Comment by hipadev23

Comment by hipadev23 3 days ago

9 replies

View on Hacker News

I'd also point out the following from Cloudflare CEO Matthew Prince's wiki page [1]:

> "Prince co-founded Unspam Technologies, which supported the development of Project Honey Pot [2], an open source data collection software created by Prince and Lee Holloway designed to gather information on IP addresses used by email-address harvesting services."

> In 2008, the Department of Homeland Security (DHS) contacted Unspam Technologies, asking, "Do you have any idea how valuable the data you have is?" The DHS' email served as the impetus for Cloudflare, a technology company Prince co-founded with Holloway and fellow Harvard Business School graduate Michelle Zatlyn the following year

> The DHS' email served as the impetus for Cloudflare

Emphasis mine. I love Cloudflare, their tech is amazing, but to bury our heads in the sand that it wasn't started from day one to be a government spying program would be extremely naive.

[1] https://en.wikipedia.org/wiki/Matthew_Prince

[2] https://en.wikipedia.org/wiki/Project_Honey_Pot

wumeow 3 days ago

https://blog.cloudflare.com/cloudflare-prism-secure-ciphers/

> At CloudFlare, we have never been approached to participate in PRISM or any other similar program.

> To date, CloudFlare has never received an order from the Foreign Intelligence Surveillance Act (FISA) court.

Reply View 8 replies
  • fidotron 3 days ago

    Overly specific weaseling. (Not by you, by Cloudflare).

    The questions are not about if they were approached or participate in any programs, it's what they do and if they provide the data or not.

    Reply View 2 replies
    • wumeow 3 days ago

      Again, an offhand comment about an email from the DHS is given all the weight in the world while a direct statement from Cloudflare is nitpicked to death.

      Reply View 1 reply
      • fidotron 3 days ago

        The whole point is it's not a direct statement. It is a lot of words which fails to answer the core question: is cloudflare syphoning data off to any of the Five Eyes (and I almost wrote Five Guys . . ) government intelligence agencies or their allies?

        For example, in your link: "One of the ways we limit the scope of orders we receive is by limiting the data we store. I have written before about how CloudFlare limits what we log and purge most log data within a few hours. For example, we cannot disclose the visitors to a particular website on CloudFlare because we do not currently store that data."

        So if they are MITMing everything they totally could just send everything out straight away and not contradict what they're saying at all. Them storing the data or not is completely beside the point.

        Reply View 0 replies
  • ahofmann 3 days ago

    US based companies (like china and europe based ones) are not allowed to talk about it, when state actors implementing their spying tools. It is just naive to think that cloudflare doesn't give access to state agencies. As others have said, it is more likely that cloudflare as a company is entirely built around the idea to provide a singe point of surveillance to US agencies.

    Reply View 2 replies
    • wumeow 3 days ago

      Love the double standard here. An offhand comment about an email from the DHS is considered strong evidence that Cloudflare was "started from day one to be a government spying program" while anything Cloudflare could say to deny it is brushed off as not strong enough.

      Reply View 1 reply
      • mattbee 3 days ago

        I'm not judging the evidence FOR Cloudflare being a spy.

        But it's a natural double standard that when your potential spy says "I'm not a spy!", well it's no evidence AGAINST.

        Reply View 0 replies
  • jazzyjackson 3 days ago

    >> At CloudFlare, we have never been approached to participate in PRISM or any other similar program […because we approached them]

    >> To date, CloudFlare has never received an order from the Foreign Intelligence Surveillance Act (FISA) court […because they never had to ask in the first place]

    My paranoia was cemented by the book When Google Met Wikileaks. Silicon Valley types do not have to be coerced to share data with 3 letter agencies, they have aligned incentives to ensure American dominance. Which is fine with me, as an American, but I won’t pretend there’s some rivalry where Cloudflare won’t comply without a court order.

    Reply View 0 replies
  • tucnak 3 days ago

    Oh, well, that's alright then! If they so it must be true!

    Reply View 0 replies