this post was submitted on 26 Dec 2023
0 points (NaN% liked)

Privacy

799 readers
12 users here now

Privacy is the ability for an individual or group to seclude themselves or information about themselves, and thereby express themselves selectively.

Rules

  1. Don't do unto others what you don't want done unto you.
  2. No Porn, Gore, or NSFW content. Instant Ban.
  3. No Spamming, Trolling or Unsolicited Ads. Instant Ban.
  4. Stay on topic in a community. Please reach out to an admin to create a new community.

founded 2 years ago
MODERATORS
c0mmando@links.hackliberty.org
0
Has avoiding Cloudflare become Impossible? (links.hackliberty.org)
submitted 8 months ago* (last edited 8 months ago) by c0mmando@links.hackliberty.org to c/privacy@links.hackliberty.org
4 comments fedilink hide all child comments
 

Nearly every website today seems to be hosted behind Cloudflare which is really concerning for the future of privacy on the internet.

Cloudflare no doubt logs, stores, and correlates network telemetry that can be used for a wide array of deanonymization attacks. Not only that, but Cloudflare acts as a man-in-the-middle for all encrypted traffic which means that not even TLS will prevent Cloudflare from snooping on you. Their position across the internet also lends them the ability to conduct netflow and traffic correlation attacks.

~~Even my proposed solution to use archive.org as a proxy is not a valid solution since I found out today that archive.org is also hosted behind Cloudflare...~~ edit: i was wrong

So what options do we even have? What privacy concerns did I miss, and are there any workaround solutions?

you are viewing a single comment's thread
view the rest of the comments
[–] ultranaut@lemmy.world 0 points 8 months ago (2 children)

I don't think it's possible to avoid companies like Cloudflare, AWS, Akamai, etc. Or not without a whole lot of effort that isn't really reasonable and would severely degrade user experience. They provide what's become fundamental infrastructure to the internet, and that doesn't seem likely to change.

[–] freedomPusher@sopuli.xyz 0 points 8 months ago* (last edited 8 months ago) (1 children)

It is possible to avoid Cloudflare (the worst offender), proven by instances that are run by more competent experts. For example:

  • fedia.io
  • sopuli.xyz
  • beehaw.org
  • infosec.pub
  • lemmy.dbzer0.com
  • slrpnk.net
  • links.hackliberty.org
  • lemmy.ml ← used to be Cloudflare-proxied but they got wiser
  • mander.xyz

^ Those are good instances where users’ traffic is not recklessly exposed to Cloudflare.

These instances below not only expose their users to Cloudflare, but they’re not even decent enough to inform their own users about it:

  • lemmy.world ← Cloudflare
  • sh.itjust.works ← Cloudflare
  • zerobytes.monster ← Cloudflare
  • lemmy.ca ← Cloudflare
  • lemm.ee ← Cloudflare
  • programming.dev ← Cloudflare
  • lemmy.zip ← Cloudflare

If you probe admins of the above list, some will say in effect that they regret pawning all their users to CF but claim they have no choice - that they do not know how to defend from attack. Some admins have no regrets and simply do not give a shit. Many admins are actually ignorant to the extent of not even knowing Cloudflare sees the traffic (yes, many times admins were appalled to learn this from me; who to them is just some random pleb). Probably the most despicable aspect to this is that no Cloudflare admin is socially responsible enough to post a banner msg making sure users are informed about their exposure. If they are proud of their choice and feel they have no choice, then why neglect to disclose it (esp. on a non-profit activity)?

Regardless of their reasons/excuses, it really does not matter to the user. What matters to users is that there are privacy-disrespecting choices and relatively privacy-respecting choices. Obviously street-wise users select from the first list I posted and not the 2nd list.

Only CFd government sites are unavoidable

The only Cloudflare sites that are unavoidable AFAICT are government sites. You can always boycott the private sector, but there are 6 or so states in the US where voter registration goes through Cloudflare. Even if you register on paper, the data entry worker likely goes to the Cloudflare site. I became a non-voter for this reason.

[–] overflowingmemory@links.hackliberty.org 1 points 3 weeks ago

ironically monero.town also uses Cloudflare.