deCloudflare/subfiles/people/2022.mastodon.md

## Mastodon

- NOOOOO DON'T USE CLOUDFLARE THEY ARE MITM YOUR TRAFFIC AND THEY CAN SEE YOUR PASSWORDS :soyjak: :soyjak2: :soy_left: :soy_right: :soyjak_gun: SSV: *turns ln cloudflare caching* wtf my 1:43:48 long video of "THE IDOLM@STER CINDERELLA GIRLS 7thLIVE TOUR Special 3chord♪ Glowing Rock ! @KYOCERA DOME OSAKA - Day 1 Part 1" doesn't load guess I'm not using cloudflare then. ([splitshockvirus@mstdn.starnix.network](https://mstdn.starnix.network/@splitshockvirus/108184553476460073))
- @Blort @davidoclubb (update) DeepL is a no-go from a privacy standpoint -- just found out they share your sensitive translations with Cloudflare, thus privacy is in the shitter. I suggest installing ArgosTranslate and running it locally. ([koherecoWatchdog@freeradical.zone](https://freeradical.zone/@koherecoWatchdog/108183092593257572))
- @novichan @tetrapyloctomist (update) DeepL shares your sensitive translations with Cloudflare, so privacy is in the shitter w/them. I suggest installing ArgosTranslate and running it locally. ([koherecoWatchdog@freeradical.zone](https://freeradical.zone/@koherecoWatchdog/108183058285035581))
- The FBI are saying "ransomware actors" are apparently going after agricultural cooperatives" and "may (…) negatively impact the food supply chain". Wow, that almost sounds like it might be a threat. We of course, blame fedi. cloudFlareIsTheMalware supplyChains agriculture farming ([dsfgs@activism.openworlds.info](https://activism.openworlds.info/@dsfgs/108181640490400689))
- TIL Pixelfed is protected by Cloudflare. Ouch. ([ru@fosstodon.org](https://fosstodon.org/@ru/108181418478420297))
- @icedquinn Sustainable Australia Party used to call these "de facto standards" "naturalMonopolies". They used to argue that such natural monopolies must be made public. They may still do, but we can no longer access their site as cloudFlare blocks access to it. Cloudflare serve a number of other minorParty websites, all of which are inaccessible. Keep in mind, Australia is IN AN ELECTION, right now. auspol privacy electionMeddling electionRigging USA democracyDoesNotExist ([dsfgs@activism.openworlds.info](https://activism.openworlds.info/@dsfgs/108181111698479070))
- Behördenwebsites mit Cloudflare "we are checking your browser" ([quincy@chaos.social](https://chaos.social/@quincy/108179883508136249))
- If you want to opt-out of Visa’s information sharing, you must give your card to Visa’s Cloudflare website. Is this catch22 legal, considering Visa is legally obligated to offer the opt-out? ([koherecoWatchdog@freeradical.zone](https://freeradical.zone/@koherecoWatchdog/108176690207008793))
- Hahaha. Now even CloudFlare'd sites are dropping initial connection attempts. Just die, CloudFlare. cloudFuckd cloudFucked dieCloudFlare ([dsfgs@activism.openworlds.info](https://activism.openworlds.info/@dsfgs/108174798782492937))
- @fedithom @fdroidorg You need to separate the facts from the judgment. The irrefutable fact is that Cloudflare sees all data going to CF-hosted Fdroid servers incl. ssl. What Cloudflare harvests from the F-droid mirrors is anyone’s guess b/c those facts are concealed from the public. Even if Cloudflare were to claim not to, they’ve been caught making false statements before, thus untrustworthy. ([bojkotiMalbona@infosec.exchange](https://infosec.exchange/@bojkotiMalbona/108168770251173981))
- @fdroidorg @iska The answer is the website, for now. Experts &amp; streetwise users are being driven off the Fdroid app but the fdroid website is still easy to detect Cloudflare on (there are a number of tools to do this) and then sideload the apps. ([bojkotiMalbona@infosec.exchange](https://infosec.exchange/@bojkotiMalbona/108168857872534511))
- @fdroidorg @iska There is a project dedicated to finding Cloudflare websites. It’s such a huge undertaking that the project struggles to keep up with it. This is nothing that you could reasonably expect each Fdroid user to undertake on their own. ([bojkotiMalbona@infosec.exchange](https://infosec.exchange/@bojkotiMalbona/108168878863849485))
- @iska @fdroidorg What’s a specific firewall implementation that gives users the option of using a custom filter? BTW, you’re not just blocking one IP address. Cloudflare has around ~10-15% of all websites in the world. That’s a lot of IPs stemming from a lot of ASNs, and the ASN lookups are non-trivial because some CF websites are not tagged in the ASN info as belonging to CF. ([bojkotiMalbona@infosec.exchange](https://infosec.exchange/@bojkotiMalbona/108168867633647833))
- Fdroid is getting dicey for privacy now that are allowing a tech giant to snoop on who fetches which app. Many users choose @fdroidorg for security, but security is compromized when Cloudflare is given reconnaisance data on the apps and versions various users are running. This info opens up Fdroid users to attacks that exploit known bugs. ([bojkotiMalbona@infosec.exchange](https://infosec.exchange/@bojkotiMalbona/108165961277908385))
- @fdroidorg I suggest not trusting the Fdroid app itself anymore. By default it enables ~6 mirrors, any of which can become Cloudflared w/out notice. There is no toggle to automatically block or disable Cloudflare hosts. It’s thus more secure to fetch f-droid apps from the web over Tor, after checking whether a host is CF’d. ([bojkotiMalbona@infosec.exchange](https://infosec.exchange/@bojkotiMalbona/108166039629460241))
- ↳ [Back to list](../people/)
-												commit
											
