@Liberapay @Niquarl #CloudFlare claims substantiated: https://www.devever.net/~hl/cloudflare https://github.com/privacytools/privacytools.io/issues/374#issuecomment-460077544 https://cryptome.org/2016/07/cloudflare-de-anons-tor.htm http://cryto.net/~joepie91/blog/2016/07/14/cloudflare-we-have-a-problem iscloudflaresafeyet.com It's especially stupid to trust CF for financial transactions.
@Liberapay @Niquarl I never made the claim that the US gov. has #CloudFlare's view of the data, so I have no need to substantiate the US role. My claim that CF centralizes the web is well-substantiated in those articles. What does CF do differently after 2016 that you believe supports decentralization & #netneutrality?
@aktivismoEstasMiaLuo You claimed that CF violates privacy, but you haven't provided any evidence that they're collecting and sharing private data.
Net neutrality isn't very relevant since CF isn't a consumer ISP. You haven't explained how CF “works against” net neutrality.
Complaining that CF “centralizes” the web is basically the same as complaining that they're doing their job too well and have too many customers.
@Liberapay @Niquarl CloudFlare attacks #Tor users. Attacks on Tor users are an attack on #privacy. This constrains the Tor userbase. CloudFlare is also a MitM who charges no fee to a vast majority of its users-- this is how surveillance capitalism works. Millions of accounts were compromised in #CloudBleed, an artifact of lg.scale centralisation coupled w/a MitM.
@aktivismoEstasMiaLuo CF doesn't attack Tor users. In fact they've repeatedly tried to improve their service for Tor users: https://blog.cloudflare.com/cloudflare-supports-privacy-pass/ and https://blog.cloudflare.com/cloudflare-onion-service/
CF also allows website admins to choose whether requests coming through Tor should be challenged or not.
You haven't provided any evidence that CF is involved in surveillance. The fact that a company provides some services for free doesn't prove anything other than this: they're trying to attract new users.
> CF doesn't attack Tor users
@Liberapay "CF also allows website admins.." It's #CloudFlare's default setting that has put them in a position of abusing #privacy & #netneutrality. If they had a different default setting they would legitimately be able to point the finger to web admins (most of whome have little clue about how CF works or what Tor is)
@Liberapay Also, your positive claim that CF is not looking at the traffic, not using that data, and not allowing the US to snoop is simply naive. Without proof either way, it's ignorant to extend trust to a corporate tech giant particularly when they lie regularly, like Trump. To be a money service that's so cavalier with trust shows how absolutely reckless your operation is.
@aktivismoEstasMiaLuo I'm not aware of CF having ever lied or done anything else that would justify distrusting them as much as you do.
Your repeated claim that it's particularly dangerous to use CF for financial services doesn't make much sense. They're obviously not going to steal money from people, so I don't know what you're worried about.
If using CF is “reckless”, then every significant platform similar to ours is reckless, including Patreon and Open Collective.
@aktivismoEstasMiaLuo Bullshit. I don't see how you could even argue that banks have a higher level of security than Cloudflare. It's a stupid claim that you could only argue with anecdotal evidence.
For the record, Cloudflare is PCI DSS Level 1 compliant, which means that payment processors are allowed to send card numbers through it.
The Capitol One leak wasn't Amazon's fault, the same thing could have happened if the bank had used another service provider.
@Liberapay If banks had been foolish enough to trust CloudFlare, cloudbleed would have been far more costly than it was.
Saying that "it's legal" to send credit card numbers through CF is a very poor standard of security. Legal standards are low. US consumers are protected by regulation E. This means if fraud happens, the consumer isn't responsible. Credit card networks control who they do business with. If a vendor is compromised, the cc network can revoke their contract.
@Liberapay The fact that you don't think Amazon is responsible for their own contractors is profoundly absurd. Of course they're reponsible for who they hire.
@Liberapay You also neglect that credit card numbers don't tie to consumer liquid assets. It's not a wire transfer. That money can be clawed back. Now find a bank where FDIC-insured money rests on CloudFlare's shoulders.
@Liberapay What's quite alarming about a payment service like #Liberapay blindly trusting CloudFlare and simultaneously saying #Amazon wasn't responsible for its own contractor who leaked data, is that Liberapay naturally wouldn't think they have accountability in the event of a breach. IOW, they're hoping to use finger-pointing and offload accountability for their own poor judgement to use CF.
I agree that it is a problem that too many sites use few service. Same with AWS etc. But i don't think Cloudflare is evil. I distrust Microsoft and Google way more.
I accept when @Liberapay has no other option right now than to use Cloudflare. Donating in a single payment is way more important to me.
@aktivismoEstasMiaLuo i agree. but that is not because they are evil, but they are just successful in a capitalistic sense. i think they use unfair methods with attracting users through free services and i agree that that is a method of surveillance capitalists. i would not want to depend on them
but when people need their services, we can only provide alternatives and educate them about the problems. i think that's the only way activism is ethical and effective
@davidak #CloudFlare is evil. Let's be clear: the evil is not in business success. The evil is in their lies and deceptions, their surveillance capitalist business model, and their abuse of power in dictating the tools that may users use to protect their privacy. It's an injustice to make excuses for CF & for CF's users.
@davidak A CF user failing to embrace ethics as they erroneously believe they "need" CF is a case of ignorance that needs correction, not sympathy.
@aktivismoEstasMiaLuo then work out an alternative that get accepted. that's how community projects work. it's not a priority for me or Liberapay right now
we know your opinion now. please do something constructive
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!