35
top 8 comments
sorted by: hot top controversial new old
[-] wwb4itcgas@lemm.ee 18 points 4 days ago

Cloudflare is an Internet plague.

[-] moe90@feddit.nl 1 points 4 days ago

the thing sometimes cloudflare is a necessity to combat bots or spams

[-] wwb4itcgas@lemm.ee 4 points 4 days ago

I won't deny that something like Cloudflare's "WAF" is useful. My issue is with the number of false positives I've run into with Cloudflare over the years. And because they have a virtual monopoly, when they cock up, suddenly half the Internet is inaccessible to the people caught up in it.

Or look at it another way: Suppose I was running a website and experiencing issues with automated access (some of which may be entirely legitimate). I choose to use Cloudflare's services to mitigate the issue, and immediately see a - say - 10% drop in traffic. I wouldn't be able to tell whether half of those where legitimate users filtered out by CF, unless those people take initiative to inform me of the issue - and even then I'd have no way of even estimating the ratio of false positives.

At the very least, it'd the nice if site-owners took a more nuanced approach to their implementation of these kinds of services than just gatekeeping general site access. Allow all reads of data (if you don't want people to consume your data, putting it on the Internet was a bad move in the first place), but bot-protect all writes.

[-] 9tr6gyp3@lemmy.world 3 points 4 days ago

It doesn't work that well for that purpose imo. Look at 4chan.

[-] pelya@lemmy.world 13 points 4 days ago

All that's going to achieve is that every browser on the planet will identify itself as Chrome in the user-agent string.

[-] nightwatch_admin@feddit.nl 6 points 4 days ago

Which will not work, or so-so at best thanks to fingerprinting. I get the need for such services , and they are doing absolutely amazing work on encryption of traffic, but even if they are well-meaning, it is a massive surveillance and traffic control point, in easy reach of an extremist government. And this news worries me a lot.

[-] pelya@lemmy.world 0 points 4 days ago

Fingerprinting fear is eh. The server only receives what the browser sends to it, plus your IP address. The browser fully controls what it sends, and it only sends identifying data because advertisement companies pay browser vendors to add this data. There is no technical reason why fingerprinting is even possible. Everything - your OS version, your cookies, your mouse movement - can be faked or anonymozed.

[-] nightwatch_admin@feddit.nl 2 points 3 days ago

If you configure your browser to do so. Average Joe and Jane won’t. That aside, preventing fingerprinting is really hard; ask the Tor Browser team how much effort they have to put into this.

this post was submitted on 11 Mar 2025
35 points (100.0% liked)

Hacker News

918 readers
362 users here now

Posts from the RSS Feed of HackerNews.

The feed sometimes contains ads and posts that have been removed by the mod team at HN.

founded 6 months ago
MODERATORS