										
										
											2022-04-20 03:24:15 -04:00
+								## Mastodon
-												commit
											
										
										
											2022-04-24 00:11:59 -04:00
+								- NOOOOO DON'T USE CLOUDFLARE THEY ARE MITM YOUR TRAFFIC AND THEY CAN SEE YOUR PASSWORDS :soyjak: :soyjak2: :soy_left: :soy_right: :soyjak_gun: SSV: *turns ln cloudflare caching* wtf my 1:43:48 long video of "THE IDOLM@STER CINDERELLA GIRLS 7thLIVE TOUR Special 3chord♪ Glowing Rock ! @KYOCERA DOME OSAKA - Day 1 Part 1" doesn't load guess I'm not using cloudflare then. ([splitshockvirus@mstdn.starnix.network](https://mstdn.starnix.network/@splitshockvirus/108184553476460073))
-												commit
											
										
										
											2022-04-23 16:10:18 -04:00
+								- @Blort @davidoclubb (update) DeepL is a no-go from a privacy standpoint -- just found out they share your sensitive translations with Cloudflare, thus privacy is in the shitter. I suggest installing ArgosTranslate and running it locally. ([koherecoWatchdog@freeradical.zone](https://freeradical.zone/@koherecoWatchdog/108183092593257572))
 								- @novichan @tetrapyloctomist (update) DeepL shares your sensitive translations with Cloudflare, so privacy is in the shitter w/them. I suggest installing ArgosTranslate and running it locally. ([koherecoWatchdog@freeradical.zone](https://freeradical.zone/@koherecoWatchdog/108183058285035581))
-												commit
											
										
										
											2022-04-23 12:10:13 -04:00
+								- The FBI are saying "ransomware actors" are apparently going after agricultural cooperatives" and "may (…) negatively impact the food supply chain". Wow, that almost sounds like it might be a threat. We of course, blame fedi. cloudFlareIsTheMalware supplyChains agriculture farming ([dsfgs@activism.openworlds.info](https://activism.openworlds.info/@dsfgs/108181640490400689))
 								- TIL Pixelfed is protected by Cloudflare. Ouch. ([ru@fosstodon.org](https://fosstodon.org/@ru/108181418478420297))
-												commit
											
										
										
