diff --git a/subfiles/classics/README.md b/subfiles/classics/README.md new file mode 100644 index 0000000000..80515176eb --- /dev/null +++ b/subfiles/classics/README.md @@ -0,0 +1,47 @@ +``` + ABOUT /subfiles/classics/* + +THIS PAGE IS AN ARCHIVED HISTORY. +IF YOU NEED LATEST INFORMATION, PLEASE READ OTHER FILES (not /classics/) +``` + + +------------- + +# CloudFlare Watch + + +![](img/sher2.gif) ![](img/cfsign.jpg) + + +CloudFlare is a venture-funded startup that routes around Internet abuse by +acting as a reverse proxy. They also encourage illegality by allowing hackers, +DDoSers, cyberbullies, and copyright pirates to hide behind their servers. +By 2015, CloudFlare was even [protecting websites](isis.md) that recruited for ISIS. + + +- [Uncovering bad guys hiding behind CloudFlare](cfs.md) +- [Is CloudFlare affected by the EU's GDPR?](cfgdpr.md) +- [NYT: CloudFlare protects child-abuse porn sites](nytporn.txt) +- [CloudFlare attracts "repeat infringers"](repeats.md) +- [CloudFlare's half-baked SSL](cfssl.md) +- [Is CloudFlare a honey pot?](honeypot.md) +- [CloudFlare's wonky nameserver setup](cfnsdump.md) +- [Some domains that recently used CloudFlare](cfsites.md) +- [Where in the world are those CloudFlare domains?](cfusers.md) +- [The gang at CloudFlare aids and abets cybercriminals](cfgang.md) + +![](img/marx2.gif) + +- [Carders love CloudFlare](carders.md) +- [CloudFlare's growth is not so amazing](cfgrowth.md) +- [CloudFlare seeks riches through anarchy](twisted.md) +- [Spamhaus blocks CloudFlare's IP ranges](cfblock.md) +- [Those laughable CloudFlare terms of service](cfterms.md) +- [Dear Damon Billian: We're not as stupid as you think!](damon.md) +- [CloudFlare still chummy with ex-cons from LulzSec](lulzsec2.md) + + +--- + +"_We miss you. you will never be forgotten._" \ No newline at end of file diff --git a/subfiles/classics/carders.md b/subfiles/classics/carders.md new file mode 100644 index 0000000000..ce53775b17 --- /dev/null +++ b/subfiles/classics/carders.md @@ -0,0 +1,36 @@ +``` +Americans are more likely to worry about having credit card information they used in stores +stolen by computer hackers than any other crime they are asked about. +``` + — Gallup.com, October 2014 + + +### Carders love CloudFlare + + . . . like flies love honey? + + +The carder domains listed here were online between February 2014 and August 2021, and hiding behind CloudFlare. This list will be out of date within a few weeks, because carders frequently change domain names and service providers. After all, it is illegal to sell stolen credit card data no matter where you live. + +CloudFlare doesn't care about laws. They're in Silicon Valley, where the rich get richer, lobbyists own the lawmakers, and eveyone else faces higher rents and evictions. As far as we can tell, CloudFlare has done exactly nothing about criminals using their services. We thought they might do something about the marketing of 40 million credit cards stolen from Target in late 2013, but we were wrong. The major criminal exploiting this heist calls himself "Rescator," and he still uses CloudFlare. He might even be the Boss Man. His screen name appears on a couple dozen of the domains listed on this page. + +![](img/resc3.png) + +Maybe CloudFlare admires Rescator because his images are so cool. The one on top announced a batch of cards from Target in early December, "Pearl Harbor" was announced on January 13, and "Beaver Cage" on February 8. The next one, "Desert Strike," announced 282,000 cards on March 3. These are from 2,600 Sally Beauty locations in the U.S. The "Sanctions" image appeared on September 2, and is related to a breach at Home Depot stores. + +Our theory is that CloudFlare is waiting for more images. A year or so from now they could have a full set in their trophy case. Then CloudFlare can boast that their venture-funded start-up enjoys immunity from all civil and criminal laws. That would be a perfect time to make a killing with an IPO. + +![](img/holder.gif) + +![](img/pcihype.png) + +![](img/village.gif) + +![](img/badge1.gif) + +![](img/proxies.gif) + + +--- + +[home page](README.md) \ No newline at end of file diff --git a/subfiles/classics/cfblock.md b/subfiles/classics/cfblock.md new file mode 100644 index 0000000000..88556d5e14 --- /dev/null +++ b/subfiles/classics/cfblock.md @@ -0,0 +1,85 @@ +# Spamhaus blocks CloudFlare's IP ranges + + +Spamhaus says about CloudFlare: + +``` +Hosting service refuses to shut off abusers. Spam & cybercrime +'reverse proxies' stay up after being reported. Cybercrime world +now knows of this 'bulletproof hosting' and is rushing here. +``` + +> July 2012 + + +[Spamhaus](https://web.archive.org/web/20210826103614/http://en.wikipedia.org/wiki/Spamhaus) is an international nonprofit organization founded in 1998. On July 11, 2012 they added nearly the entire CloudFlare range of IP addresses to their SBL (Spamhaus Block List). [These three entries](spamhaus.md) are labeled "escalation" and include 37,000 addresses. (CloudFlare's own complete list of their IP ranges contained 44,500 IP addresses in July, 2012. Assuming that some of these were for future expansion and presently unused, this meant that Spamhaus had essentially added all of cloudflare.com to their SBL.) + +This doesn't mean that the domains are unavailable. All it means is that you are less likely to find a CloudFlare-affiliated domain embedded in spam or phishing emails. And if your email address is based on a domain that is protected by CloudFlare, your system administrator might discover that outgoing emails are blocked by upstream providers who use Spamhaus blacklists. There is nothing your sysadmin can do about this except to turn off CloudFlare's service, causing your domain to resolve to a non-CloudFlare IP address. + +![](img/prince.jpg) + +Matthew Browning Prince, born on 1974-11-13, is the CEO and co-founder of CloudFlare. Thanks to a [rich dad](https://web.archive.org/web/20210826103614/http://web.archive.org/web/20081002173414/http://www.mufranchisee.com/article/453/), he attended the University of Chicago Law School ('00) and Harvard Business School ('09). Prince taught Internet law and was a specialist in anti-spam laws and phishing investigations. It's a mystery why he joined the Dark Side. + +CloudFlare has not yet borrowed Google's "don't be evil" motto. Perhaps this is because his company was wantonly libertarian and aggressively overhyped right out of the starting gate, so that pretending to embrace probity could prove embarrassing. His [thoughts on abuse](https://web.archive.org/web/20210826103614/http://blog.cloudflare.com/thoughts-on-abuse) are pathetic for someone who should know better. + +See also (Oct 2013): [Phishers using CloudFlare for SSL](https://web.archive.org/web/20210826103614/http://news.netcraft.com/archives/2013/10/07/phishers-using-cloudflare-for-ssl.html) + +In fact, sysadmins everywhere will feel safer if they block all of CloudFlare's ranges: + +``` + 103.21.244.0/22 (103.21.244.0 - 103.21.247.255) + 103.22.200.0/22 (103.22.200.0 - 103.22.203.255) + 103.31.4.0/22 (103.31.4.0 - 103.31.7.255) + 104.16.0.0/12 (104.16.0.0 - 104.31.255.255) + 108.162.192.0/18 (108.162.192.0 - 108.162.255.255) + 131.0.72.0/22 (131.0.72.0 - 131.0.75.255) + 141.101.64.0/18 (141.101.64.0 - 141.101.127.255) + 162.158.0.0/15 (162.158.0.0 - 162.159.255.255) + 172.64.0.0/13 (172.64.0.0 - 172.71.255.255) + 173.245.48.0/20 (173.245.48.0 - 173.245.63.255) + 188.114.96.0/20 (188.114.96.0 - 188.114.111.255) + 190.93.240.0/20 (190.93.240.0 - 190.93.255.255) + 197.234.240.0/22 (197.234.240.0 - 197.234.243.255) + 198.41.128.0/17 (198.41.128.0 - 198.41.255.255) + 199.27.128.0/21 (199.27.128.0 - 199.27.135.255) +``` + +![](img/cleary2.jpg) + +If you are running Linux, you can enter nullroutes for CloudFlare without trying to figure out iptables. We use it on our server because CloudFlare-affiliated cybercriminals have a history of DDoSing us. One of them is named Ryan Cleary and he is in jail now in the UK. He won't get out anytime soon — he pleaded guilty and has also been indicted by a U.S. grand jury. Poor Ryan would feel better if Mr. Prince visited him in jail and offered a little bit of immoral support. + +These commands will block access to CloudFlare domains for all traffic to and from your Linux box. Normally a domain that uses CloudFlare won't be coming into your box with their CloudFlare IP address. But with all those cybercriminals using CloudFlare, you never know what trickery is afoot. After these blocks, any attempt to access your box from cloudflare.com will time out. Best of all, anyone sharing your box won't be able to get to CloudFlare to read Mr. Prince's excuses. To remove these blocks, just change "add" to "del" and run the script again, or you can reboot. + +``` + /sbin/route add -net 103.21.244.0 netmask 255.255.252.0 reject + /sbin/route add -net 103.22.200.0 netmask 255.255.252.0 reject + /sbin/route add -net 103.31.4.0 netmask 255.255.252.0 reject + /sbin/route add -net 104.16.0.0 netmask 255.240.0.0 reject + /sbin/route add -net 108.162.192.0 netmask 255.255.192.0 reject + /sbin/route add -net 131.0.72.0 netmask 255.255.252.0 reject + /sbin/route add -net 141.101.64.0 netmask 255.255.192.0 reject + /sbin/route add -net 162.158.0.0 netmask 255.254.0.0 reject + /sbin/route add -net 172.64.0.0 netmask 255.248.0.0 reject + /sbin/route add -net 173.245.48.0 netmask 255.255.240.0 reject + /sbin/route add -net 188.114.96.0 netmask 255.255.240.0 reject + /sbin/route add -net 190.93.240.0 netmask 255.255.240.0 reject + /sbin/route add -net 197.234.240.0 netmask 255.255.252.0 reject + /sbin/route add -net 198.41.128.0 netmask 255.255.128.0 reject + /sbin/route add -net 199.27.128.0 netmask 255.255.248.0 reject +``` + +### Snake oil for harried webmasters + +In 2009, [New York Times](https://web.archive.org/web/20210826103614/http://www.nytimes.com/external/readwriteweb/2009/10/13/13readwriteweb-google-accounts-for-6-of-all-internet-traff-90323.html) reported that according to a two-year study, Google accounts for six percent of all Internet traffic worldwide. One year later CloudFlare launched. By early 2012, according to Matthew Prince in [Forbes](https://web.archive.org/web/20210826103614/http://www.forbes.com/sites/eliseackerman/2012/02/29/how-cloudflares-free-ddos-protection-service-is-disrupting-the-multibillion-dollar-computer-security-and-content-delivery-markets), on any given day 25 percent of the Internet's visitors pass through CloudFlare. Does this mean that CloudFlare handles four times more traffic than Google? They obviously know what they're doing. You cannot go wrong! + +![](img/snake3.gif) + +Matthew Prince made a similar statement on July 18, 2012: "We do more traffic than Amazon, Wikipedia, Twitter, Zynga, AOL, Apple, Bing, eBay, PayPal and Instagram combined," chief executive Matthew Prince told [VentureBeat](https://web.archive.org/web/20210826103614/http://venturebeat.com/2012/07/18/cloudflare-amazon-wikipedia-twitter/). "We're about half of a Facebook, and this month we'll surpass Yahoo in terms of pageviews and unique visitors." + +Curiously, Mr. Prince changed his tune in [August 2013](https://web.archive.org/web/20210826103614/http://blog.cloudflare.com/cloudflare-and-free-speech): "Today, approximately four percent of web requests flow through our network." Is CloudFlare slowing down? Not at all. The previous June he told [The Economist](https://web.archive.org/web/20210826103614/http://www.economist.com/news/international/21579818-theres-only-so-much-you-can-do-denying-deniers) that he is adding 5,000 customers per day. + +If CloudFlare adds 5,000 per day over the course of a year, how does its share of Internet traffic go from 25 percent to 4 percent? Who is more guilty of spreading bullshit — high-tech CEOs, or fanboy publications that print anything they say? (More background on Prince is available [here](honeypot.md).) + +--- + +[home page](README.md) \ No newline at end of file diff --git a/subfiles/classics/cfgang.md b/subfiles/classics/cfgang.md new file mode 100644 index 0000000000..216b34e3c9 --- /dev/null +++ b/subfiles/classics/cfgang.md @@ -0,0 +1,1725 @@ +# The Gang at CloudFlare: +## aiding and abetting cybercriminals + + +In early 2013, CloudFlare deleted the +surnames from their "[our gang](https://web.archive.org/web/20210826102850/https://www.cloudflare.com/people)" page. + + +_Are they ashamed? Or paranoid?_ + +_Or is this merely a case of simple modesty?_ + + +![](img/modest.jpg) + +![](img/code5.gif) + + +``` + Matthew Prince Cofounder, CEO + Lee Holloway Cofounder, Lead Engineer + Michelle Zatlyn Cofounder, President + Matthieu Tourne Systems Engineer + Ian Pye Analytics Engineer + Srikanth N. Rao Systems Reliability Engineer + Damon Billian Community Evangelist + Terry Rodery Network Engineer + Kristin Tarr Communications Specialist + John B. Roberts Platform Lead + Lyn Hines Technical Support Engineer + Kevin Wilson Visual Designer + David Conrad Technical Staff + Justin Paine Head of Trust & Safety + Ram Nadella Web Developer + Ray Bejjani Systems Engineer + Jerome Chen Partner Engineer + Joshua Motta Special Projects + Jeremy Teale Operations Engineer + John Graham-Cumming Chief Technology Officer, Lisbon + Greg Lee Coleman Systems Engineer + Brett Erilane Operations Engineer + Ian Applegate Systems Engineer + Maria Karaivanova Business Development + Tom Paseka Network Engineer + Sébastien Pahl Systems Reliability Engineer + Dane Knecht Business Development & Partnerships, Austin + James Greene Web Engineer + Ryan Carter Systems Reliability Engineer + Yichun Zhang Systems Engineer + Dean Riskas Customer Development + Josh Dankbaar Systems Reliability Engineer + Jenn Suzuki Team Coordinator + Terin Stock Web Developer + Algin Martin Technical Support Engineer + Jamie Tomasello Policy and Investigation + Tony Stuck Web Developer + Josh Enders Operations Engineer + Max Nystrom Product Manager + Piotr Sikora Systems Engineer + Jaime Sparr Visual Designer + Andrew Galloni Front End Engineer, London + Rajeev Sharma Systems Engineer + Sam Howson Support Engineer, London + Serena Satyasai Marketing Lead + Trey Guinn Solutions Engineer + Amy Kux Finance + Marty Strong Technical Support Engineer, London + Nick Sullivan Head of Cryptography + Subhashni Balakrishnan Systems Engineer + James O'Gorman Systems Reliability Engineer, London + Kenneth R. Carter In-House Counsel + Simon Moore Support Engineer, London + Jerome Fleury Director of Network Engineering + Chris Merritt Chief Revenue Officer + Nitin Bantwal Rao Head of Global Infrastructure + Austin McKinley Systems Engineer + Jiale Zhi Systems Engineer + David Schlesinger Systems Reliability Engineer + Zygimantas Skulteckis Systems Reliability Engineer, London + Micah Smurthwaite Customer Development + Albert Strasheim Systems Engineer + Marek Majkowski Systems Engineer, London + Anirban Banerjee Systems Engineer + Adam Woss Systems Reliability Engineer + Slava Mudry Database Engineer + Amir Tahsini Customer Development + Buck Wallander Network Engineer + Conley Read Product Engineer + Megan Alderete Customer Development + Daniel Morsing Systems Engineer, London + Jeremy Meeks Support Engineer + Travis Perkins Customer Success Engineer + Stefan Silasi Systems Reliability Engineer, London + Gregory Allen Talent + Ryan Kibler Web Engineer + Eric Lugo Support Engineer + Kenny Chan Web Engineer + Shuxin Yang Systems Engineer + Elenitsa (Eli) Staykova Marketing + Jen Norvelle Finance + Ryan Boye Visual Designer + Martin J. Levy Network Strategy + Kyle Isom Systems Engineer + Andrew Kennedy Web Developer + Zi Lin Systems Engineer + Michael Truong Systems Reliability Engineer + Jono Bergquist Solutions Engineer + Nate Asp Customer Development + Jameson Sundell Support Engineer + Manish Jindal Customer Development + Grace Lin Special Projects + Benjamin Cartwright-Cox Support Engineer, London + Davide D'Amico Systems Reliability Engineer, London + Chris Howells Systems Reliability Engineer, London + Xingang Wang Systems Engineer + Andrew A. Schafer Writer + Noah Garrett Wallach Network Engineer + Fay Lidan Dai Product Intern + Murtaza Sajjad Legal Intern + Daniella Vallurupalli Communications + Ryan Lackey Product Engineer + Tim Hoffman Network Engineer + Martijn Gonlag Support Engineer + Jonathan Stasiak Systems Reliability Engineer + Gwyneth Jones Team Coordinator + Lily Andalon Accountant + David Ngo Trust & Safety Engineer + Gerhard Esterhuizen Engineering Manager + Thanh Bui Customer Development + Guanlan Dai Systems Engineer + Kent Shultz Systems Reliability Engineer + Xiaolin Gong Special Projects + Piotr Lipski Web Engineer, London + Jacob H. Haven Systems Engineer + Ashish Gandhi Systems Engineer + Filippo Valsorda Systems Engineer, London + Luke Overend Support Engineer, London + Matthew Gall Trust & Safety Engineer, London + Corey Lambert Manager + Olafur Gudmundsson Systems Engineer + Daniel Weidman Engineering Manager + Sylvia Kuyel Customer Success Engineer + Kamilla Amirova Solutions Engineer + James Kyle Front End Engineer + Bill Phillips Customer Development + Lukasz Mierzwa Systems Reliability Engineer, London + Gideon Redelinghuys Systems Reliability Engineer + Tommy Larsen Customer Development, London + Dan Hollinger Solutions Engineer + David Fritsch Web Engineer + Peter Dumanian Business Development + Jovi Zhangwei Systems Engineer + David Kitchen Systems Engineer, London + Daniel Wesonga Customer Development + Marc W. Rogers Principal Security Researcher + Alan Braithwaite Systems Engineer + Brent Coco Trainer + George Henry Infrastructure Engineer + Allen Lai Head of Support + Pasha Kravtsov Support Engineer + Rachele Gyorffy Customer Success Engineer + Michael R. Nelson Public Policy + Heather West Public Policy + Judy Hoctor Executive Assistant + Alexander Dwyer Account Executive + Zeeshan Parkar Network Engineer + Dani Grant Product Manager + Christopher Federico Solutions Engineer + Etienne Labaume Support Engineer, London + Tyler Matzen Recruiting Coordinator + Andy Silverstein Customer Development + Richard Thompson Network Engineer, London + Adena Kirkbride Customer Development + Dylan Etkin Engineering Manager + Michael Mirzai Customer Development, London + Geoffrey Plouviez Systems Engineer, London + Tom Brightbill Customer Success + Jim Schlies Programmer + Ardi Judanto Staff Accountant + Will Clithero Customer Development + Sebastian McKenzie JavaScript Engineer, London + Norm Slaught Customer Development + Lauren Buchman Marketer + Pradeep BalleChandrasekharan Newtork SRE + Patryk Szczyglowski Systems Engineer, London + Jimmy Crutchfield Support Engineer, London + Michael A. Daly Engineering Manager, London + Donald Endres Systems Reliability Engineer + James Ball Solutions Engineer, London + Radina Mihaleva Partnerships and Business Development + Betsy Sedlak Customer Success + Mark Steyn Front End Engineer, London + Robert Wang Product Engineer + Kendra Albert Legal Intern + Julia Knight Legal Intern + Tiffany Tai Sales Operations and Strategy + Alison Baum Special Projects + Vlad Krasnov Systems Engineer, London + Patrick R. Donahue Product Manager + Ignat Korchagin Systems Engineer, London + Derek Gonyeo Systems Engineer Intern + Jeremy Wagner-Kaiser Systems Engineer + Jimmy Halim Network SRE + Stefan Winer Customer Development + Matthew Cottingham Systems Engineer + Evan J. Johnson Systems Engineer + David Saunders Legal Counsel + Daniel Dao Systems Engineer, London + Suzanne Aldrich Engineering Manager + Wenz Xing Special Projects Intern + Sami Kerola Systems Reliability Engineer, London + Michael Tremante Solutions Engineer + Matt Allie Solutions Engineer + Ivan Balepin Systems Engineer + Ingvar Stepanyan JavaScript Performance Engineer, Ukraine + Marc Bodmer Front End Engineer + Maxwell Mitchell Statistician + Marina Harper HR Administrator + Joshua Kroll Systems Engineer + Jamie Robinson Sales Operations + Kelby Balson Customer Development + Lindsay Kotterman Customer Development + John Wineman Partner Integration Engineer + Bobby Lam Customer Development + Greg Cohn Customer Success Engineer + Roy Lo Customer Development, London + Steve Krause Legal Counsel + Alexander Huynh Systems Reliability Engineer + Mohamed Ibrahim Support Engineer, Singapore + Adarsh Seetharam Product Manager + Tom Lianza Engineering Manager + Michelle Brown Accountant + Ben Fathi Head of Engineering + Robert Dinh Special Projects + Vicky Shrestha Systems Engineer + Tristan Colgate-McFarlane Systems Reliability Engineer, London + Salvatore D'Agostino Web Engineer + Michael Girouard Web Engineer + Gilberto Bertin Systems Engineer, London + Jacob Vincent Customer Development + Neil Levio Customer Success, London + Stanley Tan Solutions Engineer + Alessandro Ghedini Systems Engineer, London + Roshni Hundel Recruiting Coordinator + James Askham Solutions Engineer + Morgan Miles Customer Development + Thomas Donnelly Network Engineer + Chris Jones Financial Planning + Marek Vavrusa Systems Engineer + Frieda Strachan Team Coordinator + Ivan Chin Customer Development, Singapore + Jimmy Yuen Ho Wong Front End Engineer + Matthew Silverlock Solutions Engineer + Mircea-Valeriu Ulinic Network Engineer, London + Christian Elsen Product Manager + Devin Shim Marketing Intern + Alex Tasioulis Support Engineer, London + Pierce Buxton Customer Development + Otto Imken Head of Support + Renee Main Account Executive + Sri Pangulur Customer Development + Javier Guerra Systems Engineer, London + Kyle Kloepper Systems Engineer + Jeppe Toustrup Systems Reliability Engineer, London + Brittany (Byers) Fritsch Product Manager + Nick