+ Reply to Thread
Page 2 of 2 FirstFirst 1 2
Results 21 to 31 of 31

Thread: Cloudflare

  1. Link to Post #21
    Scotland Avalon Member Ewan's Avatar
    Join Date
    24th February 2015
    Location
    Ireland
    Age
    62
    Posts
    2,434
    Thanks
    51,860
    Thanked 18,949 times in 2,388 posts

    Default Re: Cloudflare

    Quote Posted by palehorse (here)

    I answered in blue color.
    Now I am feeling exactly like 'ThePainterDoug' after he read my opening post. You guys have completely lost me, but I am fascinated and a little jealous of your combined knowledge.

  2. The Following 6 Users Say Thank You to Ewan For This Post:

    gord (7th May 2023), Hamish (8th May 2023), Kuperkai (9th May 2023), palehorse (8th May 2023), Szymon (7th May 2023), thepainterdoug (7th May 2023)

  3. Link to Post #22
    Avalon Member palehorse's Avatar
    Join Date
    13th April 2020
    Location
    Gaia
    Language
    English
    Age
    46
    Posts
    1,630
    Thanks
    12,042
    Thanked 11,413 times in 1,572 posts

    Default Re: Cloudflare

    Quote Posted by Ewan (here)
    Quote Posted by palehorse (here)

    I answered in blue color.
    Now I am feeling exactly like 'ThePainterDoug' after he read my opening post. You guys have completely lost me, but I am fascinated and a little jealous of your combined knowledge.

    Well, I am not an expert on these issues either haha
    I usually try to do most things on my own, my computers/network/radios/bicycle/refrigerator/etc I always fixed myself, but this IME issue took me lots of time to look into and in the end I needed some assistance of someone with specific knowledge on it. No shame, can't do on your own ask for help lol

    ~~~ here some more ~~~

    I used this document https://libreboot.org/docs/hardware/t400.html to understand how to disable IME on my hardware, Libreboot provide many others documents for different hardware as well.

    for those who wish to get into it, it is recommended to buy from specialized companies that are doing it for years or ask help for that old nerd friend , there is some info in this thread already posted previously and here I will post another source to buy *Libreboot preinstalled.

    https://minifree.org/ (it is based in UK)

    Libreboot is based on coreboot, if anyone is interested to know more about it, here is one interview with the founder Leah Rowe.

    https://archive.fosdem.org/2017/interviews/leah-rowe/

    One alternative is IBM Power Systems, see POWER8 / POWER9 servers.

    on eBay there is available the old POWER8 model S822LC for 5.500 EUR (claimed to be new -shipped from Germany). I found POWER6 too a while ago.

    https://www.ebay.com/itm/33453393180...wAAOSwyP5i-3ai

    Here from OpenPower Foundation on wikipedia:
    "IBM is looking to offer the POWER8 chip technology and other future iterations under the OpenPOWER initiative[6] but they are also making previous designs available for licensing.[12] Partners are required to contribute intellectual property to the OpenPOWER Foundation to be able to gain high level status."

    Partners includes Google, NVIDEA, SAMSUMG, etc.. the whole crew HA


    RAPTOR Computing systems are offering IBM POWER9 CPUs on their website, here is one model : https://www.raptorcs.com/content/TL2WK2/intro.html

    unfortunately there is nothing 100% secure, OpenPower Foundation seems to be just another technocratic club, we can see for ourselves those who are onboard.

    One way to have some privacy is to reduce the digital footprint, and use open source software, free software, and mitigate the issues that can be mitigated, building yourself tiny computers with open components/firmwares is one option too, as I said before there is a niche business going on.

    Since this thread is about Cloudflare I don't want to go off-topic completely, this rabbit hole is quite deep, and would be better to create an specific thread for that.

    I may have some material on Cloudflare to share, the other day Cloudflare asked me to play a captcha in order to access a website, very similar to Google captcha.. it is data collection, steer away from it.

