A loosely moderated place to ask open ended questions
If your post is
- Open ended
- Not offensive
- Not regarding lemmy support (c/lemmy_support)
- not ad nauseam inducing (please make sure its a question that would be new to most members)
it’s welcome here!
- 0 users online
- 18 users / day
- 50 users / week
- 180 users / month
- 745 users / 6 months
- 22 subscribers
- 861 Posts
- 10.1K Comments
- Modlog
This comment on GitHub perfectly captures the controversy surrounding CloudFlare
It’s not hate against CloudFlare itself, but mostly against the centralization, and siloing of private services that are incrusting themselves at the core of the Internet.
No, definitely it’s hate against the company (in addition to what you said). CloudFlare has done (and is doing) many dodgy things and are absolutely not trustworthy.
Do you mind enumerating some of these dodgy things?
Its a man in the middle that recieves every communication to any server that uses it, including ip addresses, signups, passwords, usernames, all in clear text for them. Since so many servers use it, its a giant aggregator as dangerous as a centralized password store.
And they’re American so they absolutely have the NSA/CIA tapping into that data.
I use Cloudflare solely for DNS management because I know of other alternative that is remotely close to it… Registrars are usually really awful. I never proxy A records, always pure DNS.
Quad9 is a great alternative to CF’s 1.1.1.1, but unfortunately they don’t provide a service like that :c
I am guessing you aren’t running any servers anywhere you could do your DNS on?
Never considered that as a serious option. What kind of DNS server software would you recommend? What resource footprint does it have (my server is already pretty crowded and I’d like to not get a new one for now)? Does it work well?
Works as flawlessly as anything, but I’d recommend two systems, you want to have at least 2 DNS servers. If two small VPSes doesn’t make sense for you (you hardly need any resources to run powerDNS or BIND), then I wouldn’t go with that option. Was just curious.
Yeah, I just read a bit on the topic too and I came across the same thing. Atm I don’t run anything that would justify getting two servers for DNS, so I’d rather rely on a third-party. Thanks for the suggestion though and if you have any good alternatives to CF please let me know :)
Well, I would be loathed to give CF money or data, so since I own domains at a registrar that does “meh, OK” services, if I wasn’t running my own DNS servers I’d just go with them. I would most registrars would provide reasonable DNS services for nothing.
I use Netfirms, btw, but that’s not necessarily a plug for them.
I see. Yeah, I haven’t had the greatest of experiences with my registrars when it comes to DNS (mainly slow updates and inability to add some types of records). Also, I don’t give CF money nor data really, I use just DNS, no proxying. The distributed nature of DNS makes CF less prone to getting data than it would be otherwise. Do you know any other service similar to CF’s DNS thing?
What is about using OpenNIC servers.
Thanks for all the great responses
Someone’s comment who I know:
CEO of CloudFlare once said:
(Source)
BBC reporter Zoe Kleinman wrote that Matthew Prince wanted $20,000 for the Honey Pot data. “That check showed up so fast,” said Prince. Michelle Zatlyn heard the story from Prince and replied, “If they’ll pay for it, other people will pay for it.” Soon she and Prince cofounded CloudFlare.
From an article:
(Source)
Concerning KPMG, “the well-respected auditing firm” as Cloudlfare puts it. Really?
Hmm… so much for “put our money where our mouth was” (source), interesting choice Cloudflare!
The gist of this is: DHS saying there is valuable data of those collections, hence the initial impetus for CloudFlare after having $20,000 from their Project Honey Pot! My question would rather be, who’s operating those DNS providers and who’s watching the watchers? Because, DNS queries can reveal a lot about a persons internet activity and usage. There is an interesting research about DNS on the topic of user privacy, though the research is about Tor and DNS (and thankfully Tor is still safe as they said that they “don’t believe that there is any immediate cause for concern.”), the researchers said:
So, just like the internet is plagued with Google Analytics and other of their subsidiaries. We are then now plagued more by CloudFlare with their CDN and DNS.
Relevant:
Concerning DNS over HTTPS (DoH), internetsociety.org noted:
What people should understand as noted by internetsociety.org’s document concerning encrypted DNS is: the mechanisms should be seen as ways to improve, in specific scenarios, certain aspects of network privacy, but not as replacements for other privacy mechanisms such as VPNs or other implementations such as Tor.
they host a lot of bigoted content (like 4ch*n)