Wondra Systems Engineer + Alonso Bustamante Special Projects, London + Chad Schaefer Customer Development + Marcie McBride Customer Development + Michael Lee Support Engineer + Rohit Agarwal Systems Engineer + Jonathan McElroy Customer Success Engineer + Rahul Mahajan Product Manager Partnerships + Alexandra Logan Customer Development + Shiloh Heurich Systems Engineer + Maik Pietsch Customer Development + Louis Poinsignon Network Engineer + Rachel Gonzalez Executive Assistant + Junade Ali Community Manager, London + Mohit Bijlani Customer Development + Taly Slachevsky Support Engineer + Matt Bostock Systems Reliability Engineer, London + Nicholas Comer Systems Engineer + Douglas James Kramer General Counsel + Michael Manov Technical Support Engineer + Tom Arnfeld Systems Engineer, London + Vojtech Miksu Front End Engineer + Daniel Freeman Marketing + Humberto Moreira Solutions Engineer + Ryan Knight Community + Blake Mattos Product Designer + Caroline Greer Public Policy, London + Tara Vancil Systems Engineer, Austin + Janet Van Huysse Head of People + Jake Sinkey Support Engineer + Peter Weaver Customer Support, London + Nela Collins Customer Success, London + Natalie Valdes Team Coordinator, London + David Lallement Account Executive - EMEA, London + Ricardo Catalinas Jiménez Systems Engineer, London + Warren Robins EMEA Customer Development, London + Pavel Odintsov Systems Engineer, London + Maurizio Monti Partnerships, London + Julien Desgats Systems Engineer, London + Chris Branch Systems Engineer, London + David Layson Customer Success, London + Miguel Mones Customer Success, London + Alexander Palaistras Systems Engineer, London + Bhavin Tailor Technical Support Engineer, London + Furkan Yilmaz Web Engineer, London + William Fisher Systems Engineer, London + Chris Kenney Partner Sales Manager, Austin + Victoria Bernard Customer Support, Austin + Patrick Lu Web Engineer + Yevgen Safronov Web Engineer, London + Zack Bloom Engineer + Eden Wee Customer Support, Singapore + Brady Gentile Product Marketing + Alex Dyner Head of Special Projects + Jessica Rosenberg Marketing Design + Meghan Weinreich Demand Generation + Gloria Marcu Support Engineer + Wanda Chiu Software Engineer + Jason Farber Solutions Engineer + Lavanya Ganesan Support Engineer, India + Kristján Oddsson Front-end Engineer, London + Rita Kozlov Solutions Engineer + Dina Kozlov Product Manager + Mohd Irtefa Product, Austin + Patrik Fuhrmann Software Engineer, London + Saad Hameed Growth and Marketing + Caitlin Magat Demand Generation + Anna-Maria Gyergyai Engineer + Kat Valentine Compliance Manager + Claire Tsai Global Expansion + Ashley McClain Events + Jaime Cochran Security Analyst + Christine Lam Customer Success + Stephanie Shattuck Paralegal + Vanessa Royle Public Relations + Shannon Leong Legal Counsel + Mika Akutsu Program Manager + Constance Kong Customer Development + Angie Kim Product Manager + Kenton Varda Tech Lead for Cloudflare Workers + Jade Q. Wang Developer Relations + Nena Nguyen Product Designer + Mihir Jham Systems Engineer + Rick Wootten Marketing and Advertising + Joshua Liebow-Feeser Information Security Engineer + Cassy Olson Account Executive + Timothy Fong Product Manager + Tim Strazzere Security Engineer + Scott Pearson Technical Support Engineer, London + Stephen Krings Security Engineer + Brian Harring Systems Engineer + Chris Snook Systems Engineer + Rommy Tosana Support Engineer, Singapore + Prasad Pai Technical Support Engineer, Singapore + Neerav Kumar Site Reliability Engineer, Singapore + Rustam X. Lalkaka Director of Product + Marcelo Moreira Site Reliability Engineer + Paul Cesar Marketing + Thomas J. Seifert Chief Financial Officer + Nick McGourty Account Executive + Eoin Brady Technical Support Engineer + Diane Tran IT Support Engineer + Alissa Starzak Public Policy, Washington DC + Jensen Kuras Programmer + Shay Padhye Customer Development + Adam Schwartz Cloudflare Apps + Vu Long Tran Customer Success, Singapore + Dragos Bogdan Product Marketing Manager + Remy Guercio Product Marketing + Anthony Davanzo Product Marketing + Felipe B. Flores Customer Success Manager + Dina Aluzri Events + Brian Mitchell Support Engineer + Mary Mac Williams Event Coordinator + Shammah Chancellor Systems Software Engineer + Snigdha Kulshreshtha Customer Success + Sam Whited Systems Engineer, Austin + Henry de Valence Engineer + Jimmy Lim Network Engineer, Singapore + Eldridge Alexander Global IT Lead + Sergi Isasi Product Manager + Philina Fan Product Design + Alex Cruz Farmer Product Manager for Security + Jayapriya Surendran Web Services Engineer + Brendan McMillion Engineer + Ivan Babrou Systems Engineer + Thayer Prime Recruitment Lead, London + Mustafa Khalifa Business Development, Singapore + Rebecca Dunek Graeber Customer Success Engineer + Andrew Fitch Developer Relations + Shannon C. Colin Business Development + Higinio Ochoa Application Security Engineer + Kari Linder Designer + Scott Tomtania Head of Recruiting + Jenny Dee Brecheisen Brand Designer + Charlie Andrews Systems Engineer + Tanya Paige Recruiting + Kelley Welsh Recruiting + Will Buckner Systems Engineer + Wesley Shi Systems Engineer + Chris Broglie Web Services Engineer + Frank Taylor Solutions Engineer + Arman Baratifar Business Intelligence + Windy MacDowell Executive Assistant + Anil Karavadra Business Development Manager EMEA + Shaffi Chogley Customer Success Engineer, London + Tom Strickx Network Software Engineer + Aaron Meyer-Abbott Client Success Engineer + Ka-Hing Cheung Systems Engineer + Olga Skobeleva Solutions Engineer, London + Andronicus Riyono Support Engineer, Singapore + Harris Hancock Systems Engineer + Braden Ehrat Systems Engineer + Steven Pham Account Executive + Joseph Prete Customer Development + Eric Liu Technical Program Manager + Colin Murray Solutions Engineer + Vasco Asturiano Front End Engineer + John Bauer Systems Engineer + Dylan Saffer Business Development + Hasan Sanli Trust and Safety Engineer, London + Yana Chen Customer Success + Tim Ruffles Systems Engineer, London + Michael Pinter Front End Engineer + Henry Heinemann Business Development, London + Colin Douch Systems Reliability Engineer + Uzma Ali Business Development + Alex Ta Accountant + Adam Martinetti Support Engineer + Abdulrahim Harara Business Development + Jake Farrell Customer Development + Alayzain (Zain) Rizavi Customer Development + London Zhang Design + Sherry Apostol Executive Assistant + Margo Brown Q1 Marketing Partner + Alexander Bocharov Data Engineer, London + Emily Elliott Sales Operations + Vidya Ramakrishnan Human Resources + Matthew Williams Marketing + Jason Paryani Systems Engineer + Vikash Mishra Country Manager, India + Jamie Ede Technical Support, London + Kruthi Narayana Technical Expert + Talea Seyed Customer Success + Nick Simmons Business Development + Matthew Bullock Solutions Engineer, London + Jason Tanner Recruiting + David Wragg Engineer, London + Alex Forster Systems Engineer, Austin + Aliza Knox Head of APAC, Singapore + Flaviu Lang Account Executive + Dawn Giusti Relations Analyst + Richard Boulton Engineering Manager, London + Alek Amrani Product Security Engineer + Rui Silva Technical Support Engineer + Stewart Peugh People Systems & Analytics + Sergey Nuzhdin Data Engineer + Sindu Vijayakumar Systems Engineer + Pablo E. Viera Business Development + Steven Pack Product Manager + Sarah Lewis Cortes Privacy Compliance + Dave Steer Marketing + Shawn Nelson Infrastructure Supply Chain + Alex Vidal Product Strategy + Manu Sharma Account Manager + Kornel Lesinski Performance Engineer, London + Nina Wang Head of Tax + Jonathan Burling Customer Success Manager + Shen Zhang Salesforce Developer + Garrett Galow Product + Catherine Flagler Recruiter + Renee Farrell Infosec Compliance Manager + Katy Brogan Customer Success + Vasti Porter Front Desk + Emily Wimmer Legal + Lisa Retief Engineering Manager + Rebecca Clayman Brand Marketing + Annie Yichen Tang Sales Operations Lead + Ramon Garcia Account Executive + Drew Herron Brand Designer + Maciej Bilas Software Engineer, Poland + Winnie Ip Marketing Operations Specialist + Jon Levine Product Manager + Amit Lift Business Development + Joaquin Madruga Engineering Director + Joseph Younis Solutions Engineer, London + Tim Obezuk Solutions Engineer, London + Mauro Nogueira Solutions Engineer + Justina Wong Technical Support Engineer, Lisbon + Aakash Shah Data Center Administrator + Travis Carr Platform Engineer + Stephane Nouvellon Solutions Engineer, London + Pablo Camino Solutions Engineer + Olivier Foucher Network Engineer + Jeremy Udit Systems Reliability Engineer + Aaron McGuire Technical Support Engineer, London + Jake Serrano IT Operations Engineer + Felipe Tribaldos Customer Development + Michael Polovko SRE Manager, London + Ryan Timkin Systems Reliability Engineer + Sohei Okamoto Distributed Systems Engineer + Jake Riesterer Software Engineer + Mona Hadidi Customer Success Manager + Jay-o Hyon Customer Success + Hiren Panchasara Systems Engineer + Rick Magarro IT Operations Engineer, Singapore + Emily Hancock Data Protection Officer + Andria Bouskos Head of Legal Compliance + Xin Meng Solutions Engineer, Singapore + Mahrud Sayrafi Cryptography Engineer + Maitane Zotes Security Engineer + Aljona Tcherniavskaia Marketing Globalization Strategist + Chris Chua Customer Success Manager, Singapore + Andy Wimmer Technical Support Engineer + Christie Draper Technical Support Engineer + Irena Islam Customer Success Engineer + Zack Proser Web Engineer + Chris Scharff Solutions Engineer, Austin + Joe (Joseph Edmund) Sullivan Chief Security Officer + Brittany Brown Public Relations Associate + Judy Ann Abbgy Stock Plan Manager + Adam Chalmers Systems Engineer, Austin + Sachin Fernandes Systems Engineer + Benedikt Christoph Wolters Systems Engineer, London + Luke Valenta Cryptography Engineer + Lohith Bellad Protocol Engineer + Jasmina Vanvooren Business Development + Monicah Kwamboka Web Engineer + Ahrenn Sivananthan Product Management Intern + Dastagiri Reddy Data Engineer + Susan Hobbs Chief of Staff + Alejandro Ramirez Information Security Compliance Intern + Sierra Molina Recruiting Operations Manager + Gaurav Mallawat Solutions Engineer + Kirk A. Schwenkler Solutions Engineer + John Esterline Technical Support Engineer + Chris Wang Solutions Engineer, Singapore + Chris Adam Solutions Engineer + Garret Brown Technical Support Engineer + Jeehoon Kim Systems Engineer + Brian Mgrdichian Solutions Engineer + Kirk Washington Technical Support Engineer + Dimitris Antonellis Engineering Manager + Yuchen Wu Systems Engineer + Travis Raines Technical Support Engineer + Jeffrey Pollock Customer Success Engineer + Alex Krawiec Technical Writer and Engineer + Ross Guarino Systems Engineer + Jeff Nucum IT Engineer + Henry Andrews Systems Engineer + Yaely Knebel Customer Success Engineer + Mike Michon Head of Data Engineering + Blake Williams Customer Success Engineer + Renan Dincer Systems Engineer + Kate Pang Customer Success Engineer + Misha Girshfeld Customer Success Engineer + Ryan Kiernan Customer Success Engineer + Bob Kuo Systems Engineer + Anthony Leong Solutions Engineering + Ricardo Reinah Support Engineer + Michael Vanderwater Systems Engineer + Usman Muzaffar VP of Engineering + Stephen Pinkerton Product Manager, Austin + Peng Zhang Systems Engineer + Jason Yu Business Development + Scott Jones LMS Administrator / eLearning Developer + Sam Rhea Product Manager, Austin + Colin Lim Head of Sales, APAC and Japan + Ashley Gorringe Partner Account Manager + Christopher Rotas Customer Development + Don Choo Relationship Manager + William da Cunha Head of Sales (Americas) + Sam Aued + Alex Thiang Relationship Manager + Justin Fong Marketing Manager + Alvin Tai Enterprise Sales + Sierra Dasso Account Executive + Dan Brittingham Sales Operations + Mike Genstil Strategic Partnerships + Song Zihao + Antonia Tran R & D Solutions + Chris Conanan Business Development + Marshall Portwood Enterprise Account Executive + Ramkumar Annasami Customer Development + Alonso Quiroz Herrera + Eona Sagala Accountant + Brandon Crowe Enterprise Account Executive + Gigi Chiu + Ben Peera + Cristina Lasagni Sales Executive + Leah Moskovic Account Executive + Lana Gulden Accounts Receivable + Jessamine Bailey Data Center Operations + Frances Liu + Rio Pesino Senior Account Executive + Paul Taulborg Windows NT + Amin Fawzi Business Development + David Kephart Windows NT + Lex Broekmeulen Windows NT + Ashley Eining + Joe Mocquant Software Engineer + Bruce Rabinowitz Windows NT + Carson Andorf Windows NT + Shane Ossa Technical Training Program Manager + Karim Dik Windows NT + Frankie Hui + Christoph Hermann Windows NT + John Arndt Customer Development + Andrew Shifflett Account Executive + Larry Sandoval Windows NT + Sylvia Kim Human Resources Administrator + Peter Belesis + Moritz Wegner + Suyash Sharma Customer Development + Ewa Klepaczewska Windows NT + Samuel Coates Attorney + Abby Morrill Assistant Controller + Chaat Butsunturn Customer Development + Stephan Lachowsky + Yeo Kezhong Enterprise Account Manager + James Culveyhouse + Dianne Shimakura + Oriol Sabate + Sadaf Rajabi Suppy Chain Operations + Marshall Crockett + Preston Pham + Shane Baxter + Billy Kander Technical Recruiter + Stuart Nesbitt + Carl Garcia Account Executive + Damian Parker + Jordan Pritchard + Barton Pickett + Gehrig Kunz + Igor Postelnik + Ryan Djurovich Systems Engineer + Ivan Nikulin + Hitendra Katariya Sales Operations + Andres de Fuenzalida + John Kaden General Manager, Public Sector + Julian Hunt EMEA Customer Development + Jin Kim + Ben Filreis Business Development + Matt Holscher Sales + William Robledo Datacenter Deployments + Janae Frischer Recruiting + Joe Astroth Enterprise Sales + Dana Cohen People Team Business Partner + Michael Veramo Enablement, Learning and Development + Mitul Limbachiya + Cathy Hsu + Michael Aylward Customer Development + Federico Fratucello Windows NT + Matthew DiDomenico Customer Development + Aerene Aphiwatudomkun Customer Development + Filipp Nisenzoun + Ben Burkert + Beth Watson + Armando Faz-Hernandez Cryptography Engineer + Jonathan Bruce Product + Sevki Hasirci Software Engineer, London + Timothy Polich Systems Engineer + Xuzhe (Quincy) Zhuang Technical Support Engineer + Sophie Qiu Customer Success Manager, Singapore + Zaid Farooqui Product Manager + Jonathan Ganz Application Security Engineer + Aaron Fiorucci Account Executive + Jayson Cena Systems Reliability Engineer + Kelleen O'Toole People Ops Coordinator + Cristina Lee Event Coordinator + Spencer Schwandt Account Executive + Patrick Meenan Web Performance + Helen Tabunshchyk Systems Engineer, London + Taylor Lemmon Account Executive + Nick Balestra-Foster Frontend Platform Engineer, London + Jacqueline Lim Team Coordinator, Singapore + Ed Burns Technical Recruiter + Malcolm Bouza Accountant + Matthew DuBois Sales Leader + Daniel Carrillo Account Executive + Michael Nielsen Information Security Analyst + Chuan Murasaki-jima IT Manager + Jose Conado, Jr. Infrastructure Engineer + Stephen K. Lo Customer Success + Keeran Marquis Engineer, London + Ellie Cooper Austin + Fai Varinthorn Singapore + Cale Quasha Sales Manager + Andrew Sharp Software Engineer, Austin + Vivek Ganti Product Marketing + Jason Senechal Enterprise Account Executive + Erica Fox Public Policy + Boris Yanovsky People Data Analyst + Kristin Hart Executive Assistant + Chris Wong Sales Operations + Gabriele (Gabbi) Fisher Systems Engineer, Crypto Team + Richard Sommerville + Sue H.J. Lim Customer Development, Singapore + Naveen Singh Solutions Engineer + Liam Reese Business Development + Matteo Manfredi Community Leader + Millie Chan Front End Engineer + Jake Anderson Head of Marketing + Susan Lin Lead Product Designer + James A. Allworth Head of Innovation + Lilah Brander + Kim Jin-Woong Head of Sales + Jesse Sapakie Revenue Accountant + Susan Chiang + Dennis Looney + James Berry Customer Success Manager + Greg Kracik Customer Success Engineer + Dan Johns + David Li Sales Operations and Strategy + Steven Pirnik Data Center Services + Janette Camacho + Jon Rankin Solutions Engineer + Christopher Martin Customer Support Engineer + Jamie Herre + Gabriel da Silva + Michel Bamps + Michelle de Venoge + Bryan Vale + Kris (Krzysztof) Kwiatkowski + Ian Spivey Engineering Manager, Austin + Warren Nelson Systems Engineer + Avery Harnish Systems Engineer + Rob Freeman + Jay Kreibich Software Engineer + Andrew Horton + George Robinson + James Wells + Jonathan Seow Infrastructure Engineer + Candice Madruga Knoll Customer Success Manager, LATAM + Calvin Scherle Solutions Engineer + Simon Steiner Product Partnerships Lead + Valentine Décamps Customer Success Manager + Deon Roos Solutions Engineer + Hemel Patel Account Executive + Ko Stoffelen + Mike Haddan Support Tickets + Matt Alberts + Jansen Chiu Network Infrastructure + Marek Kroemeke + Alex Chan + Nelson Chen Customer Development + Nick Legger + Vikas Chopra Account Executive + Jim Gonzales + Ian Tolond + Nikon Rasumov + Suman Rayala Regional Sales Manager + Vinent Mugabo + Wanda Lee Enterprise Solutions + Brad Carey Account Executive + Irene Chang Head of Expansion + Gaurav Malik + Michelle Tang Marketing Operations + Flor Roxas Nuas Customer Development + Kim Seungjin Sales Operations + Jeff Collins Enterprise Sales + Matthew King + Alice Yang + Ed Oledan Customer Development + Shahil Khan Sales Operations + Pranab Sharma Head of Pricing + Arman Rye Solutions Engineer + Junyi Lim Customer Development + Ana Hagerup Business Development + Chris Snowdon + Madeline Gregory Information Security + Nicole Ellis Office Coordinator + Megan Davis Event Marketing + James Jaconetti + Hyojeong Sue Lim Customer Development + Steve Pascucci Sales Manager + Nicholas Allen Go-to-Market FP&A; + Manuel Briseno + Angela Huang Customer Success Manager + Susan Tran Accountant + Lee Sam Recruiting + Andre Bluehs + Daniel Goldstein Go-to-market and Sales + Andria Jones Head of Legal Compliance + Bob Zavala + Deborah McRoth + Philip Bjorkman Business Development + Aanchal Gupta Sales Operations + Dmitriy Gladchenko Director of Finance + Jayson Noland Investor Relations + Danielle Vanzura + Peter Thomas Design Lead + Adrian Phillips Customer Development + Mat Henley Director of Security + Lis Harris + Elisa L. Durrette Legal-Commercial Transactions + Mohamed ElShal + Tom Lam + Laurie Zapinski + Lisa Morgan Cohen Enterprise Account Executive + Andy Wang + Loren Rackow-Mendizabal + David Fenton Group, Australia + Le Carlson Assistant to Thomas Seifert + Andres H. Pimentel Gtm Research & Development + Xavier Xuhui Cai Sales Head (China) + Sylvie Cosgrove Head of Information Technology + Ben Han Korea Sales Executive + Brittany Thai Account Executive + Samuel Noble Customer Development + Michael McGrory Solutions Engineer + Tiffany Odeka Events + Deanna Popolo Account Executive + Hiroki Isomura Regional Sales Manager, Japan + Jonathan Lebeau Customer Development + Ju Hyung Song Business Development (APAC) + Emma Cardon Business Development + Visith Bou Customer Development + Dian Yu Legal Counsel + Gerry Dunn Sales Leader + Chloe Chang + Adam Shea Expansion Account Manager + Jonathan Spies + Louis Grace Business Development + Phi Nguyen Account Executive + Rina Yates + Alon Gavrielov Infrastructure + Tony Ortegon IT Operations Engineer + Yien Wu Relationship Manager + Antonio Cocera SRE, Singapore + Judy Cheong Recruiting Programs + Hana Darling Customer Development + Rupesh Ganeshe Solutions Engineer + Ruth Mthethwa + Christian Paulus Product Marketing + Sean Thompson Account Executive + Kate Delaney Operations Engineer + Keefe Tang + Popie Bastaki People Team (EMEA) + Marshall Alexander Platform Operations + Karl Ehr Head of Technical Operations + Roy Chan Channel Manager + Shawn Robinson + Kyle Breuleux Enterprise Sales + Kalpana Ravinarayanan Data Management + Amy Cebrian Enterprise Solutions + Noah Neuman Enterprise Account Executive + Constantin Britcov Engineering Manager + Diego Aragon + Jean Ryu Solutions Engineer + Joery Van Druten Marketing + Declan Carlin Solutions Engineer + Ricky Lee Regional Sales + Tyler Grady Enterprise Sales + Fu Jia Relationship Manager + Anthony Hatley + Peter Jensen + Justin Simpson Growth Strategy Analyst + Alex Odagiu Special Projects, London + Jesse Kipp Systems Engineer + Nick Toulson Account Executive + Samantha Mammen + Tom Walwyn + Mark Garfield VP of Finance + Rajesh Bhatia Engineering, Internal Tools + Anushka Aggarwal Data Analyst Marketing + Paddy Sheehan + Tuyen Dinh + Tingting (Teresa) Huang Strategy and Development + Tom Wesley + Michelle Hagan + Derek Yee Product Marketing + Cavin Kindsvogel Product Strategy Manager + Julio Pescador Sales Operations + Anand Guruprasad Solutions Engineer + Rob Headley Enterprise Account Executive + Renee Taormina People Systems + Marshall Montana + James Wong + Ben Bradley + Andrea Miller Marketing Coordinator + Peter Yoakum + Jensen Hussey Web Developer + Cris Perez + Andy Jordan Multimedia Lead + Hugh Whan + Jennifer Koo + Lakshman Manoharan + Christina Reip + Roger Tam + Christian Elmerot + Christopher Teaney + Diana Fu + Kevin Wang Product Manager + Tilda Takacs + Eric Anderson + Brandon Nelson + Tim Cloonan + Andrew Plunk Systems Engineer + Erika Gonzalez Account Executive + Hugo Venegas + Peter H. Taylor Global Infrastructure + Connor Peshek Developer Relations + Varun Mehta Product Marketing + Sophie Yao + Thomas Lefebvre + Alex Krivit + Watson B. Ladd Crypto Team + Lucas Pardue HTTP/2 and QUIC, London + Ramiro Castillo Web Security + Saran Chandran Regional Head + Preston