    Here links of interest
    https://en.wikipedia.org/wiki/OpenPOWER_Foundation
    https://en.wikipedia.org/wiki/POWER9

    DELL Latitude E6400 - the article explains how to flash without disassembling the laptop, doing so entirely by software directly from DELL BIOS to Libreboot (Very similar to the Thinkpad T400 - but no need to open the can)
    https://libreboot.org/news/e6400.html
    Last edited by palehorse; 8th May 2023 at 17:16. Reason: adding links references etc..
    --
    A chaos to the sense, a Kosmos to the reason.

  4. The Following 4 Users Say Thank You to palehorse For This Post:

    Ewan (9th May 2023), Hamish (8th May 2023), Kuperkai (8th May 2023), Szymon (8th May 2023)

  5. Link to Post #23
    United States Avalon Member Kuperkai's Avatar
    Join Date
    10th October 2020
    Location
    Bay Area, CA USA
    Language
    English
    Posts
    115
    Thanks
    619
    Thanked 952 times in 114 posts

    Default Re: Cloudflare

    @palehorse- Thanks for the detailed answers! @Ewan- the complexity of the tech today puts us at great disadvantage. As someone who grew up using computers in college, the constant maintenance required to operate safely is tiresome.

  6. The Following 3 Users Say Thank You to Kuperkai For This Post:

    Ewan (12th May 2023), palehorse (12th May 2023), Szymon (9th May 2023)

  7. Link to Post #24
    Avalon Member palehorse's Avatar
    Join Date
    13th April 2020
    Location
    Gaia
    Language
    English
    Age
    46
    Posts
    1,630
    Thanks
    12,042
    Thanked 11,413 times in 1,572 posts

    Default Re: Cloudflare

    The following discussion on Tor project forum was banned by its moderators, the subject was "Cloudflare" and it was discussed in 2017/2018.


    "#18361 and its comments adequately summarize the general problem with Cloudflare’s MITM attack on the Internet. I need not repeat, save to emphasize that when Tor Browser alleges it has a secure (TLS) connection, it is lying to the user if the connection runs through a known MITM.

    A reasonable workaround is for Tor Browser to block all Cloudflare sites loaded through HTTPS, or at least warn the user when such a site is loaded. This can be done by detecting the non-standard CF-Ray: HTTP header.

    I suggest that this security enhancement should be tied to the Security Slider. On High, all HTTPS connections which receive said response header should immediately terminate, with an error message given to the user. On Medium, the user should be warned and asked whether Tor Browser should proceed. On Low, where all manner of mischief is allowed by default (even non-TLS-loaded Javascript!), Cloudflare page loads may be permitted without warning. Users who run on the Low setting are begging to be pwned, anyway.

    As an ancillary benefit, this feature will also obviate the specious reasoning behind demands to bundle untrusted third-party software with Tor Browser. See #24321.

    Perhaps most visibly from a user experience and support perspective, this feature will also save users much wasted time solving pointless CAPTCHAs to visit sites which are mostly idiotic, anyway. This should result in reduced user complaints about network breakage deliberately caused by third parties outside the Tor Project’s control."
    ..

    Cloudflare is a MITM, by design

    "Cloudflare is a MITM, by design. That is the primary (only?) service they offer. It does not matter what the site’s service level with them is. From the connecting user-agent’s perspective (here apropos), it does not even matter if the site uses its ​so-called “keyless SSL” service to preserve secrecy of its long-term private keys. Cloudflare always, always has the symmetric key to the session; and within the ostensibly encrypted session, Cloudflare is by definition a Man-In-The-Middle which decrypts, modifies, and proxies the plaintext.

    Why, it is exactly as if Cloudflare were designed as a mass surveillance tool! So, what rationalizations could be supposed for those who use their services, or ignore them as a global threat?

    “But Cloudflare is a trustworthy provider of Internet infrastructure.” Then, why do we need TLS at all? Just make peering arrangements with trustworthy networks who agree to pass your packets only through trustworthy routers! TLS eliminates trust in the network: By design, TLS promises end-to-end encryption. Meaning, with the endpoint. By design, Cloudflare makes a mockery of this promise."
    ..

