summaryrefslogtreecommitdiff
path: root/content/posts/2017/2017-12-17-on-cloudflare.md
diff options
context:
space:
mode:
Diffstat (limited to 'content/posts/2017/2017-12-17-on-cloudflare.md')
-rw-r--r--content/posts/2017/2017-12-17-on-cloudflare.md28
1 files changed, 14 insertions, 14 deletions
diff --git a/content/posts/2017/2017-12-17-on-cloudflare.md b/content/posts/2017/2017-12-17-on-cloudflare.md
index 5010377..0381b31 100644
--- a/content/posts/2017/2017-12-17-on-cloudflare.md
+++ b/content/posts/2017/2017-12-17-on-cloudflare.md
@@ -15,9 +15,9 @@ Cloudflare is a threat to online security and privacy. I am not the first on to
address this issue, and I probably will not be the last either. Sadly, people
still seem to be very uninformed as to what issues Cloudflare actually poses.
There also seems to be a big misconception about the benefits provided by using
-Cloudflare. I would suggest reading the
-[http://cryto.net/~joepie91/blog/2016/07/14/cloudflare-we-have-a-problem/](article
-on Cloudflare by joepie91) for a more thorough look at Cloudflare.
+Cloudflare. I would suggest reading the [article on Cloudflare by
+joepie91](http://cryto.net/~joepie91/blog/2016/07/14/cloudflare-we-have-a-problem/)
+for a more thorough look at Cloudflare.
If anyone is using Cloudflare, please tell them to stop doing it. Link them to
this page or any of the articles referenced here. Cloudflare is harmful to your
@@ -28,7 +28,7 @@ too.
Cloudflare poses a huge risk by completely breaking the TLS/SSL chain used by
browsers by setting itself up as a
-[https://en.wikipedia.org/wiki/Man-in-the-middle_attack](man in the middle).
+[man in the middle](https://en.wikipedia.org/wiki/Man-in-the-middle_attack).
Cloudflare doesn't do actual DDoS protection, they just make the request to the
origin server for you. Once they have received the data, they decrypt it and
re-encrypts it with their own certificate. This means that Cloudflare has
@@ -42,16 +42,16 @@ plain text communications between you and the origin server. This data can be
used for all kinds of purposes. It is not uncommon for the USA government to
request a massive amount of surveillance information from companies without the
companies being able to speak up about it due to a gag order. This has become
-clear once more by the
-[https://whispersystems.org/bigbrother/eastern-virginia-grand-jury/](subpoena on
-Signal). It should be clear to anyone that end-to-end encryption has to be a
-standard and implemented properly. Cloudflare goes out of its way to break this
+clear once more by the [subpoena on
+Signal](https://whispersystems.org/bigbrother/eastern-virginia-grand-jury/). It
+should be clear to anyone that end-to-end encryption has to be a standard and
+implemented properly. Cloudflare goes out of its way to break this
implementation.
### Cloudbleed
The danger of their MITM style of operation was shown be the
-[https://en.wikipedia.org/wiki/Cloudbleed](Cloudbleed) vulnerability. It also
+[Cloudbleed](https://en.wikipedia.org/wiki/Cloudbleed) vulnerability. It also
shows that they make use of their MITM position to scan the data your site and
a visitor are exchanging. This includes private data, such as passwords.
@@ -103,7 +103,7 @@ unavailable to people who simply do not wish to use JavaScript or people who
are currently limited to a browser with no JavaScript support.
It is also common for Cloudflare to
-[http://www.tedunangst.com/flak/post/cloudflare-and-rss](Break RSS readers) by
+[break RSS readers](http://www.tedunangst.com/flak/post/cloudflare-and-rss) by
presenting them with this check. This check is often presented to common user
agents used by services and programs. Since these do not include a big
JavaScript engine, there is no way for them to pass the test.
@@ -130,7 +130,7 @@ addition of ruining the privacy and security of your visitors.
### Faster page loads
-This is very well explained on
-[http://cryto.net/~joepie91/blog/2016/07/14/cloudflare-we-have-a-problem/](joepie91's
-article) under the heading _But The Speed! The Speed!_. As such, I will refer
-to his article instead of repeating him here.
+This is very well explained on [joepie91's
+article](http://cryto.net/~joepie91/blog/2016/07/14/cloudflare-we-have-a-problem/)
+under the heading _But The Speed! The Speed!_. As such, I will refer to his
+article instead of repeating him here.
generated by cgit v1.1 at 2024-04-24 18:11:47 +0000