#CloudFlare is now hitting the archive.org wayback machine with the same #CAPTCHA as #Tor users, thus censoring history too.
Niklas
@resist1984 One reason more to use Cloudflare.The wayback machine keeps data from all websites forever.Maybe it's interesting history for some public information but they also save social media,forums,everyone you ever wrote with no way to delete it.That's pure evil.
@nipos
Whether your dislike of the Wayback machine is justified or not -- putting them behind access restrictions like this only limits access by people who care about privacy, and disabled people -- hardly "just dessert"
@resist1984
@Mr_Teatime @resist1984 Nope because I explicitly whitelisted Tor in my Cloudflare settings resulting in Tor users being able to access the site without seeing a shitty Google captcha 😉
@nipos @Mr_Teatime #CloudFlare w/ #Tor whitelisted is even worse, b/c then Tor users don't know they are interacting w/a CF MitM. Tor users then unwittingly support a Tor adversary.
@Mr_Teatime @nipos archive.org does #Tor users a service b/c it helps bypass the #CAPTCHA (if needed) & ensures the target site is not rewarded w/traffic or interaction.
@nipos @Mr_Teatime there is a very useful browser plugin that detects #CloudFlare & automatically redirects to the archive of the page.
@resist1984
Do you have the name (or a link) to hand?
@nipos
@Mr_Teatime @nipos the Firefox plugin that redirects CF sites is called "Block Cloudflare MITM Attack" and is posted here: https://addons.mozilla.org/en-US/firefox/user/14218621/. Description is in cyrillic but don't let that scare you off. This plugin will outright block CF sites: https://gitlab.com/gkrishnaks/cloud-firewall
The main issue is that it sees so much of all of the traffic, and that it serves as an obstacle to anonymous/TOR browsing. Anything else that should really be added and would likely make sense to them?
The starting point was that they saw it as something that helps people fend off DDoS attacks
@g at a high level, #CloudFlare is very similar to #SpamHaus. In both cases you have a vigilante extremist org so fixated on attacking their enemy that they have no regard for collateral damage to harmless users. Ppl cannot protect their own #privacy by running their own mail server b/c of SpamHaus, & ppl cannot protect their own identity b/c CF DoS's *all* #Tor users.
@g #CloudFlare also harms non-Tor users by MitMing the connection. CF sees every username & unhashed password even when a TLS padlock is present.
@g the TLS tunnel terminates at #CloudFlare, so CF sees all traffic. It must work that way. If CF were to simply proxy all encrypted traffic to the origin, then it would fail to relieve the originating server of workload.
@g np. And note there may or may not be a 2nd tunnel between the originating server & CF, but in either case the end user sees a padlock
So if I have a SSL certificate from Let's Encrypt setup, but still sit behind Cloudflare, is my data still compromised?
@g this article covers it in detail: http://cryto.net/~joepie91/blog/2016/07/14/cloudflare-we-have-a-problem/