    "In sum, “CAPTCHA madness” is the smallest problem with Cloudflare. Their design, their business model, their very existence is a threat to the privacy, security, and freedom of the Internet. Blocking Cloudflare is an eminently reasonable mitigation strategy for a web browser which bears the name, “Tor Browser”. Bug re-opened."

    source: https://web.archive.org/web/20200301...r/ticket/24351



    Cloudflare back then (UNSPAM)
    https://web.archive.org/web/20200301...ww.unspam.com/


    Also folks keep an eye with another ****ty ones here (same business tactics)
    - incapsula.com
    - Akamai
    - Google Cloud



    MikePerry (Tor member) wrote a piece about cloudflare with the Tor blog back in 2016, it is an old issue, cloudflare is one of too big to fail and they can put their stink finger where they like..
    source: https://web.archive.org/web/20200115...ble-cloudflare


    Website owners that decided to use cloudflare (because they were influenced) are the problem, most of these people just goes with the trend, they literally has no knowledge of what they are doing, they were told to do that way, and we the users pay the price for that, because after all what we are talking is the perfect setup to collect data from the people, and they do that with the help of the businesses out there. And since there is a "consent" of the website owner doing it, it seems CF just extend that consent to collect data from everybody accessing that website.

    The typical case: "Give Them A Finger And They Demand The Whole Arm."

    MITM Cloudflare is a reverse proxy, it decrypts data at their gates, backup the raw data and encrypt back. The RAY ID proves that every single connection is been recorded.

    ..

    "Let's say you're working at the NSA, and you want every citizen's internet profile. You know most of them are blindly trusting Cloudflare and using it - only one centralized gateway - to proxy their company server connection(SSH/RDP), emails, personal website, chat website, forum website, bank website, insurance website, search engine, secret member-only website, auction website, shopping, video website, game website, NSFW website, and illegal website. You also know they use Cloudflare's DNS service ("1.1.1.1") and VPN service ("Cloudflare Warp") for "Secure! Faster! Better!" internet experience. Combining them with user's IP address, browser fingerprint, cookies and RAY-ID will be useful to build target's online profile."

    ..

    "Cloudflare is the world's largest MITM proxy(reverse proxy). Cloudflare owns more than 80% of CDN market share and the number of cloudflare users are growing each day. They have expanded their network to more than 100 countries. Cloudflare serves more web traffic than Twitter, Amazon, Apple, Instagram, Bing & Wikipedia combined. Cloudflare is offering free plan and many people are using it instead of configuring their servers properly. They traded privacy over convenience."

    source: https://gitea.slowb.ro/dCF/deCloudfl.../readme/en.md/ <----- Great article here, read if you can.



    This article says a lot about browsers.
    source: https://digdeeper.neocities.org/articles/browsers


    As always I don't pick sides, I just try to evaluate the best option available at the moment and keep going that way. For me I have no reason to stop using Tor browser, IceCat and PaleMoon, despite some people seems to really hate them and point out so many issues with all of them, but that is because everything got issues, there is no perfect solution. In my perception, every 6 months or so, have to dig deeper to find out "new old" issues with browsers and that take a bit of time, but it worth the time learning in my opinion.

    Internet fully controlled by the elites. The people have to realize that they are not welcome in the elite's club. period. wake the hell up, stop supporting them, I don't know a better way to say that. Sorry for the little rant HA

    Cloudflare and the likes since their working is no different of a border patrol sort of thing, allowing/denying traffic IN and OUT. I think of companies to implement the ZERO TRUST protocol (Digital ID), ISP for instance, nowadays I still thinking where it would make more sense to be implemented on a combined way at different points of failure (would they be so stupid to have a single point failure to things like ZT ???), would that be the ISP hold responsible to verify ALL users authentication against a global system, but doing so on their own??? I don't think so, sounds too silly and simple.
    It is the great wall of China example filtering users what they can or not see or interact with. Cloudflare possesses great power. In a sense, they control what the end user ultimately sees. You are prevented from browsing the website because of Cloudflare and it can be used for censorship.



    [Update]
    "UPDATE March 2023: Pale Moon addons store is now Cloudflared, and you cannot install extensions through TOR." <------- That's pretty nasty.

