## Mastodon - Want to sign into your matrix account using tor? cloudflare says no. 😿 @matrix ([uniq@chaos.social](https://chaos.social/@uniq/108214086529939675)) - Want to sign into your matrix account using tor? cloudflare says no. 😿 @matrix doesn't this also imply cloudflare can see user passwords and e2e recovery keys? After all, they usually mitm HTTPS. ([uniq@chaos.social](https://chaos.social/@uniq/108212400015010645)) - Finde den Fehler Microsoft Edge bekommt „Sicheres Netzwerk“ (VPN) verpasst. Das Microsoft Edge Secure Network ist ein Dienst, der in Zusammenarbeit mit Cloudflare bereitgestellt wird. Cloudflare setzt sich für den Datenschutz ein und sammelt eine begrenzte Menge an Diagnose- und Unterstützungsdaten als Microsofts Daten-Subprozessor, um die Dienste bereitzustellen. Voraussetzung hier ist, dass man mit einem Microsoft-Account im Browser angemeldet ist. 😜 ([snip@social.tchncs.de](https://social.tchncs.de/@snip/108210396250065663)) - @nielsa Fascism is the melding of govt with big business, the rest are symptoms, things that manifest as a by-product of such fascism. Our sources are reliable re banks censoring and unpersoning. If you have TorBrowser hit Ctrl+Shift+E before loading a website. Quickly you'll learn why CloudFlare is not what it seems. ([dsfgs@activism.openworlds.info](https://activism.openworlds.info/@dsfgs/108208651228597728)) - @nielsa So Facebook and Twitter are in the advertising, data broking and Public Relations industry. They are bad enough but… They are better than CloudFlare for sovereignty (mostly because everyone knows about what they are doing). When Fbook tried to be a bank we went into overdrive. CloudFlare (and akamai, lesser Amazon and Azure) control/block almost all Australian banks and payment rails, and by proxy and stealth. Its infinately worse, there is no comparison here. Its an attack. ([dsfgs@activism.openworlds.info](https://activism.openworlds.info/@dsfgs/108208413666886488)) - @nielsa Saying efforts to avoid Cloudflare (and Azure, Amazon and Akamai) is "entirely ridiculous" flys in the face of people, who have jumped ship when we talk to them. Every 'one' person who learns of the centralisation and NetNeutering-nature of the fascist CDN networks is priceless. We don't need to friend, follow people on Cf servers because their takes are, let's just say, low-octane, funnily enough. Stay on CloudFlare if you dare. ([dsfgs@activism.openworlds.info](https://activism.openworlds.info/@dsfgs/108208318525392690)) - WARNING: The mas.to instance is now CloudFlare. Start dropping packets — and by packet's we mean followers. deleteCloudFlare masTo masDotTo PSA fediverseInstances fediBlock ([dsfgs@activism.openworlds.info](https://activism.openworlds.info/@dsfgs/108205292785894671)) - > "Scraping your website" One 'p'. Means to copy the website, usually into some kind of static text based format, sometimes for processing in some way. > "Scrapping your website." Two 'p' Means to purge the website. > Site is CloudFlare In order to fix your website we take the computer serving the content and "pee" on it. Clear? urine piss infoSec p oneP twoP learnTheDifference ([dsfgs@activism.openworlds.info](https://activism.openworlds.info/@dsfgs/108185625146031951)) - NOOOOO DON'T USE CLOUDFLARE THEY ARE MITM YOUR TRAFFIC AND THEY CAN SEE YOUR PASSWORDS :soyjak: :soyjak2: :soy_left: :soy_right: :soyjak_gun: SSV: *turns ln cloudflare caching* wtf my 1:43:48 long video of "THE IDOLM@STER CINDERELLA GIRLS 7thLIVE TOUR Special 3chord♪ Glowing Rock ! @KYOCERA DOME OSAKA - Day 1 Part 1" doesn't load guess I'm not using cloudflare then. ([splitshockvirus@mstdn.starnix.network](https://mstdn.starnix.network/@splitshockvirus/108184553476460073)) - @Blort @davidoclubb (update) DeepL is a no-go from a privacy standpoint -- just found out they share your sensitive translations with Cloudflare, thus privacy is in the shitter. I suggest installing ArgosTranslate and running it locally. ([koherecoWatchdog@freeradical.zone](https://freeradical.zone/@koherecoWatchdog/108183092593257572)) - @novichan @tetrapyloctomist (update) DeepL shares your sensitive translations with Cloudflare, so privacy is in the shitter w/them. I suggest installing ArgosTranslate and running it locally. ([koherecoWatchdog@freeradical.zone](https://freeradical.zone/@koherecoWatchdog/108183058285035581)) - The