Tilghman Event Marketing + Samantha Lee Regional Sales Lead + Amy Bibeau Front Desk Coordinator + Andrew Geiser Account Executive + Khanh Dao Tax Manager + Mickie Betz Systems Engineer + Edith Germer Business Development + Chase Robinson Security Compliance Analyst + Kevin Stinger Security Channel Manager + Malgorzata Pack (Kacprzak) Support Operations Engineer + Nicky Semenza Software Engineer + Jon Murphy Business Development + Matthew Twyman Information Infrastructure + Staci Lowe + Kate Fleming Customer Success, Singapore + Tiffany Moeller Software Engineer + Naya Posotidou IT Operations Engineer + Shanea Leven Product Manager + Alvin Lin Growth Marketing Manager + Xiaojin Liu Solution Engineer + Rustam Iuldashev SRE + Halley Kish Customer Success Manager + Ellie Jamison Recruiting Coordinator + Dan Geraghty + Arthur Fabre Systems Engineer, London + Elina Todorov Global Sales Strategy + Anca Hurduc Account Executive + Yan Zhai Systems Engineer + Alvin Khor ASEAN Sales Lead + Thomas Dubrawski Business Development + Brittany Martell-Harris Accountant + An Nguyen + Stacey Cho Global Operations + Krishna Zulkarnain + Jon Harris Customer Development + Sam Murray + Giuliana DeAngelis Customer Success Manager + Christina Briscoe Accountant + Andy Parker + Kassian (Kas) Perch Developer, Austin + Ashley Williams Systems Engineer, Austin + Yun Ting Tan Business Development + Ngassa Youmby Account Executive + Lorene Pastore Account Executive + Rahul Deshmukh Product Marketing + Priscilla Li Technical Product Manager + Shih-Chiang Chien System Engineer + Rebecca Roche Account Executive + Alejandra Quevedo Security Engineering Manager + Rosie Parket Paralegal + Alex Robinson Systems Engineer + Minh Bui Pricing Strategist + Robert Kim Performance Marketing Manager + Syeef Karim Product Designer + Achiel van der Mandele Product Manager, Austin + Sarah Carter Manager, Customer Success + Grant Humphreys Business Development + Kathy Ly + Renato Yoshio Hirata + Alex Musgrove Account Executive + Bruce Li + Maxim Matskul + Hassie Ergin + Maxime Guerreiro DoS Mitigations, London + Cina Saffary Systems Engineer + Kyle Boutette Systems Engineer + Arvind Singh (Mickey) Global Sales Enablement + Ray Leihe Marketing Technology & Platform + Abby Carrales McNertney Security Compliance, Lisbon + Pete Clayton People Team, London + JC Smith Engineering Manager + Kyle Hui Business Development + Keenan Koizumi Business Development + Marcus Schaefer Strategic Account Executive + Cyrus Roshan Systems Engineer + Abida Ali Delivery Manager + Erin Walk Policy Analyst + Scott Olivares Conversion Rate Optimization Lead + Sam Mason de Caires UX Engineer + Ruth Wall Engineering Manager, London + Karl Henrik Smith Business Development + Peter Wu Crypto Team, London + Alex Davidson Cryptography Engineer, Lisbon + Gui Alencar Solutions Engineer LATAM + Chad Skinner Corporate Counsel + Rishabh Bector Big Data Engineer + Ray Li Business Development, Singapore + James Purcell Account Executive + James Toudy Enterprise Sales + James Espinosa Security Engineer + Lindsey Cochran Corporate Counsel + Martin Marks Systems Engineer + Jose Bethancourt Incoming Software Engineer + Suman Talukdar Sales Manager, India + Omeed Rahgozar Solutions Engineer + Harry Hirschman Customer Strategy + Alejandro Diehl + Maggie Yue + Jeremy L. Pugh + Steve Klabnik Storage Product Manager + Kristian Freeman Developer, Austin + Zein Jaber Technical Support Engineer, London + Robert McNeil Systems Engineer + Ayako Kobayashi Recruiting Coordinator + Ankur Aggarwal Solutions Engineer + Fabienne Semeria Systems Engineer + Rami Aljamal Director of HW Infrastructure + Anjum Ahuja Security Engineering Manager + Jonathan Rolfe Operations and Strategy + Brett Hoerner Systems Engineer + Kevin Kipp Systems Engineer + Kevin Gallagher Systems Reliability Engineer + Apoorv Goel Data Analyst + Uday Sharma Lead Data Engineer + Rita Giran Business Development + Jake Jones + Lee Hiro Business Development APAC + Devin Miller IT Support Technician + Rebecca Rogers Security Compliance Lead + Katie Cummins + Paul Southwell Enterprise Sales + John Fawcett Systems Engineer + Adam Winter Solutions Engineer + Allati El Henson Lead Brand Designer + Anna Wolf Recruiter + Anurag Reddy Capacity Planning Manager + Aurora (Lian) Zhang Supply Chain Operations Analyst + Bethany Sonefeld Product Designer, Austin + Chloe Medosch Customer Success Manager + Dalton Cherry Solutions Engineer + Daniel Elder Technical Support Engineer + Faiz Azhar Technical Support Engineer + Fallon Blossom Technical Content Designer + Gergely Bod Systems Engineer + Katrina Riehl Senior Manager - Data Science + Rushil Shah Product Security Engineer + Timothy Orchard Account Executive + Trent Wooton Business Development + Victoria Simons Growth Marketing Manager + Nick Gongorek Channel Sales Leader + Ugo Piasentin + Christine Hu + Albina Sultangulova Customer Success Manager + Florence Chan Legal Operations Manager + Paul Underwood Chief Accounting Officer + Nikita Zolotarev Business Development + Michael Buasan Sales Operations + Jason Kincaid + Neha Sood Sales Operations EMEA + Robbie Honerkamp SRE Team, Singapore + Isaac Specter Product Strategy, Austin + Ashcon Partovi + Georgie Yoxall + Vignesh Ravichandran Reliability Engineer + Nick Jones Protocols Team + Miguel de Moura Systems Engineer, London + Andy Lockhart EMEA + Matthew P. Harrell Channel Sales and Partners + Edward Palmer IT Services Analyst + Geison Porfirio Solutions Engineer + John Terzis Systems Engineer + Olivia Hsieh Software Engineer + Apoorva Wadehra Solutions Engineer + Nikole Phillips Data Analyst + Quinn Cassidy Business Development + Sofia Farid Technical Program Manager + Curtis Lam System Engineer + Curtis Lowder Software Engineer Intern + Zhengyao Lin Software Engineer Intern + Ane Kallmyr Lerheim Legal Intern + Luisa Gobbo Marketing and Events, London + Taylor Galusha Legal Intern + Thibault Meunier Systems Engineer, London + Julie A. Sparks Security Engineer + Kabir Sikand Solutions Engineer + Arwa Ginwala Solutions Engineer + Stanley Chan Security Engineer + Kelvin Akehurst Technical Infrastructure Supply + Albert Moore + George Sun + Ted Patsos Business Development + Jim Watson + Aaron Trott Security Performance Specialist + Aamir Thoker + Sophie Breider Sales Enablement Team + Siddharth Naik + Anna Ko + Dom Batteate Enterprise Account Manager + Janette Leyva + Courtney Hood + Anwar Karzazi + Taylor Murray + Eva Hoyer Head of Supply Chain + Jonathan Hoyland + Julie Huchet Product Designer + Lorenz Bauer + Guido Jiménez Plumbing Automation, London + Val Vesa Community Manager + Sven Sauleau Software Engineer, London + Jeremy Bernick Intern + Tomas Susanka Intern + Kelly Cunnane Field Marketing and Events + Ilya Andreev Intern + Niels Hoven Product Manager + Maddie Roster Business Development + Zach Turminini Business Development + Liam Crowter Technical Support Engineer + Kelsey McCann Customer Development + Ana Boardman-Hsue Program Manager + Tanvi Agrawal Business Development + Rafael (Rafi) Cohn-Gruenwald Security Intern + Annika Garbers Product Management Intern + John Adams Senior UX Designer + Luis Vasallo Business Development, London + Pudcharapon Laokokham (Peter) Solutions Engineer + Austin Urraca Business Development + Kenneth Abe Account Executive + Elijah Velasquez Business Development + Sharan Birak Analyst Relations Manager + Ravi Reddi Demand Generation Manager + Pramod Suvarna Channel Sales Manager + Raju Boyapati Cloud Operations Engineer + Kevin Klapak Technical Support Engineer + Sunil Rathode Big Data Engineer + Erfi Anugrah Solutions Engineer + Prem Raj Natarajan Customer Success Manager + Ling Wu Governance Risk and Compliance + Eric Gau Business Development + Sandra Sansano IT Billing Project Manager + Kate Lockhart Project Manager Security + Nauzer Gotla Vice President, Internal Audit + JC Whitney + Kevin Dompig Technical Program Manager + Kanika Rastogi + Omer Yoachimik Product Manager + Huey Min Wong Office Specialist + Kenny Luong + Welly Tandiono Solutions Engineer + Kevin Xu + Zoe Hu Solutions Engineer + Chad Toerien Customer Development + Nandini Jayarajan + Xu Haitao Account Executive + Dmitry Nes Customer Success Manager + Sydney Staff + Christopher Shelley Solutions Engineer + Vincent Liu Engineering Marketing + Dennis Vavasis + Ellen Miao + Corey Barker + Raymond Maisano Head of Australia & New Zealand + Suphanat Chunhapanya Crypto Team + Ben Solomon Product Management Intern + Ahamed Nafeez Security + Kostas Topaloudis Data Center Deployment Engineer + Pradeep Chhetri Systems Reliability Engineer + Marina Jeon Demand Generation Specialist + Marianna Ilagan Internal Events Coordinator + James Munson Systems Reliability Engineer + Jeffrey Lin Software Engineer + Drew Dowling Full Stack Engineer + Addis Sendaba Customer Success + Warren Rickards Customer Success + Daniel Stinson-Diess Security Engineer + Annelise Dutcher Business Development + Chandra Mohan Raju Data Engineering + Allen Rinehart Security Risk Management + Yunfei Luo (Adam) Channel Account Manager + Francisco Ponce de León Customer Success + David Jewell Customer Success, London + Nadin El-Yabroudi Security Engineer + Diogo Tempero Globalization Operations + Zanoni Harris IT Operations + Hannes Gerhart Solutions Engineer + Michael Moreno Marketing Manager + Daniel Herzig Application Services Engineer + Jiong Yang Solutions Engineer + Howard Huang BDR + Osifo Anosike Software Engineer + Pei Ching Lee + Colleen Noonan Core SRE Manager + Elspeth Shek Field Marketing (APAC) + Bo Li + Kevin Chen Business Development + Wilson Jackson + Henry Marble Business Development + Anthony Chobanian + Douglas Anwar Web Security + Moses Ellis Business Development + Dennis Liang Systems Engineer + Jill Lewandosky + Jodie Holland Security and Performance + Andrew Li + Michael Cummins Customer Development + Wesley Soeters Account Executive + Matt Alonso Developer Experience Team, Austin + Cosmin Lita Customer Success + Anil Somaney Go to Market Leader + Joseph Himes Business Development + Dana Ng Business Development + Yuri Takano Business Development, Singapore + Cheyanna (Chy) Sarmento Campaign Manager, Brand Team + Arun (Rahul) Singh Product Marketing, Security + Jocelyn Woolbright Policy Analyst + Judy Emma Travel Manager + Tobias Rohrle Solutions Engineer, London + Sze Chuen Tan Systems Reliability Engineer + Brandon Huang Business Development + Swirvithan L. Gooding-Splatt Intern + Ashley M. Lewis + Mia Wang Special Projects + Mia Hardy-Thompson Business Development + Daniel Jones Web Security + Sunny Au + Kim Jen Infrastructure Sourcing + Daniel Polaske + Brian Carbone Product Manager + Barrett Thies + Pierce Few + Lee Diddy London + Jakub Sitnicki + Christian Antonow Customer Success Manager + Makoto Nishihara Solutions Engineer. Singapore + Christopher Patton Crypto Team + Hady Mendez + Young Park + Lesley Lurie + Aanchal Malhotra + Devin Davis + Arjunan Rajeswaran + Stefan Henke + Piers Cornwell + Venkat Viswanathan + Edo Royker + Teffen Ellis + Oliver Yu + Hunter Blanks + Ryan Hodson + Matvey Arye + Meg He + David Zakur + Taj Bhat + Zachary Roy Accounts Consultant + Jon Godinez Business Development + Damian Dulanovic + Emilia Faz Payroll Manager + Joshua Watts Business Development + Jessica Iyer Business Development + Andrei Aleksejevs Business Development + Anil Savaliya + Khaled AlSaleh + Vera Tsai Taiwan Sales Manager + Michael Vigil Accountant + Michael Geng + Kristina Scott Global Marketing + Jay Henderson Account Executive + Molly Evans Business Development + Austin Stanford + Thomas Mann Customer Success, London + Sofia Gkazempa + David Roth Enterprise Sales - East + Ash DSouza Strategy and Operations + Nicholas Platais Business Development + Donald Lew + Jake Bauch Field Manager + Rachel Dowson People Team Partner + Jimmy Phung + Li Yichan Business Development, Singapore + Ooma Guerwan Customer Development - MENA, London + Mariella Luger Marketing Manager EMEA + Prudhvi Ratna Badri Satya Data Scientist, Austin + Jack Melnicoff Business Development + Brian Bassett Hardware Infrastructure Engineer + Brian Guan Head of Tax + Sarah Meyer Customer Development, London + Dilshan Silva IT Support Technician + Derek Chamorro Infrastructure Security + Gabriela Alexandra Moldovan Software Engineer, London + Carly Bothe Finance Project Manager + Carly Wood People Team Business Partner, London + Joey Aranez Customer Development, Austin + Hannah Keefe Accounts Payable Specialist, Austin + David Nguyen Systems Reliability Engineer + Jason Jenkins Business Development + Baptiste Descateaux Business Development + Heather Orsi Strategic Finance Manager + Sumit Bahl Product Marketing Manager + Oxana Kharitonova Systems Engineer + Erin Slaughter Demand Generation Campaigns + Nerio Musa Support Manager - APAC + Antonio Rancan Solutions Engineer + Anika Murthy FP&A; Analyst + Bryant Chang Marketing Operations Manager + Arlin William Product Designer, Austin + Sagar Shah IT Billing Applications + Darwin D. Wu Core Systems Reliability + Christina Tanoto Business Development, Singapore + Mohamed Zerri Channel Account Manager + Melissa Henderson IT Support Technician + Carlos Silva Sales Director, LATAM + Kristina Miguel Backend Systems Engineer + Akshata Mohan Data Scientist + Ethan Park Product Counsel + Bhavik Gandhi Sales Operations, Americas + Elvin Tan Reliability Engineer, Singapore + Cristina Garcia Customer Development, London + Darryl Cody Vida Front Desk + Misha Yalavarthy Security Engineer + Sheridan Guest Account Executive + Jeffrey Tang Distributed Systems Engineer + Justin Wilson EMEA Business Development, London + Jacqueline Keith Security Strategy and Policy + Adam Morse + Deeksha Lamba Product Marketing + Brian Batraski Product Manager + Nick Downie + Suzy Bates Director of Projects, Austin + Lane Billings Product Marketing, Austin + Seungmin Back Business Development + Zac Arellano Software Engineer + Darren Remington + Junho Choi + Will Greenberg Account Executive + Marwan Fayed UK/EU Research Lead + Sofia Celi Crypto Team + Kayla Prettitore Global Physical Security + Cassandra Morris + Aki Shugaeva + Vaishnavi Iyengar + Azin Mirzaagha + Sana Jafar + Anna Sapegina + Rajdeep Kaur Software Developer, London + AJ Gerstenhaber Team Security Sales + Juan M. Rodriguez Chief Information Officer + David Haynes Security Team + Nelson A. Blengeri + Paul Bauer Platform Engineer + Anita Tenjarla + Tatiana Bradley Cryptography Intern + Christopher Wood + Sreeni Tellakula + Sung Park + Aly Cabral Product + Matt James Boyle Engineer + Bani Singh Intern + George Thomas Systems Engineer + Malgorzata Pikies + Simon Wijckmans Solutions Engineer + Sam Marsh Product Manager, London + Matt Cowley @cdnjs.com Maintainer (on contract), London + Masa Aoba Head of Cloudflare office in Japan + Jacob Zollinger Security Compliance + Nancy Gao + Cody Koeninger + Lindsay Goldner Brand Designer + David Tuber Product Manager + Rob Dinh SRE + Ben Ritter Network Engineer + Richard Macias Software Engineer + Mike Borkenstein + Celso Martinho Engineering Director, Lisbon + Harnish Kanani Chief Customer Officer + Dylan Welter Creative Ops Manager + David Song + Alex Fattouche + Suleman Ahmad Intern + Talha Paracha Intern + Marc Lamik Director of Product + Alexandra Moraru Delivery Manager + Joshua Johnson Software Engineering Intern, Austin + Patrick Day + Caroline Quick Head of Real Estate and Workplace + Chung-Ting Huang + Nimisha Saxena Security Program Manager + Samuel Sathyajith India and SAARC Region + Connor Jones Systems Engineer + Valerie Sung + Wendy Chu Export Director + Vinita Pitoomal Business Development + Nina Serr + Joyce Ottignon Information Technology Team + Michelle Mattern + Diego Raigoza Business Development + Rika Niekzad Customer Development + Lindsey Dempsey Business Development + Caroline White Sales Operations + Christina Wilson + Kenny Hanover Customer Development + Julia Mautino Customer Development + Michael Giron Business Development + Jared Jones Security and Performance + Brian Ceppi Account Executive + Pascal Henskes + Matt Golden + Parker Schramm Account Executive + Oscar Saldivar LATAM Business Development + Thom Henneberger + Priscilla Rossouw Revenue Operations + Ryan Tyrrell Security and Performance + Mandy Chi Customer Success + Peter Reidy Enterprise Sales + Vladimir Paladi + Georges Lagardere + Sabrina Simpson Security and Performance + Matthew Wheeler Customer Development + Dan Carter + Matthew Shimizu Customer Success + Shri Deshpande + Madison McCrea Recruiting + Julia Zraick + Kristar Ham Sales Manager + Madeleine Stinson + Jason Shapiro Litigation Counsel + Jessica Cardenas + Adam Wager + Jake Volpe + Justen Lin Regional Sales + Brian Parks + Jenny Gong + Kit Sari + Amy Lee + Katie McAlinney Architecture + Antoine Lienhard + Jonathan Gascoyne Customer Development + Ryan Chow Hardware + Tyler Caslin + Rachel Chen + Shaz Carmali Solutions Engineer, London + Andres Mariscal Data Scientist + Thom Chiovoloni Systems Engineer + Aaron Lisman + Zak Cutner + Jonas Otten + Ryan Jacobs + Kevin Frazier + Daniele Molteni Firewall Product Manager + Andrew Mitschke SEO Lead, Austin + David Harnett Teams + Abe Carryl Product + Kyle Krum + Ricardo Pacheco + Greg McKeon Distributed Storage + Jacob Evans Software Engineer, Austin + Nidhi Mishra Solutions Engineer APAC + Chris N. Maynard Business Development + Sergio Maeso Security Solutions Engineer + Malavika Balachandran Tadeusz Product Manager, London + Sangio Lee + Andrew Hauck + Ryan Timken + Kiran Naidoo + Boris Lecoeur Head of France + Tanya Verma + Sudheesh Singanamalla + Pete Zimmerman + Glen Maddern + Aaron Loyd + Carlos Rodrigues Lisbon + Michael King Data Center Strategy + Jesse Li + Abraham Shaheen Security Performance + Randy Tibbetts Enterprise Accounts + Justin Katz Enterprise Accounts + Justin Zuniga Recruiting + Tracye Shaw + Annie Tang Global Growth + Brandon Lacanaria Business Development + Daniel Cardoso Sales Director, LATAM + Ryan Morse Account Executive + Bobby Guhasarkar Marketing + Windy Lim + Shona Alfert Business Development + Thomas Beckers + Vivian Hua Security + David Zuazua + Albert Zhao + Teresa Huang Sales + Kartika Mulyo Regional Sales Lead + Charles Ng Production Engineering + Hansen Chang + Matt Wheeler + Thomas Litten Account Executive + Alaina Kretchmer Customer Advocacy + Oliver Reimers Managing Counsel + Kyle Huang Operations and Strategy + Oscar Pinzon Account Executive + Rafael Carabano Customer Success + Owen Zhai Customer Development + Steven Kettlewell + Jennifer Taylor Head of Product + Elizabeth Addison Commercial Counsel + Bashir Khader Contracts + Kenneth Ang Igaming Sales Director + Ravi Hemnani + Beth Sautter Account Executive + Justin Nader + Jorge Verges + Bob Laskey Enterprise Sales + Clement Schoehn + Brooke Kumar Portfolio Manager + Renato Hirata + Shivalika Keni Business Development + Ilhem Benmeriem Customer Success + Juliena Tran + Catherine Dawson Business Development + Todd Coachman Business Development + Allen Marcus Business Development + Peter Carlsten Interconnection Strategy + Scott Flesch SLED Sales + Aubrey Evans-Trawick + Gaurav Pai South Asia Development + Daniela Rodrigues EMEA, Lisbon + Dmitry Vorobev Software Engineer + Colton Becker Cybersecurity, Austin + Tilly Lang Privacy Counsel + Soraya Apollonia Jansen London + Jet Mariscal + Brian Bradley + Richard Armstrong Americas Solutions + Barry Fisher Product Director + Felicia Rosita Marketing Director + Alice Bracchi Lisbon + Gabriel Gabor + Andre Cruz + Sieh Johnson Full Stack Software + Amada Echeverria Field Marketing & Events + Sirisha Gorantala Data and Analytics + Vijay Chauhan Product Marketing + Priyanka Satish Big Data Engineer + Rohan Oswal Big Data Engineer + Naimisha Yadav Big Data Engineer + Uli Guerra Data Analyst + Philip Johnson + Edward Wang + Matt Lewis + Justin Zhou Product Manager Intern + Mihaela Risca Product Marketing Manager + Thomas Vissers + Kenny Johnson Product Manager + Luke Edwards Developer + Diego Moura Territory Account Manager + Roopa Chandrashekar + Jonathon Dixon VP and Manager, Asia Pacific + Erwin van der Koogh Product Manager + Sebastian Benz + Jake Fried + Neil Sanchez Customer Success Manager + Felicia Bermudez Haggarty Inbound Marketing + Krystal Montesdeoca Software Delivery + Annel Quevedo Inbound BDR DACH + Evan Smith Technical Support + Tom Pepper + Patrick Nemeroff Policy Counsel + Lan Tang Finance + Bialy El Security Consultant + Mickey Singh Head of Sales + Tony Gomez Sales AMER + Chris McDonald + Doug Lavanchy Enablement Head of Global Sales + Laiza Miller LATAM Development + Grace Tan Business Development + Kim Macko Enterprise Account + Snigdha Arya Specialist + Garima Shukla Business Development + Clem Fonseca Americas Demand + Erin Zhemin Account Manager + Kristina Williams Group + Rach Murphy Account Executive + Ken Lim Data Center Deployment + Chrisanthy Carlane Partner Solution + Kaitlin Moxon People Operations + Jason Augustine Global Sales + Sam Braich Groups + Karl Smith Sales Enablement + Jason Yan Customer Success + Bruna Villalon LATAM Development + Folashade Akintola-Harrison Contract Specialist + Santos Gracia Marketing (APAC) + Melissa Charpied Business Development + Lisa Cohen Account Executive + Shiv Vembo + Kenny Bruce Sales Operations Analyst + Yvonne Omiyi + Sarah Figge Group + Kasia Pietrzak + Sandra Picarra + Mo Zerri + Samir Najam + Catherine Connors Technical Recruiter + Tu Mai + Gracelin Chan + Nelson Blengeri Enterprise Sales + Charmaine Cuanan Business Development + Jonathan Choi Business Development + Rick James Customer Development + Barbara Garza + Daniel Benamou + Jonathan Marsh Communications Manager + Chris De La Garza + Zaidoon Abd Al Hadi + Jacob Bednarz Systems Engineer + David Jonathan Peter London + Kayla Geigerman Customer Advocacy + Jen Langdon Director of Engineering + Mathew Jacob + Abhi Das Strategic Partnerships + Bharat Nallan Chakravarthy + Kyouthei Hayama Solutions Engineer + Michele Settepani Frontend Engineer + Yasir Qureshi (Sahil) + Natasha Wissmann + Andrew DeMaria + Sean W. Richardson Growth, Austin + Jen Kim + Jon Rolfe + Thomas Calderon + Trevor Sundberg Systems Engineer + Suraj Kumar Field Manager + Anthony Longjas Support Engineer + Sarah Kurtz Analyst + Oz Manule + Rachael Truong Product Manager + Youjin Wang Enterprise Development + Leo Lam Customer Development + Joanne Lu Business Development + Suzie Jimenez Recruiter + Adam Rigby + Dan Hong + William Mahler Enterprise Operations + Jorge Cappa + Leslie Hart Enterprise Operations + Leigh Benicewicz Public Relations Director + Sagar Vora Billing Applications + Sharon Quek + Kevin Lindsay Business Development + Risa Yanagisawa + Candice Knoll Customer Success (Latin America) + Todd Ciampa Recruiter + Eric Peacock + Kelly Martin Account Executive + Robert Cepa Software Engineer + Alex Diaz-Garcia Globalization Lead + Joe Luginski Enterprise Sales + Alla Ziegler Account Executive + Scott DeFreitas Channel Account Manager + Mike Kutlu Enterprise Account Executive + Courtney Mykkanen Business Development + Cameron Bennett Manager, Customer Success + Yun Tan Manager, Customer Success + Imma Uche Security Operations Engineer + Zac Cortez Enterprise Account Manager + Toan Le Diversity Program Recruiter + Ricardo Oliveira Customer Success Manager + Sophie Schrager + James Hong + Joseph Hegedus Customer Success Manager + Kailey Williams + Dj Parker IBM Partnership + Mike Miller + Tina Chang + Ash D'Souza Global Operations + Vincent Oh + Tanner Ryan Network Strategy + Rory Malone + Joao Sousa Botto + Roderick Fanou Systems Engineer + Oliver Herms Network Engineer + Dmitriy Akulov Senior Product Manager + Prabhu Marappan Senior Software Engineer + Mariana Reis Product Designer + James M. Snell Workers Team + Keith Cantrell Solutions Engineer + Nevi Shah + Christian Sparks + Adam Janis Developer + Jon Kuperman Developer + Joshua Muniz Business Development + Marianne Acuna-Pineda Business Development + Tara Whalen + Wesley Evans Product + Obinna Ekwuno Developer + Amy Gall Enterprise + Dan Gould Product Marketing + Neil Patel Marketing Manager + Kate Tungusova Technical Writer + Jenanne Vaccaro + Mohak Kataria + Alyssa Wang + + Board of Directors: + Mark Anderson + Maria S. Eitel + Carl Ledbetter + Stan Meresman + Matthew Prince + Scott Sandell + Katrin Suder + Michelle Zatlyn + + Investors: + Brad Burnham Union Square Ventures + Carl Ledbetter Pelion Venture Partners + Bryan Roberts Venrock + Ray Rothrock Venrock + Scott Sandell New Enterprise Associates +``` + +[home page](README.md) \ No newline at end of file diff --git a/subfiles/classics/cfgdpr.md b/subfiles/classics/cfgdpr.md new file mode 100644 index 0000000000..7cc1a852f7 --- /dev/null +++ b/subfiles/classics/cfgdpr.md @@ -0,0 +1,14 @@ +# Is CloudFlare affected by the EU's GDPR? + +> May 25, 2018 + + +![](img/cfeunew.gif) + +Our [geolocation results](cfusers.md) page points to direct-connect IP addresses for many of the above countries. For example, if you click on France, the first link shows almost 4,000 domains in the same /24 block that all use CloudFlare. This looks like a situation where a single service provider in France hooks up every new customer to CloudFlare automatically. This provider in France obviously must adhere to the GDPR. However, it is our belief that in cases this extreme, CloudFlare must also share responsibility for GDPR violations. If you click again, you can get a listing of the specific domains. Sometimes the domain names themselves suggest dubious content. + +We haven't investigated this particular case, as there are many dozens of similar patterns in our data, even after restricting our searches to EU countries only. + +--- + +[home page](README.md) \ No newline at end of file diff --git a/subfiles/classics/cfgrowth.md b/subfiles/classics/cfgrowth.md new file mode 100644 index 0000000000..977aaf5ba8 --- /dev/null +++ b/subfiles/classics/cfgrowth.md @@ -0,0 +1,447 @@ +# CloudFlare's unamazing growth + + +Hurricane Electric is a major Internet backbone service provider, and they show a chart listing the [top 100 hosting companies](https://web.archive.org/web/20210826102852/https://bgp.he.net/report/tophosts). We asked them how this data, which updates once a week, is compiled. Rob Mosher replied that "the counts are based on domain names with their nameservers listed." + +That's good enough for us, and we began capturing the data from this chart soon after CloudFlare made it into the top 100 in April 2013. Matthew Prince brags about all the traffic he handles ([more than Facebook](https://web.archive.org/web/20210826102852/http://venturebeat.com/2013/06/17/cloudflare-150b-pageviewsmonth-30gb-of-log-dataminute-and-more-traffic-than-facebook/)), but this is bogus. For example, he once claimed that China is the second largest country using CouldFlare after the U.S., while our stats showed otherwise. On further investigation, we found a later quotation in which Prince said that traffic from China was number two — not CloudFlare customers from China, and not CloudFlare websites in China, but traffic! + +![](img/mao4.gif) + +Yeah, okay, and our modest site here at CloudFlare Watch has been getting a lot of traffic from China also. It's called a "botnet," folks, which means a bunch of automated zombies grab stuff from us, 24 / 7, for reasons unknown. We ran Scroogle.org for seven years, and had the same sort of "traffic." By now we know that if you have zombie problems, you are supposed to be apologetic and work hard to block them. You don't brag about it. + +Mr. Prince isn't content to merely compare apples to oranges. His comparison to Facebook is the equivalent of claiming that the water CloudFlare uses to keep its apple tree alive weighs more than the basket of oranges from Facebook's orange tree. It's all reckless hype, and it's amazing that the high-tech press lets him get away with it. They should recognize that Facebook attracts end-users by providing an environment and structure that encourages content, while CloudFlare is a mere traffic conduit that is divorced from both end-users and content. + +![](img/evo20.gif) + +While we are still interested in how Hurricane Electric collects their domain stats (is it captured midstream, or from zone file access, or what?), ultimately it doesn't matter as long as their methodology is consistent. We are interested in growth over time for domains that use CloudFlare for their authoritative nameservers. CloudFlare's [hosting partners](https://web.archive.org/web/20210826102852/https://www.cloudflare.com/partners/solution-partners/) do not count, nor should they. A click box on the control panel at a CloudFlare hosting partner means little. While it increases the traffic going through CloudFlare, it merely suggests that these partners are happy to offload a chunk of their bandwidth for free, by encouraging their own customers to try out CloudFlare. At this rate, every self-disrespecting hosting provider on the planet should have signed up by now. + +![](img/sock2.gif) + +No, what matters is how many registered domains use CloudFlare for their nameservers. While the lowest tier at CloudFlare is still free for this, at least it takes some minimal research and commitment before a website is willing to change the nameservers on their domain registration. In short, we feel that the stats from Hurricane Electric, when considered over a span of at least a few months, are worth more than any Matthew Prince quotations in media that [don't know when to quit](cfblock.md). + +[![](img/poem.gif)](repeats.md) + +``` +Date Total domains Percent of top 100 +2013-05-06 462,274 0.200 +2013-05-13 472,085 0.204 +2013-05-20 480,934 0.207 +2013-05-27 485,279 0.209 +2013-06-03 480,989 0.207 +2013-06-10 487,366 0.209 +2013-06-17 492,681 0.212 +2013-06-24 497,098 0.214 +2013-07-01 503,807 0.216 +2013-07-08 516,126 0.221 +2013-07-15 518,662 0.222 +2013-07-22 519,748 0.223 +2013-07-29 523,083 0.224 +2013-08-05 528,595 0.226 +2013-08-12 536,331 0.230 +2013-08-19 540,140 0.231 +2013-08-26 546,689 0.234 +2013-09-02 553,002 0.236 +2013-09-09 559,421 0.239 +2013-09-16 566,034 0.241 +2013-09-23 570,967 0.243 +2013-09-30 583,379 0.248 +2013-10-07 590,639 0.251 +2013-10-14 598,124 0.254 +2013-10-21 605,181 0.257 +2013-10-28 612,161 0.260 +2013-11-04 618,892 0.262 +2013-11-11 625,297 0.265 +2013-11-18 634,680 0.269 +2013-11-25 645,166 0.273 +2013-12-02 651,707 0.276 +2013-12-09 656,592 0.278 +2013-12-16 658,851 0.279 +2013-12-23 664,087 0.281 +2013-12-30 668,845 0.283 +2014-01-06 674,649 0.285 +2014-01-13 680,664 0.288 +2014-01-20 686,548 0.290 +2014-01-27 695,184 0.293 +2014-02-03 701,853 0.296 +2014-02-10 707,212 0.298 +2014-02-17 715,565 0.301 +2014-02-24 721,120 0.303 +2014-03-03 727,763 0.305 +2014-03-10 738,270 0.309 +2014-03-17 748,705 0.313 +2014-03-24 759,522 0.318 +2014-03-31 767,933 0.321 +2014-04-07 776,532 0.324 +2014-04-14 789,967 0.329 +2014-04-21 798,921 0.332 +2014-04-28 810,208 0.337 +2014-05-05 820,826 0.341 +2014-05-12 829,597 0.344 +2014-05-19 843,120 0.350 +2014-05-26 854,125 0.354 +2014-06-02 862,998 0.358 +2014-06-09 870,092 0.360 +2014-06-16 880,063 0.364 +2014-06-23 888,970 0.368 +2014-06-30 900,388 0.372 +2014-07-07 907,303 0.375 +2014-07-14 919,299 0.379 +2014-07-21 929,176 0.383 +2014-07-28 938,897 0.387 +2014-08-04 949,517 0.391 +2014-08-11 959,261 0.395 +2014-08-18 971,269 0.399 +2014-08-25 983,229 0.404 +2014-09-01 996,492 0.409 +2014-09-08 1,008,809 0.414 +2014-09-15 1,018,725 0.418 +2014-09-22 1,028,254 0.421 +2014-09-29 1,039,559 0.425 +2014-10-06 1,055,063 0.431 +2014-10-13 1,069,605 0.436 +2014-10-20 1,092,576 0.445 +2014-10-27 1,105,575 0.451 +2014-11-03 1,119,242 0.456 +2014-11-10 1,137,673 0.464 +2014-11-17 1,151,151 0.469 +2014-11-24 1,166,656 0.475 +2014-12-01 1,177,647 0.479 +2014-12-08 1,189,078 0.484 +2014-12-15 1,207,842 0.491 +2014-12-22 1,217,563 0.495 +2014-12-29 1,231,764 0.501 +2015-01-05 1,247,680 0.507 +2015-01-12 1,265,245 0.514 +2015-01-19 1,280,109 0.520 +2015-01-26 1,297,321 0.526 +2015-02-02 1,312,308 0.531 +2015-02-09 1,332,308 0.539 +2015-02-16 1,347,477 0.544 +2015-02-23 1,359,383 0.549 +2015-03-02 1,381,804 0.558 +2015-03-09 1,399,204 0.564 +2015-03-16 1,418,583 0.572 +2015-03-23 1,435,965 0.579 +2015-03-30 1,454,610 0.586 +2015-04-06 1,469,641 0.592 +2015-04-13 1,484,206 0.597 +2015-04-20 1,499,685 0.603 +2015-04-27 1,517,483 0.610 +2015-05-04 1,538,892 0.620 +2015-05-11 1,552,349 0.625 +2015-05-18 1,569,546 0.632 +2015-05-25 1,589,371 0.640 +2015-06-01 1,607,757 0.647 +2015-06-08 1,630,764 0.655 +2015-06-15 1,646,304 0.661 +2015-06-22 1,671,352 0.670 +2015-06-29 1,688,467 0.676 +2015-07-06 1,709,286 0.683 +2015-07-13 1,729,079 0.691 +2015-07-20 1,755,542 0.701 +2015-07-27 1,776,521 0.710 +2015-08-03 1,800,276 0.719 +2015-08-10 1,819,396 0.726 +2015-08-17 1,849,434 0.737 +2015-08-24 1,871,697 0.745 +2015-08-31 1,897,175 0.755 +2015-09-07 1,923,030 0.764 +2015-09-14 1,965,601 0.779 + +...the data source did not update for one month... + +2015-10-15 2,459,695 0.915 +2015-10-19 2,477,094 0.919 +2015-10-26 2,503,454 0.921 +2015-11-02 2,525,536 0.925 +2015-11-09 2,549,874 0.918 +2015-11-16 2,586,187 0.914 +2015-11-23 2,620,791 0.912 +2015-11-30 2,654,232 0.920 +2015-12-07 2,690,496 0.931 +2015-12-14 2,716,079 0.938 +2015-12-21 2,745,964 0.946 +2015-12-28 2,767,578 0.953 +2016-01-04 2,780,037 0.956 +2016-01-11 2,808,816 0.964 +2016-01-18 2,833,824 0.971 +2016-01-25 2,854,693 0.975 +2016-02-01 2,889,095 0.984 +2016-02-08 2,921,854 0.992 +2016-02-15 2,941,870 0.996 +2016-02-22 2,980,241 1.000 +2016-02-29 3,015,906 1.005 +2016-03-07 3,052,477 1.010 +2016-03-14 3,093,608 1.022 +2016-03-21 3,123,234 1.029 +2016-03-28 3,154,356 1.039 +2016-04-04 3,175,503 1.043 +2016-04-11 3,201,418 1.050 +2016-04-18 3,230,048 1.058 +2016-04-25 3,250,479 1.065 +2016-05-02 3,284,012 1.076 +2016-05-09 3,304,421 1.082 +2016-05-16 3,345,090 1.095 +2016-05-23 3,369,703 1.101 +2016-05-30 3,398,037 1.110 +2016-06-06 3,422,237 1.118 +2016-06-13 3,446,664 1.126 +2016-06-20 3,466,012 1.133 +2016-06-27 3,491,453 1.143 +2016-07-04 3,535,104 1.154 +2016-07-11 3,557,826 1.162 +2016-07-18 3,577,119 1.168 +2016-07-25 3,594,073 1.173 +2016-08-01 3,598,272 1.190 +2016-08-08 3,643,865 1.204 +2016-08-15 3,671,903 1.213 +2016-08-22 3,693,125 1.219 +2016-08-29 3,710,646 1.225 +2016-09-05 3,741,690 1.235 +2016-09-12 3,760,204 1.242 +2016-09-19 3,785,458 1.252 +2016-09-26 3,794,284 1.255 +2016-10-03 3,826,115 1.267 +2016-10-10 3,859,078 1.277 +2016-10-17 3,900,896 1.289 +2016-10-24 3,928,593 1.298 +2016-10-31 3,966,977 1.310 +2016-11-07 4,007,417 1.325 +2016-11-14 4,044,849 1.336 +2016-11-21 4,090,463 1.353 +2016-11-28 4,128,982 1.368 +2016-12-05 4,150,122 1.374 +2016-12-12 4,180,124 1.388 +2016-12-19 4,215,130 1.403 +2016-12-26 4,264,692 1.426 +2017-01-02 4,313,167 1.449 +2017-01-09 4,370,013 1.468 +2017-01-16 4,412,616 1.481 +2017-01-23 4,435,988 1.487 +2017-01-30 4,497,257 1.507 +2017-02-06 4,565,328 1.528 +2017-02-13 4,630,694 1.546 +2017-02-20 4,692,037 1.563 +2017-02-27 4,738,938 1.580 +2017-03-06 4,763,870 1.582 +2017-03-13 4,797,089 1.592 +2017-03-20 4,848,941 1.607 +2017-03-27 4,872,968 1.614 +2017-04-03 4,899,299 1.627 +2017-04-10 4,929,269 1.638 +2017-04-17 4,935,522 1.640 +2017-04-24 4,967,471 1.648 +2017-05-01 4,999,621 1.656 +2017-05-08 5,045,945 1.670 +2017-05-15 5,085,359 1.680 +2017-05-22 5,118,847 1.691 +2017-05-29 5,156,948 1.699 +2017-06-05 5,183,607 1.703 +2017-06-12 5,231,308 1.722 +2017-06-19 5,507,691 1.793 +2017-06-26 5,571,118 1.813 +2017-07-03 5,592,312 1.820 +2017-07-10 5,617,151 1.827 +2017-07-17 5,653,175 1.837 +2017-07-24 5,700,932 1.851 +2017-07-31 5,771,722 1.873 +2017-08-07 5,809,459 1.883 +2017-08-14 5,836,431 1.890 +2017-08-21 5,872,947 1.900 +2017-08-28 5,904,417 1.911 +2017-09-04 5,944,257 1.920 +2017-09-11 5,977,055 1.927 +2017-09-18 6,013,372 1.936 +2017-09-25 6,047,315 1.945 +2017-10-02 6,094,842 1.959 +2017-10-09 6,129,147 1.966 +2017-10-16 6,157,099 1.973 +2017-10-23 6,198,152 1.986 +2017-10-30 6,235,789 1.998 +2017-11-06 6,271,018 2.009 +2017-11-13 6,299,504 2.024 +2017-11-20 6,340,142 2.037 +2017-11-27 6,363,377 2.042 +2017-12-04 6,390,003 2.047 +2017-12-11 6,426,854 2.058 +2017-12-18 6,458,112 2.071 +2017-12-25 6,445,461 2.067 +2018-01-01 6,443,406 2.067 +2018-01-08 6,482,529 2.077 +2018-01-15 6,514,604 2.087 +2018-01-22 6,528,120 2.091 +2018-01-29 6,564,496 2.102 +2018-02-05 6,599,073 2.110 +2018-02-12 6,634,101 2.116 +2018-02-19 6,664,120 2.126 +2018-02-26 6,654,423 2.121 +2018-03-05 6,696,513 2.133 +2018-03-12 6,739,825 2.141 +2018-03-19 6,779,526 2.139 +2018-03-26 6,814,395 2.138 +2018-04-02 6,859,918 2.149 +2018-04-09 6,909,496 2.162 +2018-04-16 6,954,315 2.172 +2018-04-23 7,006,517 2.186 +2018-04-30 7,043,652 2.198 +2018-05-07 7,099,084 2.216 +2018-05-14 7,148,454 2.226 +2018-05-21 7,207,113 2.242 +2018-05-28 7,362,802 2.287 +2018-06-04 7,474,019 2.319 +2018-06-11 7,563,181 2.345 +2018-06-18 7,608,843 2.356 +2018-06-25 7,655,184 2.365 +2018-07-02 7,718,513 2.374 +2018-07-09 7,762,731 2.384 +2018-07-16 7,834,993 2.403 +2018-07-23 7,901,368 2.424 +2018-07-30 7,936,604 2.435 +2018-08-06 7,992,083 2.447 +2018-08-13 8,051,515 2.460 +2018-08-20 8,116,197 2.477 +2018-08-27 8,181,685 2.495 +2018-09-03 8,233,488 2.507 +2018-09-10 8,281,597 2.518 +2018-09-17 8,341,527 2.531 +2018-09-24 8,379,509 2.538 +2018-10-01 8,413,490 2.547 +2018-10-08 8,461,715 2.559 +2018-10-15 8,494,717 2.565 +2018-10-22 8,526,445 2.569 +2018-10-29 8,561,946 2.580 +2018-11-05 8,599,714 2.590 +2018-11-12 8,623,601 2.594 +2018-11-19 8,692,707 2.610 +2018-11-26 8,725,435 2.618 +2018-12-03 8,761,409 2.624 +2018-12-10 8,802,587 2.634 +2018-12-17 8,837,849 2.642 +2018-12-24 8,884,186 2.655 +2018-12-31 8,967,431 2.679 +2019-01-07 9,029,733 2.696 +2019-01-14 9,116,113 2.717 +2019-01-21 9,163,968 2.729 +2019-01-28 9,212,710 2.741 +2019-02-04 9,259,657 2.751 +2019-02-11 9,289,395 2.757 +2019-02-18 9,327,549 2.764 +2019-02-25 9,367,875 2.773 +2019-03-04 9,422,615 2.785 +2019-03-11 9,456,622 2.792 +2019-03-18 9,536,879 2.816 +2019-03-25 9,582,190 2.827 +2019-04-01 9,614,826 2.834 +2019-04-08 9,661,770 2.843 +2019-04-15 9,639,449 2.833 +2019-04-22 9,663,323 2.838 +2019-04-29 9,701,268 2.846 +2019-05-06 9,726,091 2.852 +2019-05-13 9,755,458 2.859 +2019-05-20 9,771,923 2.860 +2019-05-27 9,804,848 2.868 +2019-06-03 9,825,872 2.872 +2019-06-10 9,848,810 2.877 +2019-06-17 9,874,825 2.882 +2019-06-24 9,920,997 2.892 +2019-07-01 9,945,591 2.895 +2019-07-08 9,966,342 2.899 +2019-07-15 10,009,608 2.905 +2019-07-22 10,042,009 2.916 +2019-07-29 10,061,628 2.919 +2019-08-05 10,083,894 2.923 +2019-08-12 10,118,603 2.930 +2019-08-19 10,151,279 2.936 +2019-08-26 10,187,533 2.944 +2019-09-02 10,229,840 2.955 +2019-09-09 10,258,506 2.961 +2019-09-16 10,299,487 2.970 +2019-09-23 10,331,298 2.976 +2019-09-30 10,365,561 2.984 +2019-10-07 10,405,629 2.993 +2019-10-14 10,448,773 3.001 +2019-10-21 10,493,553 3.012 +2019-10-28 10,530,175 3.020 +2019-11-04 10,573,154 3.031 +2019-11-11 10,626,620 3.043 +2019-11-18 10,652,831 3.050 +2019-11-25 10,712,813 3.064 +2019-12-02 10,771,957 3.078 +2019-12-09 10,869,576 3.104 +2019-12-16 10,932,699 3.120 +2019-12-23 10,992,952 3.032 +2019-12-30 11,024,536 3.041 +2020-01-06 11,046,219 3.045 +2020-01-13 11,072,583 3.049 +2020-01-20 11,104,343 3.055 +2020-01-27 11,121,659 3.057 +2020-02-03 11,131,602 3.056 +2020-02-10 11,157,317 3.059 +2020-02-17 11,195,632 3.064 +2020-02-24 11,232,851 3.071 +2020-03-02 11,543,562 2.799 +2020-03-09 11,598,986 2.804 +2020-03-16 11,608,288 2.802 +2020-03-23 11,614,818 2.802 +2020-03-30 11,594,092 2.796 +2020-04-06 11,608,284 2.798 +2020-04-13 11,661,017 2.808 +2020-04-20 11,777,589 2.830 +2020-04-27 11,802,977 2.834 +2020-05-04 11,855,622 2.845 +2020-05-11 11,905,370 2.854 +2020-05-18 11,925,996 2.857 +2020-05-25 11,975,702 2.867 +2020-06-01 12,006,857 2.871 +2020-06-08 12,040,513 2.879 +2020-06-15 12,088,287 2.887 +2020-06-22 12,134,019 2.896 +2020-06-29 12,058,454 2.948 +2020-07-06 12,121,766 2.961 +2020-07-13 12,181,945 2.973 +2020-07-20 12,221,082 2.981 +2020-07-27 12,253,014 2.987 +``` + + +### Harvard Business School +### The source of CloudFlare's delusions + +![](img/harvard.gif) + +- [Why entrepreneurs need to be a little delusional](https://web.archive.org/web/20210826102852/http://web.archive.org/web/20140715071656/http://poetsandquants.com/2013/11/18/qa-with-harvards-top-entrepreneurship-professor/) (2013-11-18) + +``` +We can tell students what the failure odds are, but it's one thing for +people to know the stats, and it's another to actually feel it's going to +be you. A lot of people think they will be that one person to beat the +odds, and I guess that's good to have that confidence. Basically we +need people to be a little delusional. +``` + — Professor Tom Eisenmann, Harvard Business School + + +- [HBS-founded CloudFlare is Sky High](https://web.archive.org/web/20210826102852/http://web.archive.org/web/20140911104439/http://www.harbus.org/2011/cloudflare/) (2011-11-14) + +``` +However you describe CloudFlare, it is clearly flourishing. Since its +founding two years ago at HBS, the company's network now extends +to 15 billion page views and 350 million visitors per month, which is +more traffic than Amazon, Wikipedia and Twitter combined. 'One out +of every five people on the Internet has passed through our network +in the last month,' says Prince. 'Kind of stunning.' ... Zatlyn and Prince +cite a number of HBS influences as critical sources of support, with +Professor Eisenmann being at the top of the list. They recount how +they took his Entrepreneurship course their first year, and he then +encouraged them from their very first discussions beginning in the +lobby bar at the Sheraton in Palo Alto. 'Tom was a cheerleader from +the beginning,' says Prince. 