this post was submitted on 26 Dec 2023
10 points (91.7% liked)

Privacy

816 readers
119 users here now

Privacy is the ability for an individual or group to seclude themselves or information about themselves, and thereby express themselves selectively.

Rules

  1. Don't do unto others what you don't want done unto you.
  2. No Porn, Gore, or NSFW content. Instant Ban.
  3. No Spamming, Trolling or Unsolicited Ads. Instant Ban.
  4. Stay on topic in a community. Please reach out to an admin to create a new community.

founded 2 years ago
MODERATORS
c0mmando@links.hackliberty.org
10
Has avoiding Cloudflare become Impossible? (links.hackliberty.org)
submitted 9 months ago* (last edited 9 months ago) by c0mmando@links.hackliberty.org to c/privacy@links.hackliberty.org
11 comments fedilink hide all child comments
 

Nearly every website today seems to be hosted behind Cloudflare which is really concerning for the future of privacy on the internet.

Cloudflare no doubt logs, stores, and correlates network telemetry that can be used for a wide array of deanonymization attacks. Not only that, but Cloudflare acts as a man-in-the-middle for all encrypted traffic which means that not even TLS will prevent Cloudflare from snooping on you. Their position across the internet also lends them the ability to conduct netflow and traffic correlation attacks.

~~Even my proposed solution to use archive.org as a proxy is not a valid solution since I found out today that archive.org is also hosted behind Cloudflare...~~ edit: i was wrong

So what options do we even have? What privacy concerns did I miss, and are there any workaround solutions?

you are viewing a single comment's thread
view the rest of the comments
[–] freedomPusher@sopuli.xyz 0 points 9 months ago* (last edited 9 months ago) (1 children)

Even my proposed solution to use archive.org as a proxy is not a valid solution since I found out today that archive.org is also hosted behind Cloudflare…

Yikes! Can you give more detail? I’ve used archive.org quite heavily for years (it’s the only practical universal escape from Cloudflare). The IP address is not in Cloudflare’s range. But recently Cloudflare as started hiding its own presence by outsourcing to 3rd parties. It’s a vast minority of cases but this could obviously worsen. Is archive.org using CF through one of the undisclosed 3rd parties? A couple years ago archive.org announced a disturbing partnership with CF but did not disclose the details.

[–] c0mmando@links.hackliberty.org 2 points 9 months ago

Upon further investigation, I mistook original cloudflare headers that were passed through with x-archive-orig-* as an indication that archive.org was behind cloudflare. my mistake. I have edited the original post.