    Update 2
    A bunch of browser reviews here (first section Web Browsers)
    https://spyware.neocities.org/articles/

    Code:
        BadWolf [deutsch]
        Brave [Русский]
        Google Chrome [Español] [Polski] [Português (Brasil)]
        Dissenter
        Internet Explorer
        Falkon
        Mozilla Firefox [Español] [Mitigation Guide] [Guía de Mitigación]
        GNU IceCat [Español] [Italiano]
        Iridium Browser [Mitigation Guide]
        Librewolf
        Lynx [Polski] [Русский]
        NetSurf [Polski] [Mitigation Guide] [Poradnik Mitygacji]
        Opera
        Otter Browser
        Pale Moon [Español] [Mitigation Guide] [Guía de Mitigación]
        Qutebrowser [Русский]
        SeaMonkey [Mitigation Guide]
        Slimjet [Polski]
        Sphere Browser
        SRWare Iron [Polski]
        Surf [Francais] [Polski] [Русский]
        Tor Browser [Mitigation Guide]
        Ungoogled Chromium
        Vivaldi
        Waterfox Classic
        Web Browser
        WebDiscover

    Last edited by palehorse; 12th May 2023 at 06:26. Reason: add souce
    --
    A chaos to the sense, a Kosmos to the reason.

  8. The Following 3 Users Say Thank You to palehorse For This Post:

    Ewan (12th May 2023), gord (12th May 2023), Szymon (14th May 2023)

  9. Link to Post #25
    Scotland Avalon Member Ewan's Avatar
    Join Date
    24th February 2015
    Location
    Ireland
    Age
    62
    Posts
    2,434
    Thanks
    51,860
    Thanked 18,949 times in 2,388 posts

    Default Re: Cloudflare

    Well that certainly puts 50 lb's of prime steak on the bones of my original post.

    The only solution, as mentioned above, would be to block any cloudflare script ever running on your browser but in addition, let the website employing it know exactly why you will never be able to access their site again as long as they are employing cloudflare. Waste of time probably but might make the user feel marginally better for a while.

  10. The Following 3 Users Say Thank You to Ewan For This Post:

    gord (12th May 2023), palehorse (14th May 2023), Szymon (14th May 2023)

  11. Link to Post #26
    Avalon Member palehorse's Avatar
    Join Date
    13th April 2020
    Location
    Gaia
    Language
    English
    Age
    46
    Posts
    1,630
    Thanks
    12,042
    Thanked 11,413 times in 1,572 posts

    Default Re: Cloudflare

    Quote Posted by Ewan (here)
    Well that certainly puts 50 lb's of prime steak on the bones of my original post.

    The only solution, as mentioned above, would be to block any cloudflare script ever running on your browser but in addition, let the website employing it know exactly why you will never be able to access their site again as long as they are employing cloudflare. Waste of time probably but might make the user feel marginally better for a while.

    The idea is to bring awareness to people, let them know what it is. the truth. they will make decisions after knowing it.

    Ewan, I don't think it is a waste of time, sounds like I know, but that is how things come to change, I mean even if cloudflare is pretty much used everywhere, we are the ones who can speak out about it. We have a good example, Paypal lost quite a lot of their customers, people are aware how evil they are, but it took a long time.

    I always proudly confronted these clowns and will keep that way.

    I hate the ****ty corpo culture mindset.

    A humble person living their entire life in the boonies has more know-how (life skills) than all these corp clowns pushers pussies combined.

    I guess I just left another rant, I have to control myself lol

    --
    A chaos to the sense, a Kosmos to the reason.

  12. The Following 2 Users Say Thank You to palehorse For This Post:

    Ewan (14th May 2023), Szymon (14th May 2023)

  13. Link to Post #27
    Scotland Avalon Member Hamish's Avatar
    Join Date
    3rd February 2011
    Posts
    139
    Thanks
    902
    Thanked 1,004 times in 132 posts

    Default Re: Cloudflare

    Hello,

    Appreciate this thread was mainly about cloudfare but since we discussed other issues, the following might of interest as to the dangers to privacy of DNS leaks, causing others to be able to see sites you visit and suggestions on hardware/software you might want to look into.