'And he's continued to be in touch. Every +time he is out here, we see him.' +``` + +![](img/shelter4.gif) + + +--- + +[home page](README.md) \ No newline at end of file diff --git a/subfiles/classics/cfnsdump.md b/subfiles/classics/cfnsdump.md new file mode 100644 index 0000000000..26447c5152 --- /dev/null +++ b/subfiles/classics/cfnsdump.md @@ -0,0 +1,424 @@ +# CloudFlare nameservers + +Great moments in +anti-DDoS engineering: + +![](img/eggs.jpg) + + +These IP addresses have been static since mid-2014. +How many lines of code are required to hit this entire +list repeatedly with a huge Internet-of-Things botnet? +Not many (see footnote). + +``` + abby.ns.cloudflare.com 173.245.58.100 + ada.ns.cloudflare.com 173.245.58.54 + adam.ns.cloudflare.com 173.245.59.54 + adel.ns.cloudflare.com 173.245.58.55 + adi.ns.cloudflare.com 173.245.58.56 + adrian.ns.cloudflare.com 173.245.58.57 + aida.ns.cloudflare.com 173.245.58.58 + aiden.ns.cloudflare.com 173.245.59.55 + ajay.ns.cloudflare.com 173.245.59.56 + alan.ns.cloudflare.com 173.245.59.57 + albert.ns.cloudflare.com 173.245.59.58 + alec.ns.cloudflare.com 173.245.59.59 + alex.ns.cloudflare.com 173.245.59.100 + alexis.ns.cloudflare.com 173.245.59.60 + algin.ns.cloudflare.com 173.245.59.61 + ali.ns.cloudflare.com 173.245.58.59 + alice.ns.cloudflare.com 173.245.58.60 + alina.ns.cloudflare.com 173.245.58.61 + alla.ns.cloudflare.com 173.245.58.62 + amanda.ns.cloudflare.com 173.245.58.63 + amber.ns.cloudflare.com 173.245.58.64 + amir.ns.cloudflare.com 173.245.59.62 + amit.ns.cloudflare.com 173.245.59.63 + amy.ns.cloudflare.com 173.245.58.101 + andy.ns.cloudflare.com 173.245.59.101 + angela.ns.cloudflare.com 173.245.58.65 + anirban.ns.cloudflare.com 173.245.59.64 + anna.ns.cloudflare.com 173.245.58.102 + anuj.ns.cloudflare.com 173.245.59.65 + apollo.ns.cloudflare.com 173.245.59.66 + april.ns.cloudflare.com 173.245.58.66 + ara.ns.cloudflare.com 173.245.58.67 + aragorn.ns.cloudflare.com 173.245.59.67 + arch.ns.cloudflare.com 173.245.59.68 + aria.ns.cloudflare.com 173.245.58.68 + arnold.ns.cloudflare.com 173.245.59.69 + aron.ns.cloudflare.com 173.245.58.69 + art.ns.cloudflare.com 173.245.59.102 + arya.ns.cloudflare.com 173.245.58.70 + asa.ns.cloudflare.com 173.245.58.246 + ashley.ns.cloudflare.com 173.245.58.71 + athena.ns.cloudflare.com 173.245.58.72 + austin.ns.cloudflare.com 173.245.59.70 + barbara.ns.cloudflare.com 173.245.58.248 + bart.ns.cloudflare.com 173.245.59.71 + bayan.ns.cloudflare.com 173.245.59.72 + beau.ns.cloudflare.com 173.245.59.73 + becky.ns.cloudflare.com 173.245.58.73 + bella.ns.cloudflare.com 173.245.58.74 + ben.ns.cloudflare.com 173.245.59.103 + beth.ns.cloudflare.com 173.245.58.103 + betty.ns.cloudflare.com 173.245.58.75 + bill.ns.cloudflare.com 173.245.59.74 + bob.ns.cloudflare.com 173.245.59.104 + bonnie.ns.cloudflare.com 173.245.58.76 + boyd.ns.cloudflare.com 173.245.59.75 + brad.ns.cloudflare.com 173.245.59.105 + brenda.ns.cloudflare.com 173.245.58.77 + brett.ns.cloudflare.com 173.245.59.76 + brianna.ns.cloudflare.com 173.245.58.245 + brit.ns.cloudflare.com 173.245.58.78 + bruce.ns.cloudflare.com 173.245.59.77 + buck.ns.cloudflare.com 173.245.59.78 + burt.ns.cloudflare.com 173.245.59.79 + candy.ns.cloudflare.com 173.245.58.79 + carl.ns.cloudflare.com 173.245.59.106 + carol.ns.cloudflare.com 173.245.58.80 + carter.ns.cloudflare.com 173.245.59.80 + cash.ns.cloudflare.com 173.245.59.81 + cass.ns.cloudflare.com 173.245.58.81 + chad.ns.cloudflare.com 173.245.59.82 + chan.ns.cloudflare.com 173.245.58.82 + charles.ns.cloudflare.com 173.245.59.83 + cheryl.ns.cloudflare.com 173.245.58.83 + chin.ns.cloudflare.com 173.245.58.84 + chip.ns.cloudflare.com 173.245.59.84 + chloe.ns.cloudflare.com 173.245.58.85 + chris.ns.cloudflare.com 173.245.59.85 + chuck.ns.cloudflare.com 173.245.59.86 + clark.ns.cloudflare.com 173.245.59.87 + clay.ns.cloudflare.com 173.245.59.88 + cleo.ns.cloudflare.com 173.245.59.89 + clint.ns.cloudflare.com 173.245.59.90 + cloe.ns.cloudflare.com 173.245.58.86 + clyde.ns.cloudflare.com 173.245.59.91 + coby.ns.cloudflare.com 173.245.59.92 + coco.ns.cloudflare.com 173.245.58.104 + cody.ns.cloudflare.com 173.245.59.107 + connie.ns.cloudflare.com 173.245.58.247 + cortney.ns.cloudflare.com 173.245.58.87 + cory.ns.cloudflare.com 173.245.59.93 + cruz.ns.cloudflare.com 173.245.58.88 + curt.ns.cloudflare.com 173.245.59.94 + dahlia.ns.cloudflare.com 173.245.58.89 + daisy.ns.cloudflare.com 173.245.58.90 + dale.ns.cloudflare.com 173.245.59.95 + damon.ns.cloudflare.com 173.245.59.96 + dan.ns.cloudflare.com 173.245.59.108 + dana.ns.cloudflare.com 173.245.58.105 + dane.ns.cloudflare.com 173.245.59.97 + dara.ns.cloudflare.com 173.245.58.91 + darl.ns.cloudflare.com 173.245.59.98 + darwin.ns.cloudflare.com 173.245.59.151 + dave.ns.cloudflare.com 173.245.59.109 + david.ns.cloudflare.com 173.245.59.152 + dawn.ns.cloudflare.com 173.245.58.106 + dean.ns.cloudflare.com 173.245.59.153 + deb.ns.cloudflare.com 173.245.58.92 + dee.ns.cloudflare.com 173.245.58.93 + dell.ns.cloudflare.com 173.245.58.94 + demi.ns.cloudflare.com 173.245.58.95 + derek.ns.cloudflare.com 173.245.59.154 + desi.ns.cloudflare.com 173.245.58.96 + dilbert.ns.cloudflare.com 173.245.59.155 + dina.ns.cloudflare.com 173.245.58.107 + dion.ns.cloudflare.com 173.245.59.156 + diva.ns.cloudflare.com 173.245.58.97 + dolly.ns.cloudflare.com 173.245.58.98 + dom.ns.cloudflare.com 173.245.59.157 + donald.ns.cloudflare.com 173.245.59.158 + donna.ns.cloudflare.com 173.245.58.151 + dora.ns.cloudflare.com 173.245.58.108 + dorthy.ns.cloudflare.com 173.245.58.249 + doug.ns.cloudflare.com 173.245.59.159 + drew.ns.cloudflare.com 173.245.59.160 + duke.ns.cloudflare.com 173.245.59.110 + earl.ns.cloudflare.com 173.245.59.161 + ed.ns.cloudflare.com 173.245.59.111 + edna.ns.cloudflare.com 173.245.58.109 + elaine.ns.cloudflare.com 173.245.58.152 + elinore.ns.cloudflare.com 173.245.58.153 + elle.ns.cloudflare.com 173.245.58.110 + elliot.ns.cloudflare.com 173.245.59.162 + elma.ns.cloudflare.com 173.245.58.154 + elmo.ns.cloudflare.com 173.245.59.163 + elsa.ns.cloudflare.com 173.245.58.111 + emily.ns.cloudflare.com 173.245.58.155 + emma.ns.cloudflare.com 173.245.58.112 + eric.ns.cloudflare.com 173.245.59.112 + erin.ns.cloudflare.com 173.245.58.113 + ernest.ns.cloudflare.com 173.245.59.164 + etta.ns.cloudflare.com 173.245.58.156 + eva.ns.cloudflare.com 173.245.58.114 + evan.ns.cloudflare.com 173.245.59.165 + fay.ns.cloudflare.com 173.245.58.115 + fiona.ns.cloudflare.com 173.245.58.157 + frank.ns.cloudflare.com 173.245.59.166 + fred.ns.cloudflare.com 173.245.59.113 + gabe.ns.cloudflare.com 173.245.59.114 + gail.ns.cloudflare.com 173.245.58.116 + gene.ns.cloudflare.com 173.245.58.158 + george.ns.cloudflare.com 173.245.59.167 + gerald.ns.cloudflare.com 173.245.59.168 + gina.ns.cloudflare.com 173.245.58.117 + glen.ns.cloudflare.com 173.245.59.169 + gordon.ns.cloudflare.com 173.245.59.170 + grace.ns.cloudflare.com 173.245.58.159 + graham.ns.cloudflare.com 173.245.59.171 + greg.ns.cloudflare.com 173.245.59.115 + guss.ns.cloudflare.com 173.245.59.172 + guy.ns.cloudflare.com 173.245.59.173 + gwen.ns.cloudflare.com 173.245.58.160 + hal.ns.cloudflare.com 173.245.59.174 + hank.ns.cloudflare.com 173.245.59.116 + hans.ns.cloudflare.com 173.245.59.175 + heather.ns.cloudflare.com 173.245.58.161 + henry.ns.cloudflare.com 173.245.59.176 + hera.ns.cloudflare.com 173.245.58.162 + hope.ns.cloudflare.com 173.245.58.163 + hugh.ns.cloudflare.com 173.245.59.117 + ian.ns.cloudflare.com 173.245.59.118 + igor.ns.cloudflare.com 173.245.59.119 + ines.ns.cloudflare.com 173.245.58.164 + ingrid.ns.cloudflare.com 173.245.58.165 + iris.ns.cloudflare.com 173.245.58.118 + irma.ns.cloudflare.com 173.245.58.166 + isaac.ns.cloudflare.com 173.245.59.177 + isla.ns.cloudflare.com 173.245.58.119 + ivan.ns.cloudflare.com 173.245.59.120 + ivy.ns.cloudflare.com 173.245.58.120 + jack.ns.cloudflare.com 173.245.59.121 + jade.ns.cloudflare.com 173.245.58.167 + jake.ns.cloudflare.com 173.245.59.122 + james.ns.cloudflare.com 173.245.59.178 + jamie.ns.cloudflare.com 173.245.58.168 + janet.ns.cloudflare.com 173.245.58.169 + jasmine.ns.cloudflare.com 173.245.58.170 + jason.ns.cloudflare.com 173.245.59.179 + jay.ns.cloudflare.com 173.245.59.123 + jean.ns.cloudflare.com 173.245.58.121 + jeff.ns.cloudflare.com 173.245.59.124 + jeremy.ns.cloudflare.com 173.245.59.180 + jerome.ns.cloudflare.com 173.245.59.181 + jerry.ns.cloudflare.com 173.245.59.182 + jessica.ns.cloudflare.com 173.245.58.171 + jill.ns.cloudflare.com 173.245.58.122 + jim.ns.cloudflare.com 173.245.59.125 + jo.ns.cloudflare.com 173.245.58.172 + joan.ns.cloudflare.com 173.245.58.173 + jobs.ns.cloudflare.com 173.245.59.183 + jocelyn.ns.cloudflare.com 173.245.58.174 + joel.ns.cloudflare.com 173.245.59.184 + john.ns.cloudflare.com 173.245.59.185 + jonah.ns.cloudflare.com 173.245.59.186 + josh.ns.cloudflare.com 173.245.59.126 + jule.ns.cloudflare.com 173.245.58.175 + june.ns.cloudflare.com 173.245.58.176 + justin.ns.cloudflare.com 173.245.59.187 + kai.ns.cloudflare.com 173.245.59.188 + kami.ns.cloudflare.com 173.245.58.177 + kanye.ns.cloudflare.com 173.245.59.189 + kara.ns.cloudflare.com 173.245.58.123 + karina.ns.cloudflare.com 173.245.58.178 + karl.ns.cloudflare.com 173.245.59.190 + kate.ns.cloudflare.com 173.245.58.124 + kay.ns.cloudflare.com 173.245.58.125 + ken.ns.cloudflare.com 173.245.59.127 + kevin.ns.cloudflare.com 173.245.59.191 + kia.ns.cloudflare.com 173.245.58.179 + kiki.ns.cloudflare.com 173.245.58.180 + kim.ns.cloudflare.com 173.245.58.126 + kip.ns.cloudflare.com 173.245.59.128 + kirk.ns.cloudflare.com 173.245.59.192 + kristin.ns.cloudflare.com 173.245.58.181 + kurt.ns.cloudflare.com 173.245.59.193 + lady.ns.cloudflare.com 173.245.58.127 + lakas.ns.cloudflare.com 173.245.59.194 + lana.ns.cloudflare.com 173.245.58.182 + lara.ns.cloudflare.com 173.245.58.128 + lars.ns.cloudflare.com 173.245.59.195 + laura.ns.cloudflare.com 173.245.58.183 + leah.ns.cloudflare.com 173.245.58.129 + lee.ns.cloudflare.com 173.245.59.129 + leia.ns.cloudflare.com 173.245.58.184 + lex.ns.cloudflare.com 173.245.59.196 + lia.ns.cloudflare.com 173.245.58.185 + lila.ns.cloudflare.com 173.245.58.186 + lily.ns.cloudflare.com 173.245.58.130 + lina.ns.cloudflare.com 173.245.58.187 + linda.ns.cloudflare.com 173.245.58.250 + lisa.ns.cloudflare.com 173.245.58.131 + liv.ns.cloudflare.com 173.245.58.188 + liz.ns.cloudflare.com 173.245.58.189 + lloyd.ns.cloudflare.com 173.245.59.197 + logan.ns.cloudflare.com 173.245.59.198 + lola.ns.cloudflare.com 173.245.58.132 + lorna.ns.cloudflare.com 173.245.58.190 + lou.ns.cloudflare.com 173.245.59.199 + lucy.ns.cloudflare.com 173.245.58.133 + luke.ns.cloudflare.com 173.245.59.200 + lynn.ns.cloudflare.com 173.245.59.201 + major.ns.cloudflare.com 173.245.59.241 + marek.ns.cloudflare.com 173.245.59.202 + marge.ns.cloudflare.com 173.245.58.191 + maria.ns.cloudflare.com 173.245.58.192 + mario.ns.cloudflare.com 173.245.59.203 + marjory.ns.cloudflare.com 173.245.58.193 + mark.ns.cloudflare.com 173.245.59.130 + marty.ns.cloudflare.com 173.245.59.204 + mary.ns.cloudflare.com 173.245.58.134 + matt.ns.cloudflare.com 173.245.59.131 + max.ns.cloudflare.com 173.245.59.132 + may.ns.cloudflare.com 173.245.58.135 + maya.ns.cloudflare.com 173.245.58.194 + meera.ns.cloudflare.com 173.245.58.195 + meg.ns.cloudflare.com 173.245.58.196 + megan.ns.cloudflare.com 173.245.58.197 + melinda.ns.cloudflare.com 173.245.58.198 + melissa.ns.cloudflare.com 173.245.58.199 + merlin.ns.cloudflare.com 173.245.59.205 + mia.ns.cloudflare.com 173.245.58.200 + micah.ns.cloudflare.com 173.245.59.206 + michelle.ns.cloudflare.com 173.245.58.201 + miki.ns.cloudflare.com 173.245.58.202 + miles.ns.cloudflare.com 173.245.59.207 + mimi.ns.cloudflare.com 173.245.58.203 + mira.ns.cloudflare.com 173.245.58.204 + mitch.ns.cloudflare.com 173.245.59.208 + molly.ns.cloudflare.com 173.245.58.205 + mona.ns.cloudflare.com 173.245.58.206 + nadia.ns.cloudflare.com 173.245.58.207 + naomi.ns.cloudflare.com 173.245.58.208 + nash.ns.cloudflare.com 173.245.59.209 + ned.ns.cloudflare.com 173.245.59.210 + neil.ns.cloudflare.com 173.245.59.211 + nelly.ns.cloudflare.com 173.245.58.209 + newt.ns.cloudflare.com 173.245.59.212 + nia.ns.cloudflare.com 173.245.58.210 + nick.ns.cloudflare.com 173.245.59.213 + nicole.ns.cloudflare.com 173.245.58.211 + nile.ns.cloudflare.com 173.245.59.214 + nina.ns.cloudflare.com 173.245.58.136 + nitin.ns.cloudflare.com 173.245.59.215 + noah.ns.cloudflare.com 173.245.59.133 + noel.ns.cloudflare.com 173.245.59.216 + nola.ns.cloudflare.com 173.245.58.212 + nora.ns.cloudflare.com 173.245.58.213 + norm.ns.cloudflare.com 173.245.59.134 + norman.ns.cloudflare.com 173.245.59.217 + olga.ns.cloudflare.com 173.245.58.137 + oswald.ns.cloudflare.com 173.245.59.218 + owen.ns.cloudflare.com 173.245.59.219 + pablo.ns.cloudflare.com 173.245.59.220 + pam.ns.cloudflare.com 173.245.58.138 + pat.ns.cloudflare.com 173.245.58.139 + paul.ns.cloudflare.com 173.245.59.135 + pete.ns.cloudflare.com 173.245.59.136 + peyton.ns.cloudflare.com 173.245.59.221 + phil.ns.cloudflare.com 173.245.59.137 + piotr.ns.cloudflare.com 173.245.59.222 + plato.ns.cloudflare.com 173.245.59.223 + pola.ns.cloudflare.com 173.245.58.214 + rachel.ns.cloudflare.com 173.245.58.215 + rafe.ns.cloudflare.com 173.245.58.216 + rajeev.ns.cloudflare.com 173.245.59.224 + ram.ns.cloudflare.com 173.245.59.225 + ray.ns.cloudflare.com 173.245.59.138 + reza.ns.cloudflare.com 173.245.58.217 + rick.ns.cloudflare.com 173.245.59.139 + rihana.ns.cloudflare.com 173.245.58.244 + rita.ns.cloudflare.com 173.245.58.140 + roan.ns.cloudflare.com 173.245.59.226 + rob.ns.cloudflare.com 173.245.59.140 + robin.ns.cloudflare.com 173.245.58.218 + rocky.ns.cloudflare.com 173.245.59.227 + rodney.ns.cloudflare.com 173.245.59.228 + rosa.ns.cloudflare.com 173.245.58.228 + rose.ns.cloudflare.com 173.245.58.141 + roxy.ns.cloudflare.com 173.245.58.142 + rudy.ns.cloudflare.com 173.245.59.229 + ruth.ns.cloudflare.com 173.245.58.143 + sam.ns.cloudflare.com 173.245.59.141 + sandy.ns.cloudflare.com 173.245.58.219 + sara.ns.cloudflare.com 173.245.58.144 + scott.ns.cloudflare.com 173.245.59.230 + sean.ns.cloudflare.com 173.245.59.231 + serena.ns.cloudflare.com 173.245.58.220 + seth.ns.cloudflare.com 173.245.59.142 + sharon.ns.cloudflare.com 173.245.58.221 + sid.ns.cloudflare.com 173.245.59.143 + sima.ns.cloudflare.com 173.245.58.222 + simon.ns.cloudflare.com 173.245.59.232 + skip.ns.cloudflare.com 173.245.59.233 + sofia.ns.cloudflare.com 173.245.58.223 + sri.ns.cloudflare.com 173.245.59.234 + stan.ns.cloudflare.com 173.245.59.235 + sue.ns.cloudflare.com 173.245.58.145 + tani.ns.cloudflare.com 173.245.58.224 + tara.ns.cloudflare.com 173.245.58.225 + tegan.ns.cloudflare.com 173.245.58.226 + terin.ns.cloudflare.com 173.245.59.236 + terry.ns.cloudflare.com 173.245.59.237 + tess.ns.cloudflare.com 173.245.58.227 + theo.ns.cloudflare.com 173.245.59.144 + thomas.ns.cloudflare.com 173.245.59.238 + tia.ns.cloudflare.com 173.245.58.229 + tim.ns.cloudflare.com 173.245.59.145 + tina.ns.cloudflare.com 173.245.58.230 + toby.ns.cloudflare.com 173.245.59.239 + todd.ns.cloudflare.com 173.245.59.146 + tom.ns.cloudflare.com 173.245.59.147 + tony.ns.cloudflare.com 173.245.59.240 + tori.ns.cloudflare.com 173.245.58.231 + trey.ns.cloudflare.com 173.245.59.242 + tricia.ns.cloudflare.com 173.245.58.232 + ulla.ns.cloudflare.com 173.245.58.233 + uma.ns.cloudflare.com 173.245.58.146 + val.ns.cloudflare.com 173.245.58.234 + venus.ns.cloudflare.com 173.245.58.235 + vera.ns.cloudflare.com 173.245.58.147 + vern.ns.cloudflare.com 173.245.59.243 + vick.ns.cloudflare.com 173.245.59.244 + vida.ns.cloudflare.com 173.245.58.236 + vin.ns.cloudflare.com 173.245.59.245 + violet.ns.cloudflare.com 173.245.58.237 + vita.ns.cloudflare.com 173.245.58.238 + wally.ns.cloudflare.com 173.245.58.239 + walt.ns.cloudflare.com 173.245.59.148 + wanda.ns.cloudflare.com 173.245.58.240 + wesley.ns.cloudflare.com 173.245.59.246 + west.ns.cloudflare.com 173.245.59.247 + will.ns.cloudflare.com 173.245.59.149 + woz.ns.cloudflare.com 173.245.59.150 + yichun.ns.cloudflare.com 173.245.59.248 + yolanda.ns.cloudflare.com 173.245.58.241 + zara.ns.cloudflare.com 173.245.58.148 + zelda.ns.cloudflare.com 173.245.58.242 + zeus.ns.cloudflare.com 173.245.59.249 + zita.ns.cloudflare.com 173.245.58.243 + zod.ns.cloudflare.com 173.245.59.250 + zoe.ns.cloudflare.com 173.245.58.149 +``` + +``` + The third quad is 58 or 59, and the + fourth quad is between 54 and 250. + + Now put them together: + + quad4 = quad4 + 1 + if quad4 > 250 + { + quad4 = 54 + if quad3 == 58 then quad3 = 59 else quad3 = 58 + } +``` + +--- + +[home](README.md) \ No newline at end of file diff --git a/subfiles/classics/cfs.md b/subfiles/classics/cfs.md new file mode 100644 index 0000000000..ee1309d180 --- /dev/null +++ b/subfiles/classics/cfs.md @@ -0,0 +1,12 @@ +# Uncovering bad guys hiding behind CloudFlare + + +We believe in privacy for passive users of the web. But publishers on the web, as opposed to passive users who merely read pages, should be accountable. All CloudFlare customers are publishers, and many use CloudFlare because it encourages them to hide their original IP address. When they receive abuse complaints, CloudFlare resorts to diversions to pretend that they are acting responsibly — assuming that they respond at all. A refusal to embrace web accountability leads to cybercrime. That's why we use the term "CrimeFlare" to describe this company. + +There are sites on the web that specialize in collecting registration and nameserver data. Several are serious research sites, while the rest are sites claiming that various domain names are worth big bucks in potential ad revenue, based on their traffic. Customers must change the nameservers on their registration in order to use most services. Each customer's domain is assigned two nameservers. This makes it easier to verify which domains depend on CloudFlare, and helps us keep our domain lists relatively current. + +![](img/adman2.gif) + +--- + +[home](README.md) diff --git a/subfiles/classics/cfsites.md b/subfiles/classics/cfsites.md new file mode 100644 index 0000000000..32134f3f94 --- /dev/null +++ b/subfiles/classics/cfsites.md @@ -0,0 +1,26 @@ +# Some domains that recently used CloudFlare + +### "Protecting our customers from bad guys..." + +Do these domains deserve CloudFlare's protection? +Perhaps we all need to be protected from CloudFlare! + +![](img/skull.jpg) + +![](img/cfhacker.jpg) + +![](img/maskguy.gif) + +![](img/rstress.jpg) + +![](img/lulzsec.jpg) + +![](img/warez.jpg) + +![](img/badge1.gif) + +![](img/proxies.gif) + +--- + +[home page](README.md) \ No newline at end of file diff --git a/subfiles/classics/cfssl.md b/subfiles/classics/cfssl.md new file mode 100644 index 0000000000..b32a23002d --- /dev/null +++ b/subfiles/classics/cfssl.md @@ -0,0 +1,38 @@ + +"In other words, nothing can be done about the ISIS sites, carders, booters, gamblers, +escorts, phishers, malware, and copyright infringers that CloudFlare protects." + +# CloudFlare's half-baked SSL: suspicious sockets layer + +> October 2013 +> updated: March 18, 2020 + +We were inspired to collect the data on this page after reading this report: [Phishers using CloudFlare for SSL](https://web.archive.org/web/20210824200208/http://news.netcraft.com/archives/2013/10/07/phishers-using-cloudflare-for-ssl.html). Also see this [technical analysis](file/httpsincdn.pdf) (PDF, 545 KB) on the use of SSL by CloudFlare and similar services. The CloudFlare certificates we found all had the common name in the same style as the "ssl2796.cloudflare.com" shown in that Netcraft report. The "ssl2796" in the name is a CloudFlare tracking ID in the 49,541 root domains we found that use "standard" (not "universal") CloudFlare certificates. Every root domain also has a subdomain wildcard line (*.example.com), which we deleted to save space. + +![](img/nsa7.png) + +We compiled this list by attempting a handshake with the CloudFlare domains in our database. The "standard" certificates on this page (with "ssl" in front of the number instead of "sni") mean that the domain has a paid account at CloudFlare. Paid accounts make up about five percent of the domains that use CloudFlare, according to [news reports](https://web.archive.org/web/20210824200208/http://web.archive.org/web/20160310090126/http://www.cnbc.com/2014/12/22/cloudflare-to-open-a-data-center-a-week-in-2015.html). It's all a marketing effort anyway, whether paid or free. There is no such thing as "secure" SSL when you have potential Men-In-The-Middle at scores of data centers around the world. Local authorities could be sniffing the plaintext available at these data centers, and CloudFlare wouldn't have a clue. (Their "data centers" are typically a rack or two of equipment that CloudFlare ships to a real data center, along with installation instructions.) We asked CloudFlare to confirm that sniffing is possible at these so-called "data centers," but they didn't respond. By now we're wondering if there's a plaintext Ethernet port at the back of their equipment rack that makes interception easy and convenient. If so, it would make no difference whether the origin server has its own certificate. + +![](img/sniff2.gif) + +CloudFlare may claim that there is no way plaintext can be accessed from their equipment racks, despite the fact that some sort of decrypt and re-encrypt must occur there due to the nature of their role as a CDN. After all, CloudFlare has engineers who come up with clever techniques to enhance SSL. But imagine that you are a government regulator in a country where a big ISP hosts a CloudFlare "data center." Your job is to consider the Internet in terms of public safety and current laws, and you go to that ISP with a list of CloudFlare-user domains you want blocked. The ISP replies that everything is encrypted, and CloudFlare traffic cannot be intercepted. In other words, nothing can be done about the ISIS sites, carders, booters, gamblers, escorts, phishers, malware, and copyright infringers that CloudFlare protects. How would you respond? It's fairly obvious — you ask this ISP to block the CloudFlare IP addresses used by the offending domains. If those IPs change, then block CloudFlare's entire IP space, and continue to monitor the situation. If CloudFlare's traffic still gets through, you ask the ISP to pull the plug on CloudFlare's racks. This is why CloudFlare will add a plaintext port to their own hardware someday, if they haven't already. + +The CloudFlare certificates below encrypt the traffic only between the browser and CloudFlare. The traffic between the original web server and CloudFlare remains unencrypted unless the web server owner has his own certificate installed on his machine. Almost everyone who browses a https domain reached from CloudFlare is unaware that just half of the route is encrypted. When they see the padlock on their screen, they feel that everything is safe. This is why phishers love CloudFlare's SSL. It's easy to use for a cybercriminal with numerous domains hidden behind the privacy services of various registrars. Moreover, the subdomain wildcard option on each domain is handy for obscuring