#Cloudflare, a web infrastructure company, suffered nation-state attack. Hackers accessed documentation, source code, and attempted data center breach.
Cloudflare blog on Thanksgiving 2023 security incident:
"Based on our collaboration with colleagues in the industry and government, we believe that this attack was performed by a nation state attacker with the goal of obtaining persistent and widespread access to Cloudflare’s global network."
Did you know that associate members of the Free Software Foundation (FSF) who live in the US are eligible to join the Digital Federal Credit Union (DCU) for their banking as one of the FSF's associate member benefits? https://u.fsf.org/42lhttps://www.fsf.org/associate/benefits
@fsf I’ve wondered what #FSF’s attraction to #DCU is based on. DCU’s app is proprietary closed-source and exclusively distributed in Google and Apple stores.
It’s really a bad idea to use #DigitalFederalCreditUnion because their website proxies through #Cloudflare, a privacy abuser. For the moment, it looks like they only use CF for their sales site not the login host. But many CUs actually let CF be a MitM on their logins and sensitive financial transactions. DCU’s poor judgement could spill over to the transactional site at any time. #DigitalCreditUnion is not a good #CreditUnion to endorse.
Also worth noting that Cloudflare is antithetical to software freedom, according to ¶2 of this article:
Judging by this @speedcurve graph comparing TTFB from last 3 months to the 3 months before, it looks like TTFB has improved lately with #Netlify, while it has degraded with #Cloudflare:
I'm currently using Cloudflare in front of Netlify, but I'm not sure it's worth it anymore. 🤔
Okay, what the heck was that... Key and access details on Cloudflare R2 all changed and new endpoints, etc. Unscheduled change? Had to reconfigure all my S3 storage. The life of a sysadmin! #cloudflare#cloudflarer2#MastoAdmin
Discovered #Cloudflare Tunnel today, and it didn’t disappoint. I was able to set it up locally, and I’ve used it to temporarily expose a little webhook project to the net. The docs were straightforward, it asked me to auth once via browser, the rest happened in the terminal.
Was going to see which courses I bought on Zenva last year, but Clownflare there is broken too: https://academy.zenva.com/
Please, Cloudflare, stop breaking the Internet! I have Firefox's fingerprinting protection enabled because of crap like Facebook, not so I can pwn courseware.
While it’s nice that it’s been twice now we’ve gotten free internet speed upgrades from TM (ISP), both under the PH gov, it still sucks that TM’s fuckin stingy in terms of upload speed.
To get upload speeds not as ridiculous as 50Mbps, you have to be on the 500Mbps download speed plan which still only gives you 100Mbps upload. I was on 50Mbps down years ago, got free upgrade to 500Mbps down (100Mbps up), then recently another free upgrade to 800Mbps down (200Mbps up). My partner’s house tho was upgraded for free from 100Mbps down to 300Mbps down, but still have only 50Mbps up. Get good, TM.
I do appreciate that TM haven’t gotten full evil corpo on residential consumers tho and we are not subjected to CGNAT, and all (critical) ports like HTTP/HTTPS etc. remain open, in fact they’ve mentioned that they don’t close any ports whatsoever so self-hosting is pretty easy. Only (notable) thing that might differ from “enterprise” fibre plans are the static IPs, but dynamic IP’s pretty easy to deal with using something like #Cloudflare. Seeing others’ internet subjected to these crap mentioned give me nightmares of TM/other ISP here following suit to do the same.
These tech companies that are having mass firings.. like cloudflare and discord - they're saying it's because of wanting to cut down on labour and increase efficiency (blah blah blah read maximise profits).
What are the chances it's because they're going to start (have started?) using AI?
@trezzer "You have to deactivate a #privacy feature so we can protect your privacy!" Did they hire whoever designed the #Cloudflare "checking if your connection is secure" con?
Hey @godotengine, the website is giving me a loop of Clownflare's "security" check over and over. GitLab was doing this a month ago...
I'm using Firefox with ad blockers and privacy settings that try to prevent browser finger printing. Clownflare breaks on this frequently. (Looks like they're trying to access cross-origin objects they don't have permission for.)
Interesting I've had issues with #cloudflare and #firefox recently I just tried switching the user agent name plugin to "firefox linux" and behold the problem went away, I can login to Gitlab again now, not sure why "default" didn't work still but oh well if it works it works
@mjgardner
Indeed. I never read molly white’s blog because it’s not open.. #Cloudflare is an exclusive walled garden that excludes me.
#CitationNeeded has the same problem as #substack so nothing changes for me. It’s still in the portion of web that’s dark to proponents of an open free web. @ben@molly0xfff
@ben@molly0xfff@mjgardner@deflarerOfClouds#Cloudflare is not like AWS because CF is an access-restricted service that blocks various groups of people. It’s exclusive. If you can access CF’s websites then it means you are not in any of the excluded groups. They designed the garden walls to be invisible to people who are included, so to you it just looks like any other website.
I don’t see Mark’s screenshot in my textual environment, but I suspect he posted what it looks like when you are in one of Cloudflare’s excluded groups of people.
Similar to IRC, where I never found nice usable apps for my taste, I thought XMPP was deprecated, but that doesnt seem so?
A very easy to use phone app is #Snikket. When I force normies to reach me over XMPP, I generally suggest Snikket to them. For the desktop I like the text UI of profanity. But it is glitchy and would be hard to use for anyone who lives in the shelter of a GUI.
#Matrix is theoretically decentralized but the mere fact that the flagship instance is on #Cloudflare suggests the developers are not on the ball about privacy or digital rights. Whenever I have been asked to join a Matrix room, there was reference to that Cloudflare instance, so I refuse it.
#Signal has many problems. I won’t even consider touching it as long as supplying a mobile phone number is a registration requirement.
(btw, i did not see the youtube video so I don’t know if it covered the problems I mention)
Matrix vs. XMPP, Security, Privacy, Apps, Efficiency ? (www.youtube.com)
cross-posted from: feddit.de/post/5228934...