From eb0b87613f8228ac9abf6be9478b829fcb671688 Mon Sep 17 00:00:00 2001
From: CF <support@cloudflare.com>
Date: Sat, 30 Apr 2022 21:30:08 +0000
Subject: [PATCH] commit

---
 subfiles/people/2022.mastodon.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/subfiles/people/2022.mastodon.md b/subfiles/people/2022.mastodon.md
index f259e6d0b1..839ca7d3dc 100644
--- a/subfiles/people/2022.mastodon.md
+++ b/subfiles/people/2022.mastodon.md
@@ -1,5 +1,6 @@
 ## Mastodon
 
+- @com @jerry So I wonder if using Cloudflare actually eased their effort in passing an audit, because they can probably tick a bunch of boxes that say “not our problem… that’s on Cloudflare’s side of the fence”. ([bojkotiMalbona@infosec.exchange](https://infosec.exchange/@bojkotiMalbona/108221845275233039))
 - Someone who sees DeepL’s security statement would be convinced that they are in good hands if they knew nothing about Cloudflare -- which likely describes a majority of those who encounter DeepL. ([bojkotiMalbona@infosec.exchange](https://infosec.exchange/@bojkotiMalbona/108219864107489894))
 - I can understand why DeepL is so driven to mislead users about their security -- it’s a profit-driven corporation. But why does the LibreTranslate.com admin mislead users about security? They don’t even have a donation link. They have no reason to be malicious &amp; harm the “libre” brand. It would cost them nothing to warn users that all queries are shared with Cloudflare. ([bojkotiMalbona@infosec.exchange](https://infosec.exchange/@bojkotiMalbona/108219905100511124))
 - DeepL’s use of Cloudflare whilst showcasing ISO 27001 compliance really demonstrates well the insufficiency of iso27001. DeepL shows how well a Cloudflare website can decorate the security disclosures of a service while sharing every bit of everyone’s data with a MitM. ([bojkotiMalbona@infosec.exchange](https://infosec.exchange/@bojkotiMalbona/108219851714554080))