    Worth a watch.


  14. The Following 2 Users Say Thank You to Hamish For This Post:

    Ewan (27th June 2023), palehorse (28th June 2023)

  15. Link to Post #28
    Scotland Avalon Member Ewan's Avatar
    Join Date
    24th February 2015
    Location
    Ireland
    Age
    62
    Posts
    2,434
    Thanks
    51,860
    Thanked 18,949 times in 2,388 posts

    Default Re: Cloudflare

    Quote Posted by Hamish (here)
    Hello,

    Appreciate this thread was mainly about cloudfare but since we discussed other issues, the following might of interest as to the dangers to privacy of DNS leaks, causing others to be able to see sites you visit and suggestions on hardware/software you might want to look into.

    Worth a watch.

    Thanks Hamish, personally I was already aware of DNS leaks but they really should be brought to the attention of everyone.

    That said, however, the attention this thread gets should tell you most people just don't care. That to me is the saddest part. Project Avalon, one of the last bastions of sanity yet seemingly a large percentage of posters pay scant attention to what should be obviously bad for everyone, collectively - thanks to convenience?

    They literally feed the machine intent on consuming them.

  16. The Following 3 Users Say Thank You to Ewan For This Post:

    gord (28th June 2023), Hamish (28th June 2023), palehorse (28th June 2023)

  17. Link to Post #29
    Scotland Avalon Member Ewan's Avatar
    Join Date
    24th February 2015
    Location
    Ireland
    Age
    62
    Posts
    2,434
    Thanks
    51,860
    Thanked 18,949 times in 2,388 posts

    Default Re: Cloudflare

    Quote Posted by palehorse (here)
    I guess I just left another rant, I have to control myself lol
    Please don't

    I enjoy them, I vent with you just reading them.

  18. The Following 3 Users Say Thank You to Ewan For This Post:

    gord (28th June 2023), palehorse (28th June 2023), Patient (28th June 2023)

  19. Link to Post #30
    Avalon Member palehorse's Avatar
    Join Date
    13th April 2020
    Location
    Gaia
    Language
    English
    Age
    46
    Posts
    1,630
    Thanks
    12,042
    Thanked 11,413 times in 1,572 posts

    Default Re: Cloudflare

    Quote Posted by Ewan (here)
    Quote Posted by palehorse (here)
    I guess I just left another rant, I have to control myself lol
    Please don't

    I enjoy them, I vent with you just reading them.

    Thanks haha very kind of you Ewan.
    --
    A chaos to the sense, a Kosmos to the reason.

  20. The Following 3 Users Say Thank You to palehorse For This Post:

    Ewan (28th June 2023), gord (28th June 2023), Patient (28th June 2023)

  21. Link to Post #31
    Scotland Avalon Member Ewan's Avatar
    Join Date
    24th February 2015
    Location
    Ireland
    Age
    62
    Posts
    2,434
    Thanks
    51,860
    Thanked 18,949 times in 2,388 posts

    Default Re: Cloudflare

    Found a post today, now I have no idea why Cara is on sabbatical but there is absolutely nothing wrong with this post from 2019 concerning Cloudflare.

    The people who ignore the information on this thread, with the assumption, well there's nothing I can do about it, are the same as the people who freely use their mobile phones for everything with scant regard for the invasion of privacy that they permit.

    Effectively enabling the future - like sleepwalkers heading to their own dystopian nightmares. Sadly they take the rest of us with them, well, most of us.

    I will be one of the others, I'll be living on the fringes getting by best I can for as long as I draw breath. These bastards have captured the whole system through a long drawn out carefully considered plan. If you are not aware you are in this game how can you possibly make a move.

    Wade Frazier is right when he wonders if the human species is even sentient, and yet I think we once were. The more we moved away from nature and abrogated our responsibilities to government the more we became like livestock, waiting to be fed and cared for.

    Freely, bit by bit, becoming helpless.

  22. The Following User Says Thank You to Ewan For This Post:

    Eva2 (29th August 2023)

+ Reply to Thread
Page 2 of 2 FirstFirst 1 2

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts