Your thoughts on CloudFlare

I hear that both CloudFlare is privacy respectful and that it spies on site visitors (with their CDN). What’s your thoughts on this matter?

@j0ta
banned
82M

Unprivacy service

GadgeteerZA
62M

Must say I get a few complaints from people about that aspect of Cloudflare when I link to articles on websites using it. I can’t control where others put good content though.

The issue seems to be with Cloudflare acting as a man-in-the-middle, supposedly breaking the SSL and re-encrypting it with their SSL. For normal sites that may be OK but this is not a good idea at all if that SSL is expected to carry passwords or login info or other private info that should arrive intact at the destination site.

So I’ll also be interested to hear what others think and what the solutions are.

@kevincox
52M

supposedly breaking the SSL and re-encrypting it with their SSL

There is no doubt here, this is how basically all CDNs work. You need to see the plaintext request in order to perform caching and most other features that they provide.

I agree, if the content is very sensitive then you shouldn’t trust a third party. However in practice most companies trust third parties whether that is a hosting provider, analytics or any number of functions that it is easier to outsource.

I think the concern arises because Cloudflare is big. This has benefits and drawbacks.

  • Generally larger companies have more resources to invest in security.
  • Covering such a large portion of the web gives them a lot of possible tracking data if they want to use it maliciously (for whatever your personal definition of malicious is).
@Echedenyan
22M

You can use archiving services since a lot of time ago to avoid redirecting people to Cloudflared stuff.

There are some which are fully FLOSS-based like https://conifer.rhizome.org which you even can self-host to avoid the limit they put for accounts there.

GadgeteerZA
12M

Isn’t Conifer more like The Internet Archive service? I was understanding Cloudflare was really being used to help manage massive volumes of web traffic ie. more the network management side?

@Echedenyan
2
edit-2
2M

I think I didn’t explain myself at all.

The idea is that you can share the clones of the website in Conifer or any other web archive to avoid the issues with Cloudflare that people could have.

It was a reply to:

Must say I get a few complaints from people about that aspect of Cloudflare when I link to articles on websites using it. I can’t control where others put good content though.

Actually, you can control at this level.

@TheAnonymouseJoker
5
edit-2
2M

It was hilarious when r/firefox banned me for 6 months for criticising use of Cloudflare DNS few days ago here https://teddit.net/r/firefox/comments/mkig88/_/gtlj3hl?context=10000 (teddit or libreddit or kddit cannot handle contexts)

The moderator there is likely evangelised, beware. Always debloat Firefox or Ungoogled Chromium or Pale Moon and use it, and use these over any Chromium forks.

[object Object]
8
edit-2
2M

It’s entirely on you. You brought some valid points about how awful Cloudflare is, but that’s not what got you banned. Your baseless claim of Cloudflare DoH somehow MITM SSL is. You are indeed spreading some FUD, even here by strawmanning what exactly you got banned for

@j0ta
banned
12M

flare in the name says all

So you believe Cloudflare is a good company with a good intent? That seems like corporate apologia, since you want to twist my argument into muh FUD.

Bilb!
32M

In this reply,

  • You imply that they believe something they never said
  • You say without evidence that it is likely corporate apologia, and
  • then accuse THEM off twisting YOUR words.

Very impressive.

In their reply,

  • They implied that they think I believe a narrative that I never promoted
  • They imply without evidence that Cloudflare has good intentions when its basis of existence is as Project Honeypot
  • then create a FUD strawman and justify ban when the voting ratio on the comments and in the post indicate a different kind of dialogue
  • totally ignore that my job is privacy and security advocacy, and make it a point to leverage Cloudflare over all the historical and current concerns that loom around them

Awesome. I can play these pony tricks all day.

So you believe Cloudflare is a good company with a good intent?

Thanks for putting words in my mouth despite me explicitly agreeing that Cloudflare is awful.

If that’s how you argue with everyone no wonder you are getting banned. The Mod that argued with you on Reddit had a patience of saint

Do not give me this false equivalence spaghetti argument crap. Supremacists do the same thing of “I hate these X people but I love all Y people”.

You should check that moderator’s history of censoring Firefox critics, but I am probably hoping uselessly. https://old.reddit.com/r/firefox/comments/msscqv/the_messages_from_firefox_subsection_now_shows/ Use removeddit and feel free to look around.

ehm, is it just me or teddit openned this context properly?

