mirrors/deCloudflare
1
0
Fork 0
mirror of https://0xacab.org/dCF/deCloudflare.git synced 2025-01-28 10:09:11 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

Correct location

Browse Source
This commit is contained in:
Daniel Morsing 2022-12-10 19:07:46 +01:00 committed by Reporter [Android]
parent b29eade723
commit c500013157
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
subfiles/rapsheet.cloudflare.md
View File

@ -76,6 +76,8 @@
[greenwash]: http://web.archive.org/web/20210730102406/blog.cloudflare.com/crawler-hints-how-cloudflare-is-reducing-the-environmental-impact-of-web-searches
[tarpit]: http://web.archive.org/web/20210730102406/blog.cloudflare.com/crawler-hints-how-cloudflare-is-reducing-the-environmental-impact-of-web-searches
[emailisprivate]: http://web.archive.org/web/20220802214251/developers.cloudflare.com/email-routing/
[CFAidsBooters]: https://rasbora.dev/blog/I-ran-the-worlds-largest-ddos-for-hire-empire-and-cloudflare-helped
[jsInsecure]: https://unixsheikh.com/articles/stop-pushing-Javascript.html
# CloudFlare
@ -91,8 +93,8 @@ CloudFlare is a vigilante extremist organization that takes the decentralized we
1. ISPs collect data on their own customers and exploit it for profit in the US. Under Obama it became illegal for an ISP to sell data collected on their customers without express consent. Trump [reversed][8] Obama's policy in 2017. In the absence of legal protections, Tor serves as a technical protection from ISP snooping. CloudFlare's attack on Tor users facilitates privacy abuse by ISPs.
1. The gratis service also raises the question about how CF is monetizing all that data that's exposed to them (which every CF user carelessly increases). They do not disclose to the public how they monetize that data, but what CF cannot hide is that they [seek to hire][9] a machine learning data scientist with *big data* expertise for their marketing department.
1. A CF customer who became increasingly concerned with CF's unchecked power deleted their account. Two months after CF confirmed that the account was deleted, the customer [received an email][10] from CF, proving the account had not been deleted.
1. CF imposes execution of Javascript, and Javascript cannot be generally trusted. E.g., eBay has [been caught][11] sending Javascript that snoops on their own customers by port scanning the LAN and reporting back to eBay. Streetwise users disable Javascript. Yet it's impossible to solve CF's CAPTCHA with Javascript disabled. So people are forced into vulnerability by CloudFlare (who has proven to be untrustworthy).
1. When a user solves a CAPTCHA, CF is [paid][12] a cash reward via Paypal, a [privacy abuser][RAP-pp] who shares customer data with [600 companies][13].
1. CF imposes execution of JavaScript, and JavaScript [cannot be generally trusted][jsInsecure]. E.g., eBay has [been caught][11] sending JavaScript that snoops on their own customers by port scanning the LAN and reporting back to eBay. Streetwise users disable Javascript. Yet it's impossible to solve CF's CAPTCHA with Javascript disabled. So people are forced into vulnerability by Cloudflare (who has proven to be untrustworthy).
1. When a user solves a CAPTCHA, CF is [paid][12] a cash reward via PayPal, a [privacy abuser][RAP-pp] who shares customer data with [600 companies][13].
1. CloudFlare takes away **software freedom**
1. CF imposes CAPTCHAs that require the user to execute non-free Javascript.
* CF restricts how users may use their software by rendering the web dysfunctional for some browsers.
@ -197,7 +199,7 @@ CloudFlare is a vigilante extremist organization that takes the decentralized we
1. To counter Cloudflares attack on mislabeled beneficial bots, developers are compelled to make their bots act more human. This means downloading images needlessly, thus increasing the environmental footprint needlessly.
1. CF forces transmission of copious bandwidth-wasting images in order to supply CAPTCHAs. When a grid of images is presented for Cloudflare's hCAPTCHA, every grid cell is a separate image that requires a separate individual HTTP request, which culminates into the most costly of CAPTCHAs.
1. hCAPTCHA uses 4 levels of nested Javascript. So users with Javascript disabled are often forced to reload the CAPTCHA page 4 times just to see the puzzle.
1. Even with all Javascript loaded and executed to the extent needed to support the CAPTCHA, the CAPTCHA server itself often refuses to serve a puzzle due to a blown traffic threshold for an IP address. When the CAPTCHA fails to render or when a human user fails to solve the CAPTCHA, all the energy spent reaching the point of denial is to a total loss. Whether the user continues to reattempt or they give up, the energy waste is a loss for all parties and a detriment to the environment ultimately for no benefit.
1. Even with all JavaScript loaded and executed to the extent needed to support the CAPTCHA, the CAPTCHA server itself often refuses to serve a puzzle due to a blown traffic threshold for an IP address. When the CAPTCHA fails to render or when a human user fails to solve the CAPTCHA, all the energy spent reaching the point of denial is to a total loss. Whether the user continues to reattempt or they give up, the energy waste is a loss for all parties and a detriment to the environment ultimately for no benefit.
1. CloudFlare **stifles innovation** and culture. Robots are a crucial component to innovation. CF's attack on robots means people can't even use wget to download files. As a consequence, mp3 files (for example) can only be downloaded one at a time by manually clicking on each file. An immeasurably broad range of innovations depend on robots to provide capabilities that are not economically viable with manual labor. Many robotic innovations are created for the sole purpose of improving the usability of user interfaces that are either poorly designed for all users or the design overlooks the needs of some users.
1. **False statements, deceptive practices, and poor character of CloudFlare**
1. No transparency: as Cloudflare performs a DoS attack on Tor users they obviously do not inform web owners. Web owners are usually unaware that legitimate patrons are being blocked from accessing their site. These businesses are all damaged so that one business can profit.
@ -214,6 +216,7 @@ CloudFlare is a vigilante extremist organization that takes the decentralized we
1. When a large profit-driven tech giant uses a non-profit fund raising platform to [solicit donations][40] to feed their own staff at events, it's clear that professionalism is in short supply at CloudFlare Inc.
1. CloudFlare asks those who anonymously report illegal conduct on their websites to reveal their true identity. Yet CF has a history of doxxing whistle blowers and making them into victims. Instead of apologizing in the child porn case, the CEO (Matthew Prince) said the whistle blowers [should have used fake names][41]. (see "CloudFlare shelters criminals" below)
1. CloudFlare **shelters criminals**
1. CF [protects booters][CFAidsBooters], who drum up business for Cloudflare by DoS attacking non-Cloudflared websites.
1. CF [protects][42] pro-ISIS websites from attack.
1. CF protected a website that distributed child pornography. When a whistle blower reported the illegal content to CF, CF actually [doxxed][43] the people who reported it. CloudFlare revealed the whistle blowers' identities directly to the dubious website owner, who then [published][brennan] their names and email addresses to provoke retaliatory attacks on the whistle blowers! Instead of apologizing, the CEO (Matthew Prince) said the whistle blowers [should have used fake names][41].