Technology
This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.
Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.
Rules:
1: All Lemmy rules apply
2: Do not post low effort posts
3: NEVER post naziped*gore stuff
4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.
5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)
6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist
7: crypto related posts, unless essential, are disallowed
view the rest of the comments
What interests me is that there is too much speculation without actual facts. We can suspect anything of anyone (including Lemmy, Facebook, etc). We've seen the numerous factual revelations about Facebook and a few others, but then there is something that proves they are being unethical. I'd be interested to see such facts though about CloudFlare, not what they can potentially do.
Cloudflare also means a lot to small websites that want to obscure their hosting IP address, and who want to make use of a global CDN to speed up the response on their self-hosted sites, as a CDN. So yes, they do also provide a positive service in that regard. They are not a free service as many including big corporates pay CloudFlare - that payment is not to get our data or push adverts into our websites, but to use the actual service. So that I see as their business model.
Yes they break the end-to-end SSL, but for plain public websites that is not a major concern. I gather the paying service is where corporates go for security which allows pass-through of SSL to the hosting site.
For smaller guys, CloudFlare can provide a valuable service if the data being hosted is not super sensitive. Yes it is US based, but so are many IT services, and again that needs to be considered in terms of what you are hosting. I recently went to look for alternatives that would be free for global CDN, obscuring IP, proxy, malicious traffic protection, etc and really could not find anything. Only basic DNS services.
Not the newest article, but relevant https://dt.gl/cloudflare-why-the-fuss/
Yes, it draws from what is published on their own website at https://www.cloudflare.com/our-story/. It is still speculation though as to what is happening. They claim their motivation was to identify and prevent spammers and other malicious actors taking websites, by crowdsourcing and blacklisting bad actors. From that perspective, users will see numerous addresses blocked that are supposedly part of those identified.
So yes, one could say, is that real? Well that's the point, we don't really know either way, and as far as I'm aware there have been no court cases yet against CloudFlare ie. evidence brought forward justifying criminal actions.
Certainly my own website was being hammered every day as I can see for the WP WordFence security plugin. WordFence also blocks masses of IP addresses based on attempted logins as well as crowdsourced data from similar actions elsewhere that they have detected. I can see people, after being blocked, running up their IP address range attempting to get around the block. So there are genuinely bad actors out their running automated tools to do this. That does not make WordFence now a bad thing. So websites are looking at many ways to try to protect themselves from this constant bombardment, that also uses up the hosting network traffic.
I'm not saying either that Cloiudflare does not have the potential to do bad. We can see how they work technically. But have they actually sold users' data, have they exploited the man-in-the-middle or given others access to it? That I've seen no evidence of yet. I just dislike ungrounded speculation, as that leads to conspiracy theories that may be unfounded.