Your thoughts on CloudFlare

I hear that both CloudFlare is privacy respectful and that it spies on site visitors (with their CDN). What’s your thoughts on this matter?

@j0ta
banned
link
85M

Unprivacy service

GadgeteerZA
link
65M

Must say I get a few complaints from people about that aspect of Cloudflare when I link to articles on websites using it. I can’t control where others put good content though.

The issue seems to be with Cloudflare acting as a man-in-the-middle, supposedly breaking the SSL and re-encrypting it with their SSL. For normal sites that may be OK but this is not a good idea at all if that SSL is expected to carry passwords or login info or other private info that should arrive intact at the destination site.

So I’ll also be interested to hear what others think and what the solutions are.

@kevincox
link
55M

supposedly breaking the SSL and re-encrypting it with their SSL

There is no doubt here, this is how basically all CDNs work. You need to see the plaintext request in order to perform caching and most other features that they provide.

I agree, if the content is very sensitive then you shouldn’t trust a third party. However in practice most companies trust third parties whether that is a hosting provider, analytics or any number of functions that it is easier to outsource.

I think the concern arises because Cloudflare is big. This has benefits and drawbacks.

  • Generally larger companies have more resources to invest in security.
  • Covering such a large portion of the web gives them a lot of possible tracking data if they want to use it maliciously (for whatever your personal definition of malicious is).
@Echedenyan
link
25M

You can use archiving services since a lot of time ago to avoid redirecting people to Cloudflared stuff.

There are some which are fully FLOSS-based like https://conifer.rhizome.org which you even can self-host to avoid the limit they put for accounts there.

GadgeteerZA
link
15M

Isn’t Conifer more like The Internet Archive service? I was understanding Cloudflare was really being used to help manage massive volumes of web traffic ie. more the network management side?

@Echedenyan
link
2
edit-2
5M

I think I didn’t explain myself at all.

The idea is that you can share the clones of the website in Conifer or any other web archive to avoid the issues with Cloudflare that people could have.

It was a reply to:

Must say I get a few complaints from people about that aspect of Cloudflare when I link to articles on websites using it. I can’t control where others put good content though.

Actually, you can control at this level.

@TheAnonymouseJoker
link
5
edit-2
5M

It was hilarious when r/firefox banned me for 6 months for criticising use of Cloudflare DNS few days ago here https://teddit.net/r/firefox/comments/mkig88/_/gtlj3hl?context=10000 (teddit or libreddit or kddit cannot handle contexts)

The moderator there is likely evangelised, beware. Always debloat Firefox or Ungoogled Chromium or Pale Moon and use it, and use these over any Chromium forks.

[object Object]
link
8
edit-2
5M

It’s entirely on you. You brought some valid points about how awful Cloudflare is, but that’s not what got you banned. Your baseless claim of Cloudflare DoH somehow MITM SSL is. You are indeed spreading some FUD, even here by strawmanning what exactly you got banned for

@j0ta
banned
link
15M

flare in the name says all

@TheAnonymouseJoker
link
-15M

So you believe Cloudflare is a good company with a good intent? That seems like corporate apologia, since you want to twist my argument into muh FUD.

Bilb!
link
35M

In this reply,

  • You imply that they believe something they never said
  • You say without evidence that it is likely corporate apologia, and
  • then accuse THEM off twisting YOUR words.

Very impressive.

@TheAnonymouseJoker
link
-25M

In their reply,

  • They implied that they think I believe a narrative that I never promoted
  • They imply without evidence that Cloudflare has good intentions when its basis of existence is as Project Honeypot
  • then create a FUD strawman and justify ban when the voting ratio on the comments and in the post indicate a different kind of dialogue
  • totally ignore that my job is privacy and security advocacy, and make it a point to leverage Cloudflare over all the historical and current concerns that loom around them

Awesome. I can play these pony tricks all day.

[object Object]
link
35M

So you believe Cloudflare is a good company with a good intent?

Thanks for putting words in my mouth despite me explicitly agreeing that Cloudflare is awful.

If that’s how you argue with everyone no wonder you are getting banned. The Mod that argued with you on Reddit had a patience of saint

@TheAnonymouseJoker
link
-25M

Do not give me this false equivalence spaghetti argument crap. Supremacists do the same thing of “I hate these X people but I love all Y people”.

You should check that moderator’s history of censoring Firefox critics, but I am probably hoping uselessly. https://old.reddit.com/r/firefox/comments/msscqv/the_messages_from_firefox_subsection_now_shows/ Use removeddit and feel free to look around.