FBI are saying "ransomware actors" are apparently going after agricultural cooperatives" and "may (…) negatively impact the food supply chain". Wow, that almost sounds like it might be a threat. We of course, blame fedi. cloudFlareIsTheMalware supplyChains agriculture farming ([dsfgs@activism.openworlds.info](https://activism.openworlds.info/@dsfgs/108181640490400689)) - TIL Pixelfed is protected by Cloudflare. Ouch. ([ru@fosstodon.org](https://fosstodon.org/@ru/108181418478420297)) - @icedquinn Sustainable Australia Party used to call these "de facto standards" "naturalMonopolies". They used to argue that such natural monopolies must be made public. They may still do, but we can no longer access their site as cloudFlare blocks access to it. Cloudflare serve a number of other minorParty websites, all of which are inaccessible. Keep in mind, Australia is IN AN ELECTION, right now. auspol privacy electionMeddling electionRigging USA democracyDoesNotExist ([dsfgs@activism.openworlds.info](https://activism.openworlds.info/@dsfgs/108181111698479070)) - Behördenwebsites mit Cloudflare "we are checking your browser" ([quincy@chaos.social](https://chaos.social/@quincy/108179883508136249)) - If you want to opt-out of Visa’s information sharing, you must give your card to Visa’s Cloudflare website. Is this catch22 legal, considering Visa is legally obligated to offer the opt-out? ([koherecoWatchdog@freeradical.zone](https://freeradical.zone/@koherecoWatchdog/108176690207008793)) - Hahaha. Now even CloudFlare'd sites are dropping initial connection attempts. Just die, CloudFlare. cloudFuckd cloudFucked dieCloudFlare ([dsfgs@activism.openworlds.info](https://activism.openworlds.info/@dsfgs/108174798782492937)) - @fedithom @fdroidorg You need to separate the facts from the judgment. The irrefutable fact is that Cloudflare sees all data going to CF-hosted Fdroid servers incl. ssl. What Cloudflare harvests from the F-droid mirrors is anyone’s guess b/c those facts are concealed from the public. Even if Cloudflare were to claim not to, they’ve been caught making false statements before, thus untrustworthy. ([bojkotiMalbona@infosec.exchange](https://infosec.exchange/@bojkotiMalbona/108168770251173981)) - @fdroidorg @iska The answer is the website, for now. Experts & streetwise users are being driven off the Fdroid app but the fdroid website is still easy to detect Cloudflare on (there are a number of tools to do this) and then sideload the apps. ([bojkotiMalbona@infosec.exchange](https://infosec.exchange/@bojkotiMalbona/108168857872534511)) - @fdroidorg @iska There is a project dedicated to finding Cloudflare websites. It’s such a huge undertaking that the project struggles to keep up with it. This is nothing that you could reasonably expect each Fdroid user to undertake on their own. ([bojkotiMalbona@infosec.exchange](https://infosec.exchange/@bojkotiMalbona/108168878863849485)) - @iska @fdroidorg What’s a specific firewall implementation that gives users the option of using a custom filter? BTW, you’re not just blocking one IP address. Cloudflare has around ~10-15% of all websites in the world. That’s a lot of IPs stemming from a lot of ASNs, and the ASN lookups are non-trivial because some CF websites are not tagged in the ASN info as belonging to CF. ([bojkotiMalbona@infosec.exchange](https://infosec.exchange/@bojkotiMalbona/108168867633647833)) - Fdroid is getting dicey for privacy now that are allowing a tech giant to snoop on who fetches which app. Many users choose @fdroidorg for security, but security is compromized when Cloudflare is given reconnaisance data on the apps and versions various users are running. This info opens up Fdroid users to attacks that exploit known bugs. ([bojkotiMalbona@infosec.exchange](https://infosec.exchange/@bojkotiMalbona/108165961277908385)) - @fdroidorg I suggest not trusting the Fdroid app itself anymore. By default it enables ~6 mirrors, any of which can become Cloudflared w/out notice. There is no toggle to automatically block or disable Cloudflare hosts. It’s thus more secure to fetch f-droid apps from the web over Tor, after checking whether a host is CF’d. ([bojkotiMalbona@infosec.exchange](https://infosec.exchange/@bojkotiMalbona/108166039629460241)) - ↳ [Back to list](../people/)