• odium@programming.dev
      link
      fedilink
      arrow-up
      90
      arrow-down
      1
      ·
      1 year ago

      Cloudflare has human checks before you can access some sites. Some apps and screenreaders no longer work with those sites.

    • Saik0@lemmy.saik0.com
      link
      fedilink
      English
      arrow-up
      67
      arrow-down
      2
      ·
      1 year ago

      They’re all uppity that to use cloudflare proxy they have to terminate the ssl connection there. So technically cloudflare can sniff all the traffic. But that’s kind of the point of WAFs and Reverse Proxies.

      I would argue that the sheer amount of data throughput that Cloudflare has, you’d have to really be on a list to be monitored… and they certainly cannot just log all data willy nilly.

      • r00ty@kbin.life
        link
        fedilink
        arrow-up
        32
        ·
        1 year ago

        I suppose this one is quite simple. How can they cache, if they don’t MitM the connection? I don’t think it would be technically possible. If you want the cache/CDN you just need to use a company you trust. If you don’t trust them then you don’t get the cache/CDN.

        • Saik0@lemmy.saik0.com
          link
          fedilink
          English
          arrow-up
          23
          arrow-down
          2
          ·
          1 year ago

          Correct. But people are viewing the DDOS protection, Cache, WAF, etc… functions as evidence that Cloudflare is obviously malicious and storing 100% of all data traversing them.

          I’ve seen no evidence of that yet, and will certainly discontinue use of them if they show such tendencies. Until then, I will absolutely leverage their platform for my use as a paying customer.

          I do understand the fear with their free platform though… They’ve gotta make money somehow, and I feel there’s probably a fear that is data collection.

    • Neato@kbin.social
      link
      fedilink
      arrow-up
      58
      arrow-down
      1
      ·
      1 year ago

      100%? Impossible. But they can effectively ban it.

      Pass a law that makes any US company, or company doing business in the US, not allowed to host E2EE-enabled apps. This now bans them from the App Store and Play Store. 99% of users won’t find or choose to side-load for android users. Then they can make E2EE actually illegal to distribute in the US. They’ll almost never bother going after individuals, but this effectively makes hosting a US-based website unable to distribute E2EE programs. So people will need to use foreign sites. Which the US can force ISPs to block via a whack-a-mole on individual sites.

      This isn’t very likely, but hell Congress was decently close to banning TikTok for no real reason so who knows?

    • Dasnap@lemmy.world
      link
      fedilink
      arrow-up
      20
      arrow-down
      1
      ·
      1 year ago

      Tories are just trying to kick up as much shit as possible before they’re kicked out so they can blame the next party for the fallout.

  • Larvitar@kbin.social
    link
    fedilink
    arrow-up
    80
    arrow-down
    2
    ·
    1 year ago

    Guess I’ll just have to touch grass.

    Google, try pulling data from me being at the park when my phone gets left at home!

      • Loulou@lemmy.mindoki.com
        link
        fedilink
        arrow-up
        5
        ·
        1 year ago

        Yeah I cheer on this one!

        On the other hand I got a different protocol (& implementation up and running) that can be used right away. It’s like IPFS but easy to “install” (a double click and a port forward is all that’s needed), you are also in control of your data and of course you can change the data without changing the link.

        Don’t get me wrong, IPFS paved the road. But today we have better ways to do things.

      • Loulou@lemmy.mindoki.com
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        Close, but with the added possibility to change the data (like a website/blog/chat) and not only have static data.

        So on this protocol, you can have a website with a link to my website, who has a link to yours. Maybe that doesn’t sound crazy cool :-) but filecoin, IPFS etc just does not have that functionality (with them you have a key/link, and it is locked to 1 data. Fix a typo in your text and you have to redistribute a new key/link on the old web or similar, it’s totally static), and for me it’s a must if you want to provide a functioning “new web”.