this post was submitted on 26 Aug 2024
52 points (98.1% liked)
Programming
17558 readers
516 users here now
Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!
Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.
Hope you enjoy the instance!
Rules
Rules
- Follow the programming.dev instance rules
- Keep content related to programming in some way
- If you're posting long videos try to add in some form of tldr for those who don't want to watch videos
Wormhole
Follow the wormhole through a path of communities [email protected]
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
https://old.reddit.com/r/programming/comments/1d14rb7/cloudflare_took_down_our_website_after_trying_to/ is the most recent Cloudflare drama. They've been known to fuck customers before but I can't really find specific examples. Obviously their protection can also be overzealous and block legitimate traffic too, which pisses off users as well.
Beyond that there's many more philosophical reasons to hate Cloudflare - they're a highly centralised point of failure and like in the story linked above could at any time "alter the deal", so to speak. As an advocate for the free and open internet I wouldn't consider them a force for good any more than Google, Facebook or Amazon.
They're also hated for blocking privacy tools like Tor and blocking scraping, which does suck, but if cloudfail doesn't work anymore you can still always search SHODAN for website title/headers to see if the LB is accessible directly via the internet. DNS management at medium sized corpos is usually a clusterfuck so it's definitely a non-zero chance.
They're not only a centralised point of failure, but also a man-in-the-middle for so many sites that they can effectively track people all over the internet through web and DNS requests, and fingerprint browsers through CAPTCHA scripts, and even read people's HTTPS traffic.
I consider them a hostile actor.
No organisation should have such pervasive access to people's lives.
Yup. One of the vestiges of corporate internet. I tried to make a less ideological argument for wider appeal but I absolutely agree with you.
It was made up by a shitty illegal crypto casino:
https://news.ycombinator.com/item?id=41091144
Of course you can't find specific examples because they are known to be great with customers.
Opinions. Irrelevant. What is and isn't "shitty" is a matter of opinion. Obviously fuck casinos and crypto scams but it ain't relevant.
The explanation you linked on the other hand is valid. I think it's a little ridiculous though that Cloudflare can't do any sort of geo-restriction instead. Just about everything is illegal somewhere.
I can't be arsed.
That's not their job, it's the job of the site operator.
It's a free-tier service ffs. Who runs a company on a free-tier?
It is their job. They advertise it as bot blocking
It's super relevant in this case since they were shutdown for abusing the system and given warning that they decided to ignore while looking for a new provider.
Can confirm lmao
Job title: Cybersecurity Engineer
Actual Job: DNS Janitor