this post was submitted on 27 May 2024
857 points (96.6% liked)
Programmer Humor
32536 readers
523 users here now
Post funny things about programming here! (Or just rant about your favourite programming language.)
Rules:
- Posts must be relevant to programming, programmers, or computer science.
- No NSFW content.
- Jokes must be in good taste. No hate speech, bigotry, etc.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
What's the problem with CloudFlare? They're trying to make a profit, and so in the long run are the same as anybody, but every interaction I've had with them recently has left me impressed.
Edit: The answer is that the way their thing works nullifies HTTPS.
Remember when google was beloved by everyone back then when they're still have "don't be evil" motto? Cloudflare right now is like google back then: super useful, provides a lot of free services that would be expensive on other providers. But unlike google, if cloudflare go full evil in the future, the impact will be much larger because they're an mitm proxy capable of seeing unencrypted traffics across all websites under their wing. Right now they're serving ~30% of top 10,000 websites and growing.
Oh, okay, so I'm not wrong that they're good right now.
I'm a little unclear on how it works. Do they strip off HTTPS somehow? Otherwise, there's not too much unencrypted traffic around anymore.
Well yes, how else they can provide their services such as page caching, image optimizing, email address obfuscation, js minifications, ddos mitigation, etc unless they can see all data flowing between your server and your visitors in the clear?
Cloudflare is basically an MITM proxy. This blog post might be helpful if you want to know how mitm proxy works in general: https://vinodpattanshetti49.medium.com/how-the-mitm-proxy-works-8a329cc53fb
Jesus Christ, I didn't realise.