSA's mission is defensive, dedicated to improving the security of US systems and infrastructure: https://www.nsa.gov/Cybersecurity/
They have the nickname "Crimeflare" for a reason and there is a reason so many threat actors, phishers, and malware people use CF on their landing pages and c2s.
When you file an abuse ticket with CF, CF takes the route of "oh we are only routing the data and content, not hosting it" and will refuse to terminate the CF accounts of someone being malicious. Threat actors know this which is why so many use em.
>When you file an abuse ticket with CF, CF takes the route of "oh we are only routing the data and content, not hosting it" and will refuse to terminate the CF accounts of someone being malicious. Threat actors know this which is why so many use em.
Their abuse page says they forward abuse tickets to the origin hosting provider. The origin hosting provider could ignore your tickets, but I don't see how that's any different than if they didn't use cloudflare to begin with.
Ok but why can’t they take responsibility for the abuse and terminate the accounts themselves, forcing the malicious actors back to being in a position of not being protected by cloudflare?
They didn't hesitate with 8chan, even when it was known that fedposting was a thing here and that the straw that broke the camel's back they pointed to could have well been a false flag.
So the deep state is smart enough to take over the corporation and inject all this secret squirrel tech, but didn't think to cook the books to make it look like a marginally-profitable (but boring) business?
It reminds me of the counterargument to UFOs where they say "so the UFO flew here from 100 light-years away, through extreme cold, deep space, intense radiation, dodged space rocks, but as soon as it came into a lukewarm atmosphere with a modest gravity and tame weather, it crashed into a field in New Mexico?"
To be fair, you could see how a vehicle designed rigidly for extreme cold, extreme vacuum, zero gravity, etc. might fail catastrophically when introduced to modest temperatures, a modest atmosphere, and a modest gravity.[1]
It wouldn't say much for the foresight of the alien designers, mind.
[1] "100 KILOpascals? KILO? I thought you said milli, you blithering nixflorp!"
> [1] "100 KILOpascals? KILO? I thought you said milli, you blithering nixflorp!"
The numbers were given in Universal Standard Units, but the manufacturer assumed Galactic Imperial Units
What? What does business profitability or viability have to do with anything? Cloudflare can serve both customers at the same time. They still make amazing products, have incredibly talented engineers, and provide extremely valuable commercial services.
PRISM worked with numerous participants from well-oiled tech startups to aging why-wont-you-just-die companies.
PRISM revealed secrets. It also revealed that some companies fought back as much as possible. It's also possible to design core tech so that even when forced to participate, you reveal as little or no information.
CloudFlare, PRISM, and Securing SSL Ciphers, 2013-06-12 Matthew Prince https://blog.cloudflare.com/cloudflare-prism-secure-ciphers/
I'm sure you've heard this before but Cloudflare isn't really a CDN. CDNs don't have to intercept requests to be useful.
I think what you describe is closer to "TLS terminating reverse proxy", which does need to intercept every request.
What are some alternatives? Preferably the more open source the better.
I believe the implication is that cloudflares usefulness is not in her source code but rather her physical infra, there is not some free as in freedom alternative to that.
Idk if they're open source, but netlify was the company that I thought sort of made this feature free and easy to use. Github pages is also a free alternative.
Someone was (incidentally?) ddos'ed on Netlify last year and was served a 104k bill. The fees were waved in the end, but the caveat remains on all these free services that you pay by bandwidth.
That's why I like Bunny, the only such service I could find with prepaid pricing. I would rather have service shut off than to have to pay $104k for a day or two of service.
I was assuming that it's a loss-leader sort of business strategy at play before reading your comment. Do you care to share any insights/references to support this claim?