On 01/12/2017 08:24 AM, taii...@gmx.com wrote: > On 01/12/2017 12:33 AM, Andrew David Wong wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA512 >> >> On 2017-01-11 12:34, Andrew David Wong wrote: >>> On 01/11/17 11:04, taii...@gmx.com wrote: >>>> https://www.eff.org/deeplinks/2017/01/finally-revealed-cloudflare-has-been-fighting-nsls-years >>>> >>> Three main reasons: >>> >>> 1. We distrust the infrastructure anyway. >>> 2. It's low-overhead (in terms of the time and work required for >>> administrative tasks). >>> 3. It's free (as in beer). >>> >> On 2017-01-11 12:37, Alex wrote: >>> In my understanding of the article, cloudflare is trying to challenge >>> the secrecy around broad investigations (by challenging national >>> security letters), not the other way around, so I can't see what you are >>> lamenting, Taiidan... Would you care to explain? >>> >> I mistakenly thought that this was a new thread posing the question in >> the subject line and providing a link to that article as a justification >> for the question. After viewing the whole thread on Google Groups, I >> realize that I've already answered the initial question. (I knew it >> seemed familiar!) >> >> This is what happens when people reply to threads without quoting any >> part of the existing thread to provide context. :) >> >> I second Alex's question. The article is clearly pro-Cloudflare from the >> very first sentence. >> >> - -- Andrew David Wong (Axon) >> Community Manager, Qubes OS >> https://www.qubes-os.org >> -----BEGIN PGP SIGNATURE----- >> >> iQIcBAEBCgAGBQJYdxUYAAoJENtN07w5UDAwT5IP/3j5VjBj7Txh9bC9z4gOT1bk >> x+DzdFWPH6OAXiaUQs5BDiA/TayjN8GmJgcYi1247MV4xaoNkUqAdOa3Bv+fxprr >> wZREP6UII3LiLlP8TMPsIZNhc/W+AGSUGinG4qtYlz/TJnn2zJnoTmiz1f3wsUVh >> LDT4ncPIUFiVaVLhn5eFnl7nOrDh14O3CRxlu3cpYjTG6bBXBAChCLEE6EACTJgH >> Ocl1fyGOCtlPILC7OEKPoJ1Cuo6RxhVilhv9rqkM8gh8uG4cRZAsKAaWb8C/qrJ1 >> WamA85zEApjI2xonPjkBOCfPnOpDNs21B4uG/hdRq4tPtU+69Xt0a6SCOqPdijDZ >> An62pOlCApLEvCl26ImS0xdmKaYXZ1y0UPS2y+wJ/tMBRZxKNAKlpwYat93t3nIK >> UOW763sA+CVpDIxTaBTGGL7Miz7wz0fGN4TAtGNyOVNnfdwSNnKQcYxwWY9rltsj >> VWvQumHfWE1zLZ2HzknbP3CVSeIuqSrve4rifj62L3+gkKaoqxA7ndN/sSOOX6iO >> TOZZYuWb8YE1rGoV/vznFEftc74mDe0obmF4JSraLEXGRyuZ7dnQjxetZ3BvKnQN >> bKDgRObC78ro0O9ibslZh9rn5w9wxf8T8EQ65JvQdQxyRK4qLC+bk53tPcDz77M1 >> LJ+su7Fq2RLrcqY4/lVK >> =0uH4 >> -----END PGP SIGNATURE----- > I thought I would share this because it proves that they're fighting a > NSL and thus had one put in to action on them in the first place. > > I realize that you enjoy the "free" services from them and that you lack > the money to use anything else, but it is just something to think about > regarding what happens when a handful of companies control almost the > entire internet and the bigger picture - what happens if a change of > management leads to them dropping the challenge? what companies simply > comply and we never hear about it? > > A theoretical condition of doing business in country X (say china) would > be messing around with certain pages to provide bad advice and > contaminated software to people, you don't have to get the elite > security specialist types who take extraordinary precautions you simply > have to get the average joe who doesn't know anyone in real life who can > provide a real root of trust (even I don't) > > The cloudflare captcha is clearly designed to fingerprint the user > (which works even with a generic DVM due to machine specs) or else it > wouldn't need javascript, it is obvious that they have a market interest > in tracking people even those who use VPN's. > > I bet half the users on this mailing list have never considered the cost > of "free" so my goal is to get people thinking about it. >
There is huge discussion on torproject.org on cloudflare ; additionally to the annoying (and as I learned thanks to your question yesterday) user-tracking Captcha I may add that, running a non-exit(!) tor server at home, my home IP is banned (even with an insecure browser) from a lot of useful sites, British Airwairs is on example (that I boycott for them banning me), and many others. Almost all of them are linked to CF if one looks well the whois entries. This behaviour of Cloudflare seems clearly politically motivated to me : there is no danger, no malicous packets, simply nothing that is emerging from my tor middle relay! The "com" about NSL fighting does not mean that Cloudflare are with the good side of the force. Not at all. It is only "com" (communication or comedy?) Bernhard -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/9b23ff19-fb13-edf4-741c-5371f997cff6%40web.de. For more options, visit https://groups.google.com/d/optout.