I may not have used teddit in the past few weeks, they handle it correctly now. Thanks.

Firefox dev team are jerks, I use Librewolf that is a more secure and private fork of firefox.

Librewolf is essentially a Firefox with user.js tweaks , and the fork will not last forever compared to the main thing. That is why I prefer modifying Firefox myself.

@Qgpkje4rY5s
2
edit-2
12h

deleted by creator

I think it will, not just because the source code is open and free, but because of Tor Project and because there exists no government or plutocratic entity behind developing it, but a global open community.

With Chromium, you have all these faults. Small blobs, Google plutocratic corporation and its ad network interests, DARPA/NSA interests and the Google developers being largely pro bourgeois capitalist slaves from the mind, who run for bread (money capital).

@Qgpkje4rY5s
-1
edit-2
12h

deleted by creator

@ajz
3
edit-2
2M

I would much rather recommend Brave to non-techies around me, or Librewolf for the ones a tad bit more technologically knowledgeable rather than Firefox.

Why recommend Brave browser ? Regarding LibreWolf, it looks nice in my opinion, but focused on Linux : Windows binaries are experimental. And is there OTA auto updates or how to update ? Also, I checked, LibreWolf shows LibreWolf as User agent when surfing the web, possibly creating a unique browser fingerprint.

He is spreading a bunch of FUD, and calling me a FUD spreader. Beware of this user, shilling Chromium monopoly, crypto scam, crippled ad blocker, Tor that does not work properly and a bunch of terrible stuff.

this user's comments look bizarre here

@Qgpkje4rY5s
0
edit-2
12h

deleted by creator

Brave is incomparable to Firefox in terms of privacy violations and other issues. It has broken Tor routing, apart from the following:

Brave Browser is funded by DoD: https://np.reddit.com/r/privatelife/comments/fe34ls/exclusive_brave_browser_funded_by_dod_contractor/

Brave traffic detected with Cryptocompare despite BAT rewards disabled: https://removeddit.com/r/privacytoolsIO/comments/gr8nue/

Brave also has a known history of whitelisting Facebook and Twitter trackers, and has a crippled adblocker that does not work on Brave’s “acceptable” advertisements.

Brave Browser hardcoded their crypto partner Binance referral links (https://twitter.com/cryptonator1337/status/1269201480105578496) alongwith Ledger and soon-to-be-compromised Coinbase (https://decrypt.co/31461/coinbase-wants-to-identify-bitcoin-users-for-dea-irs)

@Qgpkje4rY5s
0
edit-2
12h

deleted by creator

Why are you projecting your FUD, and doing your le lion work in a privacy community of all places? Oh nevermind you are a Brave user with a new Lemmy account.

Tor Project does not recommend Brave or use Chromium/Blink engine as its base, so there goes that. And Tor users are sensitive people, where in a lot of cases any amount of tracking can be a difference between life and death, or being arrested as an activist. For me, it could easily sometimes mean being shoved into a jail for months.

Brave Browser funded by DoD makes sense, considering the shill army that exists across reddit, Telegram, Matrix and other networks for its micro userbase. And of course, Peter Thiel and Palantir involvement should make anyone cautious before using it.

Brave is an absolute crypto botnet, with a bunch of telemetry that does not go away either way, as the link provided by me above shows. Nothing can defend that, not in a browser designed for privacy. If you do not want to use Crypto Wallet botnet, and BAT system, why not just use Ungoogled Chromium at that point?

I am not even getting into the rest half of your BS comment, which revolves around junk crypto coins. You spreading this level of FUD and trapping people into Brave should scare everyone.

Stay away from this user’s scammy advice, folks. Please stay away from Brave BATware. Use Firefox, Pale Moon or Ungoogled Chromium only. Use uBlock Origin medium/hard mode and a good HOSTS ruleset.

@Qgpkje4rY5s
7
edit-2
12h

deleted by creator

@Echedenyan
1
edit-2
2M

Just use UXP based browsers.

Security updates are handled in a different way and they just take advantage of the Firefox ones because are already there but these are incorporated in the own source code before each release or are provided by them.

@Qgpkje4rY5s
7
edit-2
12h

deleted by creator

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

  • 0 users online
  • 41 users / day
  • 101 users / week
  • 206 users / month
  • 607 users / 6 months
  • 2967 subscribers
  • 1549 Posts
  • 6758 Comments
  • Modlog