a URL in a phishing email. + +Suppose that grandpa, age 90, gets an official-looking email that advises him to immediately change his password. He clicks on the URL in the email and ends up at bankofamerica.q4.es. This page is an excellent imitation of the Bank of America pages he remembers, and there is also that nice little SSL padlock in the corner of the address bar. Would he fill out the form? Probably, because he doesn't realize that he's at a subdomain of q4.es and is entering his old and new password into a fake page for the benefit of a phisher. + +![](img/phish1.gif) + +As if the "standard" certificates aren't enough of a problem, there are also over four million "universal" certificates that present bigger problems. All you need for a free CloudFlare account is a domain and an email address. Little countries and even some little islands all have their own top-level domain these days. Rich people can buy a generic top-level domain. Many registrars around the world are pleased to sell these ccTLD and gTLD registrations. It's a cash cow for everyone, but especially for bad guys. The same situation exists for anyone who needs a throwaway email address that's nearly impossible to trace. + +Now add CloudFlare's free fly-by-night "universal" SSL. When you email CloudFlare to open your new account, they ask for your domain. Then they scrape your zone file from whatever dubious nameservers are listed at your dubious registrar. Without asking, they assign you a dubious "universal" SSL certificate. All of these "universal" certificates include that magical wildcard subdomain that invites so much mischief. Some critics are referring to these CloudFlare certificates as "fraudulent" because the domain ownership validation (a necessary component of the SSL standard) is achieved only from CloudFlare's initial access to the zone file. + +With the paid accounts, there are payment records associated with a CloudFlare customer. But with free CloudFlare accounts, everything is too easy for bad guys, and the information about who's really behind a domain is frequently beyond the reach of law enforcement. The problem is that Silicon Valley is too self-serving. After the embarrassing NSA leaks, Google declared that everyone should look for a little padlock on their screen when they visit a website. Even your cat pictures should sport a little padlock these days! Now CloudFlare comes along and hopes to pave their way toward an IPO by giving away more free padlocks than anyone else. But by now the padlocks are almost meaningless. The NSA probably finds this amusing. + +![](img/nsa5.gif) + +![](img/kiddie.gif) + +--- + +[home](README.md) diff --git a/subfiles/classics/cfterms.md b/subfiles/classics/cfterms.md new file mode 100644 index 0000000000..12af752107 --- /dev/null +++ b/subfiles/classics/cfterms.md @@ -0,0 +1,44 @@ +Anyone who knew anything about CloudFlare found their original Terms of Service to be unintentionally comical. The section below is preserved for your amusement. It came from CloudFlare's Terms of Service before before it was [changed](https://web.archive.org/web/20210826102411/https://www.cloudflare.com/terms) on 2012-08-20: + + +``` + SECTION 11: PROHIBITED USES + + You shall not post, transmit, retransmit, cache, or store material on or through CloudFlare's Service which, in the sole judgment of CloudFlare (a) is in violation of any local, state, federal, or foreign law or regulation, (b) is threatening, obscene, indecent, defamatory, or that otherwise could adversely affect any individual, group, or entity (collectively, "Persons"), or (c) violates the rights of any Person, including rights protected by copyright, trade secret, patent, or other intellectual property or similar laws or regulations including, but not limited to, the installation or distribution of "pirated" or other software products that are not appropriately licensed for Your use. You agree that you will NOT knowingly use the Service, among other things, to: +``` + +![](img/tweetie.gif) ![](img/laughing.gif) + +``` + 1. upload, post, transmit, or otherwise make available any content that is unlawful, harmful, threatening, abusive, harassing, tortious, defamatory, vulgar, obscene, libelous, invasive of another's privacy, hateful, or racially, ethnically, or otherwise objectionable; + + 2. harm minors in any way; + + 3. impersonate any person or entity, including but not limited to a CloudFlare official, forum leader, guide, or host, or falsely state or otherwise misrepresent your affiliation with a person or entity; + + 4. forge headers or otherwise manipulate identifiers in order to disguise the origin of any content transmitted through the Service; + + 5. upload, post, transmit, or otherwise make available any content that You do not have a right to make available under any law or under contractual or fiduciary relationships (such as inside information, proprietary, and confidential information learned or disclosed as part of employment relationships or under nondisclosure agreements); + + 6. upload, post, transmit, or otherwise make available any content that infringes any patent, trademark, trade secret, copyright, or other proprietary rights of any party; + + 7. upload, post, transmit, or otherwise make available any unsolicited or unauthorized advertising, promotional materials, "junk mail," "spam," "chain letters," "pyramid schemes," or the like; + + 8. upload, post, transmit, or otherwise make available any material that contains software viruses or any other computer code, files, or programs designed to interrupt, destroy, or limit the functionality of any computer software or hardware or telecommunications equipment; + + 9. interfere with or disrupt the Service or servers or networks connected to the Service, or disobey any requirements, procedures, policies, or regulations of networks connected to the Service; + + 10. intentionally or unintentionally violate, attempt to violate, or avoid any applicable ICANN regulation or policy; + + 11. intentionally or unintentionally violate any applicable local, state, national or international law, including, but not limited to, regulations promulgated by the U.S. Securities and Exchange Commission, any rules of any national or other securities exchange, including, without limitation, the New York Stock Exchange, the American Stock Exchange, or the NASDAQ, and any regulations having the force of law; + + 12. provide material support or resources (or to conceal or disguise the nature, location, source, or ownership of material support or resources) to any organization(s) designated by the United States government as a foreign terrorist organization pursuant to section 219 of the Immigration and Nationality Act; + + 13. "stalk" or otherwise harass another; or + + 14. promote or provide instructional information about illegal activities, promote physical harm or injury against any group or individual, or promote any act of cruelty to animals. This may include, but is not limited to, providing instructions on how to assemble bombs, grenades, and other weapons, and creating "Crush" sites. +``` + +--- + +[home page](README.md) diff --git a/subfiles/classics/cfusers.md b/subfiles/classics/cfusers.md new file mode 100644 index 0000000000..ca0d326f9f --- /dev/null +++ b/subfiles/classics/cfusers.md @@ -0,0 +1,200 @@ +# Where in the world are those CloudFlare domains? + + +This site has recorded 2,608,730 direct-connect IP addresses of domains that used CloudFlare's nameservers since August 2012. Some of these domains no longer use CloudFlare, and others have shown various IPs over time. If a domain still uses CloudFlare, our [domain search box](cfs.md) displays dates when IP information was captured. + +The countries below are preceded by the percentage of the domains in our database that geolocate to that country, based on an IP address lookup. By clicking on this percentage, you get a breakdown of the /24 netblocks of CloudFlare domains for that country, preceded by a count of those domains. Then by clicking on that number, you see the actual domains behind the count. + +![](img/geoip.gif) + +A /24 netblock is a set of IP addresses with identical numbers in the first three quads, and numbers from 0 to 255 in the fourth quad. This was once the smallest unit of address space that was allocated to applicants such as hosting providers. In recent years, however, IP address space has become fragmented because IPv4 addresses are in short supply. + + +``` + 50.708 UNITED STATES + 7.004 GERMANY + 4.517 UNITED KINGDOM + 4.140 NETHERLANDS + 3.692 HONG KONG + 3.377 FRANCE + 3.061 CANADA + 2.591 CHINA + 2.588 AUSTRALIA + 2.573 IRELAND + 2.212 SINGAPORE + 1.368 JAPAN + 1.225 RUSSIA + 0.582 POLAND + 0.571 BRAZIL + 0.565 VIET NAM + 0.545 INDIA + 0.534 TAIWAN + 0.500 ITALY + 0.476 TURKEY + 0.408 SPAIN + 0.406 MALAYSIA + 0.405 SWEDEN + 0.377 KOREA, SOUTH + 0.358 FINLAND + 0.357 BELGIUM + 0.290 UKRAINE + 0.275 ROMANIA + 0.269 INDONESIA + 0.243 SOUTH AFRICA + 0.238 THAILAND + 0.223 SWITZERLAND + 0.200 CZECHIA + 0.193 DENMARK + 0.171 BULGARIA + 0.153 PORTUGAL + 0.150 HUNGARY + 0.141 NEW ZEALAND + 0.138 ISRAEL + 0.134 IRAN + 0.129 LITHUANIA + 0.079 GREECE + 0.072 NORWAY + 0.070 ARGENTINA + 0.066 LATVIA + 0.065 AUSTRIA + 0.057 LUXEMBOURG + 0.054 CHILE + 0.052 SLOVENIA + 0.047 CROATIA + 0.041 SLOVAKIA + 0.040 ESTONIA + 0.035 KAZAKHSTAN + 0.032 SEYCHELLES + 0.024 CYPRUS + 0.023 BELIZE + 0.020 PHILIPPINES + 0.020 MOLDOVA + 0.020 MEXICO + 0.019 BELARUS + 0.018 VIRGIN ISLANDS, BRITISH + 0.018 ICELAND + 0.018 COSTA RICA + 0.015 SERBIA + 0.014 UNITED ARAB EMIRATES + 0.014 SAUDI ARABIA + 0.012 COLOMBIA + 0.010 NEPAL + 0.010 MOROCCO + 0.009 MALTA + 0.009 GEORGIA + 0.009 BANGLADESH + 0.008 PANAMA + 0.008 PAKISTAN + 0.008 ISLE OF MAN + 0.008 ARMENIA + 0.007 EGYPT + 0.007 BAHRAIN + 0.007 AZERBAIJAN + 0.006 URUGUAY + 0.005 MACAO + 0.005 CAMBODIA + 0.004 VENEZUELA + 0.004 UZBEKISTAN + 0.004 NORTH MACEDONIA + 0.003 SRI LANKA + 0.003 PUERTO RICO + 0.003 JORDAN + 0.003 GUATEMALA + 0.003 ECUADOR + 0.003 CURACAO + 0.003 CAYMAN ISLANDS + 0.003 BOSNIA AND HERZEGOVINA + 0.002 TUNISIA + 0.002 PERU + 0.002 PALESTINIAN TERRITORY + 0.002 MAURITIUS + 0.002 KYRGYZSTAN + 0.002 KENYA + 0.002 GUERNSEY + 0.002 DOMINICAN REPUBLIC + 0.002 BRUNEI DARUSSALAM + 0.002 ALBANIA + 0.001 TRINIDAD AND TOBAGO + 0.001 SURINAME + 0.001 QATAR + 0.001 PARAGUAY + 0.001 OMAN + 0.001 NIGERIA + 0.001 NICARAGUA + 0.001 NEW CALEDONIA + 0.001 MYANMAR + 0.001 MONTENEGRO + 0.001 MONGOLIA + 0.001 MALDIVES + 0.001 LEBANON + 0.001 JAMAICA + 0.001 IRAQ + 0.001 HAITI + 0.001 GIBRALTAR + 0.001 DOMINICA + 0.001 BOTSWANA + 0.001 BAHAMAS + 0.000 ZIMBABWE + 0.000 ZAMBIA + 0.000 VIRGIN ISLANDS, U.S. + 0.000 VANUATU + 0.000 UGANDA + 0.000 TURKMENISTAN + 0.000 TOGO + 0.000 TANZANIA + 0.000 TAJIKISTAN + 0.000 SYRIAN ARAB REPUBLIC + 0.000 SAN MARINO + 0.000 SAMOA + 0.000 SAINT VINCENT AND GRENADINES + 0.000 SAINT MARTIN (FRENCH PART) + 0.000 SAINT KITTS AND NEVIS + 0.000 SAINT BARTHELEMY + 0.000 RWANDA + 0.000 REUNION + 0.000 PAPUA NEW GUINEA + 0.000 NORTHERN MARIANA ISLANDS + 0.000 NAMIBIA + 0.000 MOZAMBIQUE + 0.000 MONACO + 0.000 MARSHALL ISLANDS + 0.000 MALI + 0.000 MALAWI + 0.000 MADAGASCAR + 0.000 LIECHTENSTEIN + 0.000 LIBYA + 0.000 LAOS + 0.000 KUWAIT + 0.000 KOREA, NORTH + 0.000 JERSEY + 0.000 HONDURAS + 0.000 GUINEA + 0.000 GUAM + 0.000 GREENLAND + 0.000 GHANA + 0.000 FRENCH POLYNESIA + 0.000 FIJI + 0.000 FAROE ISLANDS + 0.000 ETHIOPIA + 0.000 EL SALVADOR + 0.000 CUBA + 0.000 COTE D'IVOIRE + 0.000 COOK ISLANDS + 0.000 CONGO, DEMOCRATIC REPUBLIC + 0.000 CAMEROON + 0.000 BONAIRE + 0.000 BOLIVIA + 0.000 BERMUDA + 0.000 BENIN + 0.000 BARBADOS + 0.000 ANTIGUA AND BARBUDA + 0.000 ANGOLA + 0.000 ANDORRA + 0.000 ALGERIA + 0.000 ALAND ISLANDS + 0.000 AFGHANISTAN +``` + +--- + +[home page](README.md) \ No newline at end of file diff --git a/subfiles/classics/damon.md b/subfiles/classics/damon.md new file mode 100644 index 0000000000..43b6ac9985 --- /dev/null +++ b/subfiles/classics/damon.md @@ -0,0 +1,26 @@ +## Dear Damon Billian: We're not as stupid as you think! + +_Please stop your insulting comments on forums_ + + +![](img/billian.jpg) + + +CloudFlare is hosting the DNS lookups for their customers by providing the nameservers. The entire point of DMCA and other laws concerning content on the web is to provide due process toward removing the offending content from the Internet, so that it cannot be seen by the public. If CloudFlare deleted the nameserver records for the offending domain, it would effectively be removed from the web. The content would be unreachable within a matter of minutes. + +Stop insulting us, Mr. Billian. Obviously it wouldn't affect the existence of that content on the original server. It is also true that if the owner of that server tossed his box into a dumpster, the content would still be on that server. This is utterly irrelevant. + +The point is this: **it would be gone from the web**. Yes, the owner can change the authoritative nameservers to a non-Cloudflare DNS provider through his registrar, and the content would again be available on the web. But if that happened we would be one step closer to identifying the owner. This owner is probably using CloudFlare because you are hiding his identity. Chances are that he would remove the offending content himself before exposing information that could reveal his identity. + +![](img/mit53.gif) + +When you write that you "respond to valid DMCA complaints with who the hosting provider is to people that file a valid DMCA complaint," you are being disingenuous. Your DMCA form is carefully designed to obstruct complaints. On those rare occasions when a complaint arrives despite this, you respond with the netname and not the IP address. In every case we've seen, the netname is not specific enough to identify the box that is hosting the content. This means that the information you provide is often useless. + +![](img/damon.gif) + +![](img/justin.png) + + +--- + +[home page](README.md) \ No newline at end of file diff --git a/subfiles/classics/file/httpsincdn.pdf b/subfiles/classics/file/httpsincdn.pdf new file mode 100644 index 0000000000..8c71742593 Binary files /dev/null and b/subfiles/classics/file/httpsincdn.pdf differ diff --git a/subfiles/classics/honeypot.md b/subfiles/classics/honeypot.md new file mode 100644 index 0000000000..ebfeff1c4f --- /dev/null +++ b/subfiles/classics/honeypot.md @@ -0,0 +1,33 @@ +## A quotation from CEO Matthew Prince +( from the University of [Chicago law school journal](https://web.archive.org/web/20210826102142/https://web.archive.org/web/20170217121944/http://www.law.uchicago.edu/alumni/accoladesandachievements/matthew-prince-00-discusses-cloudflare-cloud-computing-journal) ) + +![](img/spy.gif) ![](img/honey3.jpg) + +``` +Back in 2003, Lee Holloway and I started Project Honey Pot as an open-source project to track online fraud and abuse. The Project allowed anyone with a website to install a piece of code and track hackers and spammers. We ran it as a hobby and didn't think much about it until, in 2008, the Department of Homeland Security called and said, 'Do you have any idea how valuable the data you have is?' That started us thinking about how we could effectively deploy the data from Project Honey Pot, as well as other sources, in order to protect websites online. That turned into the initial impetus for CloudFlare. +``` + + +When you fetch a page from a website that is served from CloudFlare, Javascript has been injected on-the-fly into that page by CloudFlare, and they also plant a cookie that brands your browser with a globally-unique ID. This happens even if the website is using SSL and shows a cute little padlock in your browser. In fact, their entire approach to SSL appears to be a cynical marketing effort — it has a [man-in-the-middle problem](cfssl.md) that cannot be resolved. + +![](img/hivemind.jpg) + +We don't know if CloudFlare is tracking you. We do know that they are perfectly positioned to immediately begin tracking web surfers who visit selected sites hosted by CloudFlare. Is this why they proxy so many dodgy sites? Are they trying to jack up their stats and hype their way into another round of venture funding, or are they getting black-budget bucks from the feds? Or both? + +![](img/honeypot.gif) + +BBC reporter [Zoe Kleinman](https://web.archive.org/web/20210826102142/https://www.bbc.com/news/business-37348016) wrote that Matthew Prince wanted $20,000 for the Honey Pot data. "That check showed up so fast," said Prince. Michelle Zatlyn heard the story from Prince and replied, "If they'll pay for it, other people will pay for it." Soon she and Prince cofounded CloudFlare. + +![](img/police.gif) + +Prince gave a presentation in 2005 at a conference in Vienna. And even today, + [LinkedIn](../../image/whoismp.jpg) brags of his "substantial work with government and law enforcement." +Project Honey Pot was launched by Prince's [Unspam Technologies](https://web.archive.org/web/20210826102142/http://web.archive.org/web/20190331015236/http://www.unspam.com/), a start-up +that began circa 2001 and can only be described as a [slow-motion train wreck](https://web.archive.org/web/20210826102142/http://www.datamation.com/columns/executive_tech/article.php/3526181/How-Utah-Michigan-Legislators-Got-Fooled.htm). + +![](img/nsa2.gif) + + +--- + +[home page](README.md) \ No newline at end of file diff --git a/subfiles/classics/img/adman2.gif b/subfiles/classics/img/adman2.gif new file mode 100644 index 0000000000..10e56572a4 Binary files /dev/null and b/subfiles/classics/img/adman2.gif differ diff --git a/subfiles/classics/img/badge1.gif b/subfiles/classics/img/badge1.gif new file mode 100644 index 0000000000..12efecc465 Binary files /dev/null and b/subfiles/classics/img/badge1.gif differ diff --git a/subfiles/classics/img/billian.jpg b/subfiles/classics/img/billian.jpg new file mode 100644 index 0000000000..ec1d60353e Binary files /dev/null and b/subfiles/classics/img/billian.jpg differ diff --git a/subfiles/classics/img/cfads6.jpg b/subfiles/classics/img/cfads6.jpg new file mode 100644 index 0000000000..f5a1c69305 Binary files /dev/null and b/subfiles/classics/img/cfads6.jpg differ diff --git a/subfiles/classics/img/cfeu.gif b/subfiles/classics/img/cfeu.gif new file mode 100644 index 0000000000..081bb09364 Binary files /dev/null and b/subfiles/classics/img/cfeu.gif differ diff --git a/subfiles/classics/img/cfeunew.gif b/subfiles/classics/img/cfeunew.gif new file mode 100644 index 0000000000..e1e31dd674 Binary files /dev/null and b/subfiles/classics/img/cfeunew.gif differ diff --git a/subfiles/classics/img/cfhacker.jpg b/subfiles/classics/img/cfhacker.jpg new file mode 100644 index 0000000000..dcf21ca6f5 Binary files /dev/null and b/subfiles/classics/img/cfhacker.jpg differ diff --git a/subfiles/classics/img/cfsign.jpg b/subfiles/classics/img/cfsign.jpg new file mode 100644 index 0000000000..f3376a5dc5 Binary files /dev/null and b/subfiles/classics/img/cfsign.jpg differ diff --git a/subfiles/classics/img/cleary2.jpg b/subfiles/classics/img/cleary2.jpg new file mode 100644 index 0000000000..e6bfb8fcd4 Binary files /dev/null and b/subfiles/classics/img/cleary2.jpg differ diff --git a/subfiles/classics/img/code5.gif b/subfiles/classics/img/code5.gif new file mode 100644 index 0000000000..de54a10433 Binary files /dev/null and b/subfiles/classics/img/code5.gif differ diff --git a/subfiles/classics/img/couple5.gif b/subfiles/classics/img/couple5.gif new file mode 100644 index 0000000000..6f6e201725 Binary files /dev/null and b/subfiles/classics/img/couple5.gif differ diff --git a/subfiles/classics/img/daddy5.jpg b/subfiles/classics/img/daddy5.jpg new file mode 100644 index 0000000000..ec3b0f468d Binary files /dev/null and b/subfiles/classics/img/daddy5.jpg differ diff --git a/subfiles/classics/img/damon.gif b/subfiles/classics/img/damon.gif new file mode 100644 index 0000000000..df3fc071cf Binary files /dev/null and b/subfiles/classics/img/damon.gif differ diff --git a/subfiles/classics/img/damonb.gif b/subfiles/classics/img/damonb.gif new file mode 100644 index 0000000000..d73ba3cc8d Binary files /dev/null and b/subfiles/classics/img/damonb.gif differ diff --git a/subfiles/classics/img/dmca9.gif b/subfiles/classics/img/dmca9.gif new file mode 100644 index 0000000000..ca1a4cee77 Binary files /dev/null and b/subfiles/classics/img/dmca9.gif differ diff --git a/subfiles/classics/img/eggs.jpg b/subfiles/classics/img/eggs.jpg new file mode 100644 index 0000000000..2d402c6450 Binary files /dev/null and b/subfiles/classics/img/eggs.jpg differ diff --git a/subfiles/classics/img/evo20.gif b/subfiles/classics/img/evo20.gif new file mode 100644 index 0000000000..da206068e6 Binary files /dev/null and b/subfiles/classics/img/evo20.gif differ diff --git a/subfiles/classics/img/geek7.jpg b/subfiles/classics/img/geek7.jpg new file mode 100644 index 0000000000..d4eb8bce31 Binary files /dev/null and b/subfiles/classics/img/geek7.jpg differ diff --git a/subfiles/classics/img/geoip.gif b/subfiles/classics/img/geoip.gif new file mode 100644 index 0000000000..6828e9cb1d Binary files /dev/null and b/subfiles/classics/img/geoip.gif differ diff --git a/subfiles/classics/img/harvard.gif b/subfiles/classics/img/harvard.gif new file mode 100644 index 0000000000..d537fedb83 Binary files /dev/null and b/subfiles/classics/img/harvard.gif differ diff --git a/subfiles/classics/img/hivemind.jpg b/subfiles/classics/img/hivemind.jpg new file mode 100644 index 0000000000..701d0af543 Binary files /dev/null and b/subfiles/classics/img/hivemind.jpg differ diff --git a/subfiles/classics/img/holder.gif b/subfiles/classics/img/holder.gif