											2022-04-23 08:10:13 -04:00
+								- @icedquinn Sustainable Australia Party used to call these "de facto standards" "naturalMonopolies". They used to argue that such natural monopolies must be made public. They may still do, but we can no longer access their site as cloudFlare blocks access to it. Cloudflare serve a number of other minorParty websites, all of which are inaccessible. Keep in mind, Australia is IN AN ELECTION, right now. auspol privacy electionMeddling electionRigging USA democracyDoesNotExist ([dsfgs@activism.openworlds.info](https://activism.openworlds.info/@dsfgs/108181111698479070))
-												commit
											
										
										
											2022-04-23 04:10:18 -04:00
+								- Behördenwebsites mit Cloudflare "we are checking your browser" ([quincy@chaos.social](https://chaos.social/@quincy/108179883508136249))
-												commit
											
										
										
											2022-04-22 16:10:22 -04:00
+								- If you want to opt-out of Visa’s information sharing, you must give your card to Visa’s Cloudflare website. Is this catch22 legal, considering Visa is legally obligated to offer the opt-out? ([koherecoWatchdog@freeradical.zone](https://freeradical.zone/@koherecoWatchdog/108176690207008793))
-												commit
											
										
										
											2022-04-22 09:30:06 -04:00
+								- Hahaha. Now even CloudFlare'd sites are dropping initial connection attempts. Just die, CloudFlare. cloudFuckd cloudFucked dieCloudFlare ([dsfgs@activism.openworlds.info](https://activism.openworlds.info/@dsfgs/108174798782492937))
-												commit
											
										
										
											2022-04-21 04:10:20 -04:00
+								- @fedithom @fdroidorg You need to separate the facts from the judgment. The irrefutable fact is that Cloudflare sees all data going to CF-hosted Fdroid servers incl. ssl. What Cloudflare harvests from the F-droid mirrors is anyone’s guess b/c those facts are concealed from the public. Even if Cloudflare were to claim not to, they’ve been caught making false statements before, thus untrustworthy. ([bojkotiMalbona@infosec.exchange](https://infosec.exchange/@bojkotiMalbona/108168770251173981))
 								- @fdroidorg @iska The answer is the website, for now. Experts &amp; streetwise users are being driven off the Fdroid app but the fdroid website is still easy to detect Cloudflare on (there are a number of tools to do this) and then sideload the apps. ([bojkotiMalbona@infosec.exchange](https://infosec.exchange/@bojkotiMalbona/108168857872534511))
 								- @fdroidorg @iska There is a project dedicated to finding Cloudflare websites. It’s such a huge undertaking that the project struggles to keep up with it. This is nothing that you could reasonably expect each Fdroid user to undertake on their own. ([bojkotiMalbona@infosec.exchange](https://infosec.exchange/@bojkotiMalbona/108168878863849485))
 								- @iska @fdroidorg What’s a specific firewall implementation that gives users the option of using a custom filter? BTW, you’re not just blocking one IP address. Cloudflare has around ~10-15% of all websites in the world. That’s a lot of IPs stemming from a lot of ASNs, and the ASN lookups are non-trivial because some CF websites are not tagged in the ASN info as belonging to CF. ([bojkotiMalbona@infosec.exchange](https://infosec.exchange/@bojkotiMalbona/108168867633647833))
-												commit
											
										
										
											2022-04-20 16:10:38 -04:00
+								- Fdroid is getting dicey for privacy now that are allowing a tech giant to snoop on who fetches which app. Many users choose @fdroidorg for security, but security is compromized when Cloudflare is given reconnaisance data on the apps and versions various users are running. This info opens up Fdroid users to attacks that exploit known bugs. ([bojkotiMalbona@infosec.exchange](https://infosec.exchange/@bojkotiMalbona/108165961277908385))
 								- @fdroidorg I suggest not trusting the Fdroid app itself anymore. By default it enables ~6 mirrors, any of which can become Cloudflared w/out notice. There is no toggle to automatically block or disable Cloudflare hosts. It’s thus more secure to fetch f-droid apps from the web over Tor, after checking whether a host is CF’d. ([bojkotiMalbona@infosec.exchange](https://infosec.exchange/@bojkotiMalbona/108166039629460241))
-												commit
											
										
										
											2022-04-20 03:30:42 -04:00
+								- ↳ [Back to list](../people/)