@iortega@lemmy.eus
link
35M

ehm, is it just me or teddit openned this context properly?

@TheAnonymouseJoker
link
15M

I may not have used teddit in the past few weeks, they handle it correctly now. Thanks.

Firefox dev team are jerks, I use Librewolf that is a more secure and private fork of firefox.

@TheAnonymouseJoker
link
65M

Librewolf is essentially a Firefox with user.js tweaks , and the fork will not last forever compared to the main thing. That is why I prefer modifying Firefox myself.

@Qgpkje4rY5s
link
2
edit-2
3M

deleted by creator

@TheAnonymouseJoker
link
25M

I think it will, not just because the source code is open and free, but because of Tor Project and because there exists no government or plutocratic entity behind developing it, but a global open community.

With Chromium, you have all these faults. Small blobs, Google plutocratic corporation and its ad network interests, DARPA/NSA interests and the Google developers being largely pro bourgeois capitalist slaves from the mind, who run for bread (money capital).

@Qgpkje4rY5s
link
-1
edit-2
3M

deleted by creator

@TheAnonymouseJoker
link
25M

Brave is incomparable to Firefox in terms of privacy violations and other issues. It has broken Tor routing, apart from the following:

Brave Browser is funded by DoD: https://np.reddit.com/r/privatelife/comments/fe34ls/exclusive_brave_browser_funded_by_dod_contractor/

Brave traffic detected with Cryptocompare despite BAT rewards disabled: https://removeddit.com/r/privacytoolsIO/comments/gr8nue/

Brave also has a known history of whitelisting Facebook and Twitter trackers, and has a crippled adblocker that does not work on Brave’s “acceptable” advertisements.

Brave Browser hardcoded their crypto partner Binance referral links (https://twitter.com/cryptonator1337/status/1269201480105578496) alongwith Ledger and soon-to-be-compromised Coinbase (https://decrypt.co/31461/coinbase-wants-to-identify-bitcoin-users-for-dea-irs)

@Qgpkje4rY5s
link
0
edit-2
3M

deleted by creator

@TheAnonymouseJoker
link
15M

Why are you projecting your FUD, and doing your le lion work in a privacy community of all places? Oh nevermind you are a Brave user with a new Lemmy account.

Tor Project does not recommend Brave or use Chromium/Blink engine as its base, so there goes that. And Tor users are sensitive people, where in a lot of cases any amount of tracking can be a difference between life and death, or being arrested as an activist. For me, it could easily sometimes mean being shoved into a jail for months.

Brave Browser funded by DoD makes sense, considering the shill army that exists across reddit, Telegram, Matrix and other networks for its micro userbase. And of course, Peter Thiel and Palantir involvement should make anyone cautious before using it.

Brave is an absolute crypto botnet, with a bunch of telemetry that does not go away either way, as the link provided by me above shows. Nothing can defend that, not in a browser designed for privacy. If you do not want to use Crypto Wallet botnet, and BAT system, why not just use Ungoogled Chromium at that point?

I am not even getting into the rest half of your BS comment, which revolves around junk crypto coins. You spreading this level of FUD and trapping people into Brave should scare everyone.

Stay away from this user’s scammy advice, folks. Please stay away from Brave BATware. Use Firefox, Pale Moon or Ungoogled Chromium only. Use uBlock Origin medium/hard mode and a good HOSTS ruleset.

@ajz
link
3
edit-2
2M

deleted by creator

@TheAnonymouseJoker
link
15M

He is spreading a bunch of FUD, and calling me a FUD spreader. Beware of this user, shilling Chromium monopoly, crypto scam, crippled ad blocker, Tor that does not work properly and a bunch of terrible stuff.

this user's comments look bizarre here

@Qgpkje4rY5s
link
0
edit-2
3M

deleted by creator

@Qgpkje4rY5s
link
7
edit-2
3M

deleted by creator

@Echedenyan
link
1
edit-2
5M

Just use UXP based browsers.

Security updates are handled in a different way and they just take advantage of the Firefox ones because are already there but these are incorporated in the own source code before each release or are provided by them.

@Qgpkje4rY5s
link
7
edit-2
3M

deleted by creator

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

  • 0 users online
  • 41 users / day
  • 103 users / week
  • 199 users / month
  • 618 users / 6 months
  • 3478 subscribers
  • 1877 Posts
  • 8354 Comments
  • Modlog