new file mode 100644 index 0000000000..c733918604 Binary files /dev/null and b/subfiles/classics/img/holder.gif differ diff --git a/subfiles/classics/img/honey3.jpg b/subfiles/classics/img/honey3.jpg new file mode 100644 index 0000000000..511ef31b06 Binary files /dev/null and b/subfiles/classics/img/honey3.jpg differ diff --git a/subfiles/classics/img/honeypot.gif b/subfiles/classics/img/honeypot.gif new file mode 100644 index 0000000000..e55637bc60 Binary files /dev/null and b/subfiles/classics/img/honeypot.gif differ diff --git a/subfiles/classics/img/hype9.gif b/subfiles/classics/img/hype9.gif new file mode 100644 index 0000000000..fefd62e9dd Binary files /dev/null and b/subfiles/classics/img/hype9.gif differ diff --git a/subfiles/classics/img/jamie.gif b/subfiles/classics/img/jamie.gif new file mode 100644 index 0000000000..85acad80c3 Binary files /dev/null and b/subfiles/classics/img/jamie.gif differ diff --git a/subfiles/classics/img/justin.png b/subfiles/classics/img/justin.png new file mode 100644 index 0000000000..80a081c617 Binary files /dev/null and b/subfiles/classics/img/justin.png differ diff --git a/subfiles/classics/img/kiddie.gif b/subfiles/classics/img/kiddie.gif new file mode 100644 index 0000000000..cb1f17e531 Binary files /dev/null and b/subfiles/classics/img/kiddie.gif differ diff --git a/subfiles/classics/img/koolaid.jpg b/subfiles/classics/img/koolaid.jpg new file mode 100644 index 0000000000..4b8a54036f Binary files /dev/null and b/subfiles/classics/img/koolaid.jpg differ diff --git a/subfiles/classics/img/laughing.gif b/subfiles/classics/img/laughing.gif new file mode 100644 index 0000000000..010a2aea34 Binary files /dev/null and b/subfiles/classics/img/laughing.gif differ diff --git a/subfiles/classics/img/lulzsec.jpg b/subfiles/classics/img/lulzsec.jpg new file mode 100644 index 0000000000..7eb9fe8b04 Binary files /dev/null and b/subfiles/classics/img/lulzsec.jpg differ diff --git a/subfiles/classics/img/lulzsec2.gif b/subfiles/classics/img/lulzsec2.gif new file mode 100644 index 0000000000..4a75e3096a Binary files /dev/null and b/subfiles/classics/img/lulzsec2.gif differ diff --git a/subfiles/classics/img/mao4.gif b/subfiles/classics/img/mao4.gif new file mode 100644 index 0000000000..cc5700a524 Binary files /dev/null and b/subfiles/classics/img/mao4.gif differ diff --git a/subfiles/classics/img/marx2.gif b/subfiles/classics/img/marx2.gif new file mode 100644 index 0000000000..3cc119d470 Binary files /dev/null and b/subfiles/classics/img/marx2.gif differ diff --git a/subfiles/classics/img/maskguy.gif b/subfiles/classics/img/maskguy.gif new file mode 100644 index 0000000000..a6ae848420 Binary files /dev/null and b/subfiles/classics/img/maskguy.gif differ diff --git a/subfiles/classics/img/mit53.gif b/subfiles/classics/img/mit53.gif new file mode 100644 index 0000000000..8a98a2a2f9 Binary files /dev/null and b/subfiles/classics/img/mit53.gif differ diff --git a/subfiles/classics/img/modest.jpg b/subfiles/classics/img/modest.jpg new file mode 100644 index 0000000000..9afa10e648 Binary files /dev/null and b/subfiles/classics/img/modest.jpg differ diff --git a/subfiles/classics/img/nodmca.gif b/subfiles/classics/img/nodmca.gif new file mode 100644 index 0000000000..bf78faebed Binary files /dev/null and b/subfiles/classics/img/nodmca.gif differ diff --git a/subfiles/classics/img/nsa2.gif b/subfiles/classics/img/nsa2.gif new file mode 100644 index 0000000000..c1c5361000 Binary files /dev/null and b/subfiles/classics/img/nsa2.gif differ diff --git a/subfiles/classics/img/nsa5.gif b/subfiles/classics/img/nsa5.gif new file mode 100644 index 0000000000..5c26bc80c3 Binary files /dev/null and b/subfiles/classics/img/nsa5.gif differ diff --git a/subfiles/classics/img/nsa7.png b/subfiles/classics/img/nsa7.png new file mode 100644 index 0000000000..909b29073e Binary files /dev/null and b/subfiles/classics/img/nsa7.png differ diff --git a/subfiles/classics/img/pcihype.png b/subfiles/classics/img/pcihype.png new file mode 100644 index 0000000000..c081f0102e Binary files /dev/null and b/subfiles/classics/img/pcihype.png differ diff --git a/subfiles/classics/img/phish1.gif b/subfiles/classics/img/phish1.gif new file mode 100644 index 0000000000..5f56c7b38d Binary files /dev/null and b/subfiles/classics/img/phish1.gif differ diff --git a/subfiles/classics/img/poem.gif b/subfiles/classics/img/poem.gif new file mode 100644 index 0000000000..2163978e68 Binary files /dev/null and b/subfiles/classics/img/poem.gif differ diff --git a/subfiles/classics/img/police.gif b/subfiles/classics/img/police.gif new file mode 100644 index 0000000000..dc3c31d6ef Binary files /dev/null and b/subfiles/classics/img/police.gif differ diff --git a/subfiles/classics/img/prince.jpg b/subfiles/classics/img/prince.jpg new file mode 100644 index 0000000000..00c7d551dc Binary files /dev/null and b/subfiles/classics/img/prince.jpg differ diff --git a/subfiles/classics/img/prince5.gif b/subfiles/classics/img/prince5.gif new file mode 100644 index 0000000000..741a0d9c7e Binary files /dev/null and b/subfiles/classics/img/prince5.gif differ diff --git a/subfiles/classics/img/proxies.gif b/subfiles/classics/img/proxies.gif new file mode 100644 index 0000000000..90efa66eef Binary files /dev/null and b/subfiles/classics/img/proxies.gif differ diff --git a/subfiles/classics/img/resc3.png b/subfiles/classics/img/resc3.png new file mode 100644 index 0000000000..7c0a63e488 Binary files /dev/null and b/subfiles/classics/img/resc3.png differ diff --git a/subfiles/classics/img/rstress.jpg b/subfiles/classics/img/rstress.jpg new file mode 100644 index 0000000000..00d1dc44c6 Binary files /dev/null and b/subfiles/classics/img/rstress.jpg differ diff --git a/subfiles/classics/img/shelter4.gif b/subfiles/classics/img/shelter4.gif new file mode 100644 index 0000000000..5950a885d5 Binary files /dev/null and b/subfiles/classics/img/shelter4.gif differ diff --git a/subfiles/classics/img/sher2.gif b/subfiles/classics/img/sher2.gif new file mode 100644 index 0000000000..df671f6c71 Binary files /dev/null and b/subfiles/classics/img/sher2.gif differ diff --git a/subfiles/classics/img/skull.jpg b/subfiles/classics/img/skull.jpg new file mode 100644 index 0000000000..5daa44a26b Binary files /dev/null and b/subfiles/classics/img/skull.jpg differ diff --git a/subfiles/classics/img/smells.gif b/subfiles/classics/img/smells.gif new file mode 100644 index 0000000000..ca8e8cc9c2 Binary files /dev/null and b/subfiles/classics/img/smells.gif differ diff --git a/subfiles/classics/img/snake3.gif b/subfiles/classics/img/snake3.gif new file mode 100644 index 0000000000..80a91c81f6 Binary files /dev/null and b/subfiles/classics/img/snake3.gif differ diff --git a/subfiles/classics/img/sniff2.gif b/subfiles/classics/img/sniff2.gif new file mode 100644 index 0000000000..01f95cd332 Binary files /dev/null and b/subfiles/classics/img/sniff2.gif differ diff --git a/subfiles/classics/img/sock2.gif b/subfiles/classics/img/sock2.gif new file mode 100644 index 0000000000..19388b5b57 Binary files /dev/null and b/subfiles/classics/img/sock2.gif differ diff --git a/subfiles/classics/img/spy.gif b/subfiles/classics/img/spy.gif new file mode 100644 index 0000000000..8442ed9923 Binary files /dev/null and b/subfiles/classics/img/spy.gif differ diff --git a/subfiles/classics/img/tweetie.gif b/subfiles/classics/img/tweetie.gif new file mode 100644 index 0000000000..a2eeefa765 Binary files /dev/null and b/subfiles/classics/img/tweetie.gif differ diff --git a/subfiles/classics/img/village.gif b/subfiles/classics/img/village.gif new file mode 100644 index 0000000000..a4a1f64397 Binary files /dev/null and b/subfiles/classics/img/village.gif differ diff --git a/subfiles/classics/img/warez.jpg b/subfiles/classics/img/warez.jpg new file mode 100644 index 0000000000..cfc4923814 Binary files /dev/null and b/subfiles/classics/img/warez.jpg differ diff --git a/subfiles/classics/isis.md b/subfiles/classics/isis.md new file mode 100644 index 0000000000..3476390272 --- /dev/null +++ b/subfiles/classics/isis.md @@ -0,0 +1,32 @@ +``` +When we asked Cloudflare why it was 'protecting' ISIS websites, CEO Matthew Prince told Mirror Online it was not actually accepting money from terrorists, because the ISIS sites listed by Anonymous relied on its free service. +``` +— [Mirror Online](https://web.archive.org/web/20210826105450/http://www.mirror.co.uk/news/technology-science/technology/anonymous-hacktivists-target-american-tech-5745104), 2015-05-22 + + +### This is not true, Mr. Prince! + +We looked at 22 ISIS-related domains that use CloudFlare nameservers, and discovered that half of them are on our list of standard SSL certificates. As any CloudFlare employee could have told CEO Prince, the "standard" certificate requires a Pro account ($20/month) or better. These are not "free" accounts with "universal" certificates. + +![](img/prince5.gif) + +The easiest way for anyone check this out is to enter a domain in our search box. If it's on our SSL list, you will see a link to the SSL data for that domain at the top of our search results. + +Mr. Prince, please try harder to get your facts straight before talking to the press. This would make our job a lot easier. + +### ...one year later and we're still confused... + +``` +The Taliban's English-language website has been off line for weeks. A hacker tied to an online counter-extremism group called GhostSec claimed credit for taking it down. 'It was not easy, I had to gather a lot of information for it to happen,' the hacker, who goes by the name Paladin, said in an email. The Taliban website likely used technology from web-security provider CloudFlare to protect it from possible cyberattacks, said Paladin, who last week claimed responsibility for taking down the Persian-language version of the website as well. Matthew Prince, the chief executive officer of CloudFlare, said the San Francisco-based firm works closely with government authorities to counter extremist activity online. 'When we get notice that there is a site that is using us that may be illegal or involving content that may be problematic, we reach out to our contacts in law enforcement,' he said. Mr. Prince said he wasn't aware that the Taliban may have been using CloudFlare technology before their sites were knocked off line. +``` + — [Wall Street Journal](https://web.archive.org/web/20210826105450/http://www.wsj.com/articles/afghanistans-taliban-push-into-new-media-1465776097), 2016-06-12 + + +Is CloudFlare a [honey pot](honeypot.md), or are those venture angels +in Silicon Valley paying Mr. Prince to stay stupid? + +[Some background on 18 U.S.C. § 2339B](https://web.archive.org/web/20210826105450/https://www.lawfareblog.com/tweeting-terrorists-part-ii-does-it-violate-law-twitter-let-terrorist-groups-have-accounts), a law about supporting foreign terrorist organizations, as it might apply to Twitter (and CloudFlare). + +--- + +[home page](README.md) \ No newline at end of file diff --git a/subfiles/classics/lulzsec2.md b/subfiles/classics/lulzsec2.md new file mode 100644 index 0000000000..fd5d932d8b --- /dev/null +++ b/subfiles/classics/lulzsec2.md @@ -0,0 +1 @@ +![](img/lulzsec2.gif) \ No newline at end of file diff --git a/subfiles/classics/nytporn.txt b/subfiles/classics/nytporn.txt new file mode 100644 index 0000000000..072a0b353f --- /dev/null +++ b/subfiles/classics/nytporn.txt @@ -0,0 +1,441 @@ +New York Times, Decemter 22, 2019, page 1. + +Fighting the Good Fight Against Online Child Sexual Abuse + +Several websites popular with sexual predators were thwarted last month +after a determined campaign by groups dedicated to eliminating the +content. It was a rare victory in an unending war. + +By GABRIEL J.X. DANCE DEC. 22, 2019 + +In late November, the moderator of three highly trafficked websites posted +a message titled "R.I.P." It offered a convoluted explanation for why they +were left with no choice but to close. + +The unnamed moderator thanked over 100,000 "brothers" who had visited and +contributed to the sites before their demise, blaming an "increasingly +intolerant world" that did not allow children to "fully express +themselves." + +In fact, forums on the sites had been bastions of illegal content almost +since their inception in 2012, containing child sexual abuse photos and +videos, including violent and explicit imagery of infants and toddlers. +Exploited Articles in this series examine the explosion in online photos +and videos of children being sexually abused. They include graphic +descriptions of some instances of the abuse. + +The sites managed to survive so long because the internet provides +enormous cover for sexual predators. Apps, social media platforms and +video games are also riddled with illicit material, but they have +corporate owners -- like Facebook and Microsoft -- that can monitor and +remove it. + +In a world exploding with the imagery -- 45 million photos and videos of +child sexual abuse were reported last year alone -- the open web is a +freewheeling expanse where the underdog task of confronting the predators +falls mainly to a few dozen nonprofits with small budgets and outsize +determination. + +Several of those groups, including a child exploitation hotline in Canada, +hunted the three sites across the internet for years but could never quite +defeat them. The websites, records show, were led by an experienced +computer programmer who was adept at staying one step ahead of his +pursuers -- in particular, through the services of American and other tech +companies with policies that can be used to shield criminal behavior. + +But the Canadian hotline developed a tech weapon of its own, a +sophisticated tool to find and report illegal imagery on the web. When +the sites found the tool directed at them, they fought back with a smear +campaign, sending emails to the Canadian government and others with +unfounded claims of "grave operational and financial corruption" against +the nonprofit. + +It wasn't enough. The three sites were overwhelmed by the Canadian tool, +which had sent more than 1 million notices of illegal content to the +companies keeping them online. And last month, they were compelled to +surrender. + +"It's been a wonderful 7 years and we would've loved to go for another 7," +the sites' moderator wrote in his final post, saying they had closed +because "antis," short for "anti-pedophiles," were "hunting us to death +with unprecedented zeal." + +The victory was cheered by groups fighting online child sexual abuse, but +there were no illusions about the enormous undertaking that remained. +Thousands of other sites offer anybody with a web browser access to +illegal and depraved imagery of children, and unlike with apps, no special +software or downloads are required. + +The three shuttered sites had hidden their tracks for years using the +services of Cloudflare, an American firm that provides companies with +cyberprotections. They also found a hosting company, Novogara, that gave +them safe harbor in the Netherlands -- a small country with a robust web +business and laws that are routinely exploited by bad actors. + +Cloudflare's general counsel said the company had cooperated with the +nonprofits and law enforcement and cut ties with the sites seven times in +all, as they slightly altered their web addresses to evade targeting. A +spokesman for Novogara said the company had complied with Dutch law. + +Last year, Europe eclipsed the United States as the top hosting location +for child abuse material on the open web, according to a report by Inhope, +a group that coordinates child abuse hotlines around the world. Within +Europe, the Netherlands led the list. To report online child sexual abuse +or find resources for those in need of help, contact the National Center +for Missing and Exploited Children at 1-800-843-5678. + +In an interview in The Hague, the Dutch minister of justice, Ferdinand +Grapperhaus, said he was embarrassed by the role Dutch companies played. +"I had not realized the extent of cruelty, and how far it goes," he said. + +When hotlines like the one in Canada learn about illegal imagery, they +issue a takedown notice to the owner of the website and its hosting +company. In most cases, the content is removed within hours or days from +law-abiding sites. But because the notices are not legally binding, some +owners and web hosts ignore or delay. + +Several Dutch hosting companies will not voluntarily remove such content, +insisting that a judge decide whether it meets the legal definition of +so-called child pornography. Even when they agree, abuse imagery reappears +almost at once, setting the cycle back in motion. + +The Dutch police say they do not have the resources to play what is +essentially an endless game of Whac-a-Mole with these companies, according +to Arda Gerkens, a Dutch senator who leads Meldpunt Kinderporno, the Dutch +child abuse hotline. + +"It takes a lot of time," Ms. Gerkens said, "and basically, they are +swamped." + +That means results like last month's, while relished by hotlines around +the world, are likely to remain rare. + +Our Little Community + +The trio of shuttered websites first emerged in early 2012, according to +domain records and transcripts of online chats. + +Their professed goal was to offer an easily accessible digital space for +pedophiles and sexual predators to indulge their twisted obsessions, which +had often been shunned even on notorious websites like 4chan and 8chan. + +At least initially, the sites steered clear of imagery that was obviously +illegal, the records show, focusing instead on photos and videos of young +children posing in revealing clothing. Even so, the founder of the sites +identified in the transcripts expressed surprise in 2014 that they had +"lasted so long." + +But the Canadians were already on to them. By then, the small hotline had +been alerted to dozens of illegal images on the websites. + +As the sites gained in popularity, child sexual abuse content became more +and more common. The transcripts, which include over 10,000 time-stamped +messages on a chat app, show how the founder, a man identifying himself as +Avery Chicoine, reveled in the opportunity to interact with others who +shared his interests. + +"What we got here," he wrote in 2015, "is our little community." + +By 2017, the sites' home pages featured images of young girls that did not +legally qualify as child pornography in most countries but signaled that +there was plenty available a click away. One of the girls, no older than +7, lay on her back in sparse clothing with her legs spread; she had been a +victim of sexual abuse, according to the Canadians, and was easily +recognizable to predators through widely circulated imagery of the crimes. + +As illegal material flooded the sites, so did visitors. SimilarWeb, which +measures internet traffic, estimated that the most popular of the sites +received millions of visits a month earlier this year from an average of +more than 500,000 unique visitors. + +The moderator of the sites in recent months boasted about the traffic in a +series of emails and encrypted messages to The New York Times, attributing +the popularity to the extreme content. + +The sites' many visitors were perhaps "the most hated people on earth," he +said, describing them as belonging to an "oppressed sexual minority." He +showed no remorse for their behavior, even casting the community of +predators as visionaries whose crimes should be made legal. + +He did not identify himself and would not say if he was Mr. Chicoine - +the sites' founder, according to the chat transcripts - or if he knew him. +Last year, a Canadian by the name of Avery Chicoine with a lengthy +criminal record was arrested in British Columbia and charged with +possessing and distributing child pornography. The Canadian authorities +would not say whether the charges related to the websites. According to +court documents, he pleaded not guilty, and a trial is set for next month. +He and his lawyer did not respond to requests for comment. + +The moderator would not address another pressing question: How had the +sites managed to stay ahead of its pursuers so long? + +He said he did not want to hand a blueprint to his enemies, writing: "99% +of attempts to bring us down fail. So I want the antis to keep wasting 99% +of their time, instead of figuring out what works." + +In the chat transcripts, however, there were clues about the sites' +evasion tactics. They pointed to a major cybersecurity firm, Cloudflare. + +A High-Tech Hideaway + +Based in San Francisco, Cloudflare built a billion-dollar business +shielding websites from cyberattacks. One of its most popular services - +used by 10 percent of the world's top sites, according to the company - +can hide clients' internet addresses, making it difficult to identify the +companies hosting them. + +The protections are valuable to many legitimate companies but can also be +a boon to bad actors, though Cloudflare says it is not responsible for the +content on its clients' sites. The man accused of a mass shooting at a +Walmart in Texas had posted his manifesto on 8chan, an online message +board that had been using Cloudflare's services and was well known for +hosting hateful content. Cloudflare also came under criticism for +providing services to the neo-Nazi site The Daily Stormer. (The company +has since ended its relationship with both websites.) + +In the chat transcripts, the man identifying as Mr. Chicoine showed he was +fully aware of the company's advantages when he signed on. "What +cloudflare does is it masks and replaces your IP with one of