Nearly every website today seems to be hosted behind Cloudflare which is really concerning for the future of privacy on the internet.

Cloudflare no doubt logs, stores, and correlates network telemetry that can be used for a wide array of deanonymization attacks. Not only that, but Cloudflare acts as a man-in-the-middle for all encrypted traffic which means that not even TLS will prevent Cloudflare from snooping on you. Their position across the internet also lends them the ability to conduct netflow and traffic correlation attacks.

Even my proposed solution to use archive.org as a proxy is not a valid solution since I found out today that archive.org is also hosted behind Cloudflare…

So what options do we even have? What privacy concerns did I miss, and are there any workaround solutions?

  • freedomPusher@sopuli.xyz
    link
    fedilink
    arrow-up
    2
    ·
    edit-2
    11 months ago

    The CDN needs to know the content in order handle it properly. … All these sorts of optimizations require access to the unencrypted content.

    Bingo. This. That’s so obvious it’s bizarre how many people continue to believe that CF does not see their traffic, as if CF can process requests it cannot see. I can’t get my head around why so many have trouble grasping this. If CF cannot decrypt the payload, it obviously can only pass it through to the source webserver. And obviously if everything is passed through, then the owner’s webserver must be able to handle the load, which defeats the purpose website owners use CF for.