zlacker

[parent] [thread] 4 comments
1. johnkl+(OP)[view] [source] 2023-08-02 17:33:47
Cloudflare is in the wrong here. They want to "protect" people from their own ISPs, from nefarious web and DNS servers that'll "sacrifice the privacy of users" by - you guessed it - doing exactly the same thing themselves. They've given very little reason to trust them, while giving plenty of reasons to think they might be evil (like protecting known spammers / scammers / phishers).

If another company did what Cloudflare does and homogenized tons of requests behind them, you can bet Cloudflare's CAPTCHA systems would block them in a second.

I have zero respect for Cloudflare's inability to answer criticisms about what they do, about their constant deflections from simple, straightforward questions, and the fact that they do to others what they would never accept anyone else doing to them. It's hypocrisy in the service of trying to become a monopoly by re-centralizing the Internet.

Don't believe me? Go ahead and look for examples of Matthew Prince addressing concerns that much of the non-western world can't access Cloudflare fronted sites because of Cloudflare's "reasons". When you don't find any that have more than just vague platitudes and handwaving, imagine how you'd feel if you were one of those multiple billion people.

replies(1): >>tick_t+P
2. tick_t+P[view] [source] 2023-08-02 17:36:34
>>johnkl+(OP)
EDNS is OPTIONAL. archive.is is objectively in the wrong here.
replies(2): >>johnkl+X3 >>nora-p+Z6
◧◩
3. johnkl+X3[view] [source] [discussion] 2023-08-02 17:49:42
>>tick_t+P
EDNS is in part how using one IP address across the world can work without tons of latency for everyone who isn't geographically local. In other words, 1.1.1.1 would be a lot shittier, and the DNS answers they provide would be much less geographically appropriate, if they didn't make use of information about the source of a query.

In other words, Cloudflare expects us to think they're so special that they should get to do what they explicitly don't want others doing.

It's bullshit, particularly for all the people who are victims of Cloudflare's manipulations such as the default use of Cloudflare DNS servers for DNS-over-https on Firefox, which users were never asked about before it was enabled for them (at least in the US).

replies(1): >>tick_t+nH
◧◩
4. nora-p+Z6[view] [source] [discussion] 2023-08-02 18:00:48
>>tick_t+P
"You ask me for an IP address, but you don't ask me with respect".

Respect is optional too. But it is important.

◧◩◪
5. tick_t+nH[view] [source] [discussion] 2023-08-02 20:19:55
>>johnkl+X3
Cloudflare is not special or unique tons of resolvers don't support EDNS. archive.is serves them all the same they only lie in their response if the source is Cloudflare.

It's actually really funny archive.is works from time to time on 1.1.1.1 which I'm assuming is when archive.is hasn't update their IP list / detection logic. I wonder how much time they spend maintaining that if they blocked everyone without EDNS it would be easy but since it's just Cloudflare....

[go to top]