theirs," he +wrote in 2015, using the abbreviation for internet address. + +That year, he appeared to panic when a child abuse hotline identified one +of his sites, telling a fellow moderator their operation was "finished." +But when he later realized the hotline had sent the report to Cloudflare - +and apparently not to the company that hosted the content - he seemed +relieved. "Wait," he wrote, "may be ok." + +He was right. + +One month later, he expressed exasperation that a hotline had fired off +another notice, this time to Cloudflare as well as the hosting company. +The hotline confirmed the report with The Times. Still, the sites remained +online. + +Interviews and records show that Cloudflare's services helped hold off the +day of reckoning for Mr. Chicoine's sites by providing protections that +forced hotlines to go to the company first. + +The National Center for Missing and Exploited Children, the clearinghouse +for abuse imagery in the United States, had sent Cloudflare notices about +the sites starting in 2014, said John Shehan, a vice president at the +center. Last year, it sent thousands. + +Even apart from the three sites, Mr. Shehan said, Cloudflare was well +known to be used by those who post such content. So far this year, he +said, the company had been named in 10 percent of reports about hosted +child sexual abuse material. The center is in touch with Cloudflare "every +day," Mr. Shehan said. + +Separately, records kept by the Canadian hotline, known as the Canadian +Center for Child Protection, showed that since February 2017 there had +been over 130,000 reports about 1,800 sites protected by Cloudflare. + +In December, the company was offering its services to 450 reported sites, +according to records reviewed by The Times. + +Through its general counsel, Doug Kramer, Cloudflare said it worked +closely with hotlines and law enforcement officials and responded promptly +to their requests. It denied being responsible for the images, saying +customer data was stored on its servers only briefly. Efforts to eliminate +the content, the company said, should instead focus on the web-hosting +companies. + +Records from the Canadian hotline revealed several cases in which abuse +material stayed on Cloudflare's servers even after the host company +removed it. In one instance, the imagery remained on Cloudflare for over a +week afterward, allowing predators to continue viewing it. + +"The reality is that it is totally within Cloudflare�s power to remove +child sexual abuse material that they have on their servers," said Lloyd +Richardson, the technology director at the Canadian hotline. + +Records show that for several years, the sites were clients of Cloudflare, +a U.S. tech company with servers in almost 200 cities in over 90 countries +around the world that can be used to ward off cyberattacks. + +Cloudflare's protective services obscure a website's internet address. +When you visit a protected site, you are actually communicating with a +Cloudflare server located somewhere near you. + +Somebody visiting a protected site from Oklahoma, for example, may be +directed to a Cloudflare server in Kansas City. + +That server will communicate with the website's server in turn, but only +if it needs new information. + +Often, Cloudflare will already have the information requested in its +systems. + +This means that images of abuse can remain on Cloudflare, even if they +have been removed from the original host, according to records provided by +a hotline in Canada. + +When asked why it did not cut ties with a number of companies known to +host child sexual abuse imagery, Mr. Kramer said Cloudflare was not in the +business of vetting customers' content. Doing so, he said, would have "a +lot of implications" and is "something that we really have not +entertained." + +Still, he said, the company had stopped providing services over the past +eight years to more than 5,000 clients that had shared abuse material. And +on Wednesday, the company announced a new product - currently in +development - that would allow clients to scan their own sites. + +The tension over Cloudflare's protections reflects a larger debate about +the balance between privacy on the internet and the need of law +enforcement to protect exploited children. For example, Facebook's recent +decision to encrypt its Messenger app, the largest source of reports last +year about abuse imagery, was hailed by privacy advocates but would make +it much more difficult for the authorities to catch sexual predators. + +Addressing that broad tension, Matt Wright, a special agent with the +Department of Homeland Security, said law enforcement and the tech +industry needed to find "a mutual balance" - "one where companies intended +to secure data, and protect privacy, don't get in the way of our need to +have access to critical information intended to safeguard the public, +investigate crimes and prevent future criminal activity." + +Going Rogue in the Netherlands + +There were other clues about the sites' ability to stay online, in a trail +of activity across the web that led to the Netherlands. Internet +criminals come from far and wide to leverage Dutch technology, some of the +best in the world, for the purposes of spam, malware and viruses. They do +this by using rogue hosting companies, which are infamously uncooperative +except in response to legal requests. + +"I realize that because we have such excellent internet logistics, we now +have it on our plate," said Mr. Grapperhaus, the country's minister of +justice. + +For child abuse sites like the ones identified as Mr. Chicoine's, a top +draw has been the company Novogara, formerly known as Ecatel, one of the +country's most criticized hosting businesses. + +The Chicoine sites were hosted on Novogara's servers for all of 2018 and +through the early part of this year, records show. While working with the +company, and without Cloudflare's protections at the time, the sites came +under increasing pressure from the Canadians. Their hotline, along with at +least four others around the world, stepped up their offensive, issuing +hundreds of thousands of more reports about abuse imagery. + +The number was so great, according to the Dutch and Canadian hotlines, +that Novogara blocked the groups' email addresses to avoid receiving +additional notices. Ultimately, though, the targeting was effective: +Novogara pulled the plug on the sites in May. + +Aside from sites like Mr. Chicoine's, the Dutch have an even larger +problem with sexual predators taking advantage of platforms used to upload +and share images. Since June, a company that hosts those platforms, +NFOrce, has appeared in more than half of reports the Dutch hotline has +received about illegal imagery. Over the past three years, sites using +NFOrce servers have received more than 100,000 notices of illegal content, +records show, but the company has not removed the material, according to +Ms. Gerkens, who leads the hotline. + +NFOrce's sales operations manager, Dave Bakvis, said the company's hands +were tied by Dutch laws, which prevent it from monitoring customer servers +without a court order. He said NFOrce acted immediately when it received +requests from the authorities. Separately, the websites themselves can +and do remove the content. + +"I hate child pornography," Mr. Bakvis said. + +The Dutch national prosecutor for cybercrimes, Martijn Egberts, said in an +email that issues involving "sovereignty" and "jurisdiction" complicated +the removal of illegal material - leading the authorities to cooperate "as +much as possible" with web hosts to get results. + +Legislation is now being drafted that would require Dutch web hosts to +keep the material out of their systems, essentially forcing to them to +scan for it. If a company falls short, it could face ever-increasing +fines. + +Ben van Mierlo, the national police coordinator for online child sexual +exploitation, said in an email that companies like Novogara "see +themselves as a provider of a service." The challenge for the Dutch +authorities and lawmakers, he said, was to convert them into partners in +preventing the spread of illegal imagery. + +"There is no space in the Netherlands for those individuals or companies +that threaten these basic rights for children," Mr. van Mierlo said. + +The Final Assault + +By May of this year, the moderator of the three sites was apoplectic, +complaining in an email to The Times that "tolerance" for his views was +coming to a halt. + +Over the next several months, the sites hopscotched around the world, +finding more than a half-dozen new hosts - to pick up where Novogara left +off - in Denmark, Russia, the Seychelles and elsewhere. For years, they +had deployed a similar tactic of changing the last part of their web +address - moving from .com to .org, for example - to avoid being targeted +and blocked. Companies and governments that provide these domains often +do not coordinate with one another, allowing offenders to move around the +globe while largely preserving their site's identity. + +But there was no hiding this time. + +Records reviewed by The Times show that over seven years, the websites +were directed to servers in over 20 countries, many of which are shown +here. + +A borderless internet means bad actors can move their sites between +countries, and even continents, in seconds. + +This complicates the work of child abuse hotlines and law enforcement +agencies trying to eradicate images of child sexual abuse. + +The Canadian hotline, working from offices in Winnipeg, Manitoba, were +using a computer program named Arachnid to crawl the internet in search of +Mr. Chicoine's sites, and to send takedown notices whenever it identified +illegal material. + +And as soon as the three sites reappeared somewhere, the Canadians reached +out to the new hosts. In all, they found more than 18,000 confirmed images +of abuse on the pages, reporting most of them hundreds of times each. It +is also possible that law enforcement officials directed their firepower +at the sites. + +Signy Arnason, the associate executive director of the Canadian center, +described Arachnid as a "survivor-centric" endeavor, inspired by a survey +that found victims of child sexual abuse feared being recognized in person +by those who had viewed their abuse online. + +Since its launch two years ago, Arachnid has found more than 1.6 million +confirmed images of child sexual abuse, and has sent more than 4.8 million +takedown notices to websites and hosting providers. The British child +sexual abuse hotline, the Internet Watch Foundation, has also developed a +"spider" to crawl the internet. New software drove a surge in takedown +requests + +Starting in 2013, abuse hotlines around the world sent a trickle of +requests to remove images on the three sites - with little effect. +Arachnid automated the detection process, creating a deluge that couldn't +be ignored. + +"Arachnid is one oar - a big oar - in a ship of many oars rowing against +this issue," said Denton Howard, executive director of Inhope, the +organization supporting child abuse hotlines. + +Throughout the battle, the moderator of the sites would email the +Canadians, accusing them of corruption and filling their inboxes with +spam. He also contacted Canadian government agencies with false claims +about the center, and even built software that altered the child sexual +abuse imagery, hoping to trick Arachnid into skipping it over. + +It was not enough. All imagery of abuse has been removed from the sites, +and the forums for the predators are closed, at least while their +opponents have the upper hand. + +But as a parting shot, the home pages were filled with links to other +sites that offered similar content, giving criminals a road map to +continue their pursuits - and the groups dedicated to stopping them a list +of new targets. + +Michael H. Keller contributed reporting from New York. + +Produced by Rich Harris, Virginia Lozano and Rumsey Taylor. + +END diff --git a/subfiles/classics/repeats.md b/subfiles/classics/repeats.md new file mode 100644 index 0000000000..6ae1d16da2 --- /dev/null +++ b/subfiles/classics/repeats.md @@ -0,0 +1,27 @@ +# CloudFlare attracts "repeat infringers" + + +Google publishes a [Transparency Report](https://web.archive.org/web/20210826102213/https://transparencyreport.google.com/copyright/explore) regarding copyright removal requests. One of the three large files in this downloadable data package is domains.csv, which lists domains specified in removal requests. We processed this file after downloading it on 2021-08-13. At that time the file was 333.3 million lines, and included domains mentioned in removal requests received by Google since July 2011. + +Each removal request had a unique ID, which meant that it was on a separate line in this file. First we stripped out all the data except the domain name. Then we compressed the file by listing each domain once, preceded by the number of lines on which this domain appeared in that file. Finally, we extracted only those domains that were currently using CloudFlare nameservers. We wanted a rough idea of whether "repeat infringers" (a term used in the DMCA) might find CloudFlare attractive. + +After adding these numbers together, it turns out that CloudFlare's contribution to Google's problem is 24.81 percent. Search-engine crawlers should avoid CloudFlare's [entire IP space](https://web.archive.org/web/20210826102213/https://www.cloudflare.com/ips/). + +![](img/smells.gif) + +![](img/daddy5.jpg) + +![](img/cfeu.gif) + +![](img/couple5.gif) + +![](img/jamie.gif) + +![](img/koolaid.jpg) + +![](img/dmca9.gif) + + +--- + +[home](README.md) diff --git a/subfiles/classics/spamhaus.md b/subfiles/classics/spamhaus.md new file mode 100644 index 0000000000..75e2463b89 --- /dev/null +++ b/subfiles/classics/spamhaus.md @@ -0,0 +1,117 @@ +This was the Spamhaus "SBL" listing page for +CloudFlare for two weeks in mid-July, 2012. + +( The current version of this page is [here](https://web.archive.org/web/20210826103816/http://www.spamhaus.org/sbl/listings/cloudflare.com). ) + + +``` +Found 18 SBL listings for IPs under the responsibility of cloudflare.com + + +SBL146937 +199.27.135.0/32 cloudflare.com +12-Jul-2012 08:04 GMT +Blackhat SEO spammer hosting @199.27.135.43 + + +SBL146752 +141.101.64.0/18 cloudflare.com +11-Jul-2012 15:29 GMT +Spammer hosting (escalation) + + +SBL146751 +173.245.48.0/20 cloudflare.com +11-Jul-2012 15:28 GMT +Spammer hosting (escalation) + + +SBL146750 +108.162.192.0/18 cloudflare.com +11-Jul-2012 15:28 GMT +Spammer hosting (escalation) + + +SBL146043 +108.162.196.180/32 cloudflare.com +07-Jul-2012 18:35 GMT +"Polyee Plast" / polyeeplast.com + + +SBL146042 +108.162.196.80/32 cloudflare.com +07-Jul-2012 18:35 GMT +"Polyee Plast" / polyeeplast.com + + +SBL145952 +141.101.124.42/32 cloudflare.com +07-Jul-2012 04:36 GMT +work at home scammer/spammer landing site (redirection via a black hole site) + + +SBL145939 +141.101.125.42/32 cloudflare.com +07-Jul-2012 04:06 GMT +work at home scammer/spammer landing site (redirection via a black hole site) + + +SBL145142 +108.162.195.154/32 cloudflare.com +02-Jul-2012 09:07 GMT +imagevat.com: Hosting phish spammer images for several weeks... + + +SBL143793 +108.162.196.196/32 cloudflare.com +20-Jun-2012 17:49 GMT +backlinkbiz.info / usabacklinks.info + + +SBL143792 +108.162.197.97/32 cloudflare.com +20-Jun-2012 17:49 GMT +backlinkbiz.info / usabacklinks.info + + +SBL142597 +199.27.135.0/32 cloudflare.com +13-Jun-2012 05:32 GMT +Blackhat SEO spammer hosting @199.27.135.43 + + +SBL141644 +173.245.60.0/32 cloudflare.com +05-Jun-2012 19:07 GMT +Blackhat SEO spammer hosting @173.245.60.55 + + +SBL141634 +199.27.135.0/32 cloudflare.com +05-Jun-2012 19:04 GMT +Blackhat SEO spammer hosting @199.27.135.43 + + +SBL140586 +173.245.60.0/32 cloudflare.com +27-May-2012 07:41 GMT +Spammer hosting @173.245.60.143 + + +SBL138291 +173.245.60.0/32 cloudflare.com +06-May-2012 19:43 GMT +Malware botnet controller @173.245.60.57 + + +SBL136345 +173.245.61.138/32 cloudflare.com +16-Apr-2012 22:27 GMT +globaltrade.net + + +SBL136344 +199.27.135.52/32 cloudflare.com +16-Apr-2012 22:26 GMT +globaltrade.net +``` diff --git a/subfiles/classics/twisted.md b/subfiles/classics/twisted.md new file mode 100644 index 0000000000..bd187050cf --- /dev/null +++ b/subfiles/classics/twisted.md @@ -0,0 +1,41 @@ +# CloudFlare seeks riches through anarchy + +_Civil society and the twisted web_ + +> July 2012 + + +One of the concepts that eludes the digital generation is that Internet participation requires a balance between privacy and accountability. If you are using a search engine for passive research, you have the right to remain anonymous. But if you publish something that can affect others, you should be accountable, and hence identifiable. Even comments under a blog post or on Facebook should be signed with a real name. It's that simple. + +During 2011, CloudFlare responded to complaints about content on their servers by insisting that they are merely a pass-through content delivery network (CDN) and not a hosting provider. At the same time they usually gave you the hosting provider's IP address. In 2012 they stopped responding to many complaints, and even those that they still deem worthy are given only the netname of the hosting provider instead of the specific IP address. + +![](img/nodmca.gif) + +Anyone attempting to file a complaint with only a netname will get nowhere. Frequently the netname is at the top of a pyramid, and any number of leased or owned IP netblocks are below that name. The netname alone is not specific enough to identify the server that hosts the content. + +CloudFlare is delighted with this. In retrospect they are happy that they hosted LulzSec because it brought publicity and more customers. Currently they even host the website of a professional DDoSer named "Gwapo" in the Philippines. He explains how you can send him money to take down any website. + +![](img/geek7.jpg) + +The question of whether CloudFlare is a pass-through provider is debatable. They change the pages they cache by adding JavaScript and compression, sometimes they intercept pages with a captcha, and they display their orange-cloud logo at every opportunity. Browsers who land on a domain serviced by CloudFlare end up with a globally-unique "cfduid" cookie that is 43 digits long. CloudFlare is _not_ the equivalent of a data center on the Internet backbone, which has no responsibility for content because it operates on a different Internet layer. This means that CloudFlare should be sensitive to content complaints. Despite this, they offer advice on how to hide your IP address, and they help basement-dwellers reduce bandwidth costs. Some of these teenagers run abusive websites for the lulz or because piracy is fun, and most have little money. + +![](img/damonb.gif) + +CloudFlare is basically a hosting provider, or at least an active and intrusive appendage to a hosting provider. In cases such as LulzSec and [Encyclopedia Dramatica](https://web.archive.org/web/20210826103612/http://josephevers.blogspot.com/) they are a necessary appendage, as those sites wouldn't exist without it. The brass at CloudFlare know this, and seem worried that someday it will be an issue for a judge or jury to decide. Whenever some fanboy comments about CloudFlare on some blog and uses the term "hosting provider," the company's official "Community Evangelist" [Damon Billian](damon.md) adds a comment to point out that CloudFlare is "not a hosting provider." Co-founder Matthew Prince echoes the same mantra. They want everyone to think that they have immunity from laws, so don't bother complaining to them about content. + +![](img/cfads6.jpg) + +They hype themselves to venture capitalists through media coverage, and have no time to read their own terms of service. Responsible citizenship interferes with getting rich. CloudFlare presents themselves as the world's solution to DDoS and hacking attacks, and cannot be bothered to handle complaints reasonably. As Google might say, accountability lacks scalability. Nothing short of a court order will get the attention of either CloudFlare or Google. It is left to public-sector activists and regulators do what they can to promote civility in Silicon Valley and accountability on the Internet. + +Direct IP addresses are sometimes found on CloudFlare's nameservers. Since CloudFlare cannot handle email forwarding or direct uploading to the origin server, the site owner may add a "direct-connect" subdomain address to their DNS record. We try to collect these non-CloudFlare IP addresses by compiling lists of domains in CloudFlare's nameservers and checking each with several lookups. + +Unfortunately, bad guys are often aware of technical issues, and quickly delete any direct-connect records or wildcard subdomains. CloudFlare should install a search box on their home page that lets anyone enter a domain name and get a history of IP addresses that have been feeding that domain to CloudFlare. But if they did this, all of their abusive customers would go elsewhere. They might even lose customers who are afraid of DDoS, and are trying to hide their IP from some of those same bad guys. See our search page, [Uncovering bad guys hiding behind CloudFlare](cfs.md), for more information and a search box. + +![](img/hype9.gif) + +From CloudFlare's perspective, it is better to keep both camps under one roof, and continue to spin and hype this wretched mess until the time comes when they can get rich with an IPO. + + +--- + +[home page](README.md)