whats wrong with cloudflare? i like them but want to find something to be cautious because they sound too good to be true.
they announced their own dns with dns over https
blog.cloudflare.com
they encrypted sni so isp couldnt see what site you visit by that
blog.cloudflare.com
they fixed the annoying captcha problem
blog.cloudflare.com
blog.cloudflare.com
so are there any reason they shouldnt be trusted?
i find this site but it didnt seem serious to me.
Other urls found in this thread:
blog.cloudflare.com
magaimg.net
crimeflare.com:82
store.steampowered.com
addons.mozilla.org
addons.mozilla.org
crimeflare.com
twitter.com
they blocked tor from half the internet since 2011 or so
no they didn't. only if you imitate tor browsers you wont get the captcha. and VPN will still be blocked if that workaround is only for tor IPs
also this
blog.cloudflare.com
'we censored people but thats ok because we sorta feel bad about it but not really, uwu'
You are aware that all of the anti ddos protection works like a MITM ?
And guess who's between the website you visit and you ?
If you use Tor as much as I do (aka always) this is bullshit.
The rest of this is pasta:
Why cloudflare is cancer to the internet
-cloudflare makes it extremely difficult for Tor users and users who disable javascript. This difficulty was originally just a simple CAPTCHA, that progressed into impossible CAPTCHAs (CAPTCHAs that would reject all answers), and finally outright blocks in the case of archive.is; this effectively bans the most security and privacy-conscious users from your site.
-cloudflare arbitrarily bans whoever they want. Today, it is Tor users who disable javascript. Tomorrow, it could be all Firefox users, Linux users, VPN users, Brazillians, Germans, Snowden supporters, filesharers, anons, children, women, homosexuals, Christians. The exact criteria doesn't matter, because it is completely at the whim of cloudflare.
-cloudflare completely breaks SSL
Standard SSL handshake
User -> website's key -> website
User cloudflare's key -> cloudflare -> website's key -> website
User
thanks for the info. i will look into it more.
CF is an NSA op.
Encryption became so good they didn't know what to do. So they allowed the DDoS problem to grow unchecked and then came up with a service to sell you for (((protection))). Now they just "Man In The Middle" everything with CF.
Think about it. Every other site that you go to routes you through cloudflare's servers. Cloudflare now knows all the sites you go to, it's like a google analytics you can't block.
On top of that they MITM https. And they fuck with tor. Any cuckflare site basically gives you the shit choices of not using Tor or doing something (eg. captcha, extension) that defeats the anonymity of Tor.
Just asking, how does a captcha defeat anonymity? Are there captchas that require your name that I don't know about? As far as I can tell, it's just a pick the three cars game and then you can move on.
Good question. Google-style captcha uses JS and I'm pretty certain it uses mouse/keystroke tracking to attempt to identify users. I can't cite a source for that, but in my opinion they would be crazy not to. The whole premise of the thing is to prove you are a human, and the best way is to find out which human you are.
Fuck. I'd believe this.
I've seen so many people talk about hacking into insecure IoT devices and patching them to prevent them being added to botnet. Vigilante idea: hack into these devices and brick them. Whatever function they're supposed to perform, disable it. If they have a mic, blast it. DDOS all the other computers on their network. Make the owner's life a living hell, so their only option is to take the device to the manufacturer and demand a refund. The manufacturer would learn pretty quick how to make a secure device. The only problem is that the glows would get you first.
Blast it with education about how these devices will always be hackable. Or else they will just buy the new and improved version
You can make an unhackable device. You just need to stop hiring street shitters to do all the coding, and let the devs do serious testing.
that's how it works it uses cookies and shit to track you and establish a profile, and records mouse movements and timings now. you used to be able to turn off JS and get a way less gay captcha, haven't tried it recently
I never mentioned captcha, but let me spoonfeed you some more.
recaptcha, which sites use now, is loaded directly from jewgle servers so it tells jewgle about your online behavior. It also forces you to enable js which potentially allows more tracking.
Captchas themselves are not inherently bad. You could have a server-side script generate the captcha, which is then displayed as a static image for the user to solve and submit with a simple HTTP POST, no JS or other magic required. Unfortunately this approach went out of style because webdevs are too retarded to make captchas that aren't trivial to solve (I used to write captcha crackers for fun before recaptcha), nobody made a good free server-side captcha that just werks, and normalfags have a retarded fetish for anything jewgle (muh helping digitize books! muh helping train AI!)
However supposedly anonymous sites that give you "captcha vouchers" like 8ch are saving a cookie, which means they potentially assign a pseudonym and track you anyway, but this doesn't really matter since it's trivial for the server to track everything you do captcha or not.
i mean you can just use 1 captcha/cookie per post
Wouldn't matter unless you can hack millions of new devices every week. You're better off botnetting them and installing miners, then using the proceeds to run a public education campaign. But there are already tons of people trying to make miner swarms.
Normies don't give a fuck about their IoT shit. People will put ip cams in their bedroom and leave it with the default credentials. They're retarded. If you hack their device they'll just throw it out and buy a new one, call it a day. Maybe install Norton Web-Protection(R) 2019 edition. They are beyond hope.
THIS
THIS
THIS
THIS
THIS
People who think any of this can be fixed are fucking delusional. Normies can not and WILL NEVER be saved. Period. CF kikes won, end of story.
Now that this has come to light, there is nothing we can fucking do to stop it. The NSA fucking won.
If you have seen recent trends, you'll realize that it's too fucking late. Everyone can agree that they won, and the internet will become centralized forever.
It's fucking over. We literally can't fight (((them))) anymore.
Peak newfaggotry.
What's up with the blackpilling in Zig Forums?
Technology is not yet lost!
Do not believe their lies!
...
[tor users can't post images]
You might not get all devices, but if someone created some standard software for the job, people could run it on their machines like SETI@home. Once you have devices, they can target more, so your network grows logistically. More importantly, just a couple high profile cases could create large public awareness
You could make national news with this shit. "new technology may be more dangerous than you think" always goes over well with boomers.
it's one faggot. report and filter him
See
People are blackpilled for a reason.
Can you get me a job at the NSA?
for those who haven't already, see >>>/metatech/1632
even the people who are saying "blackpill" are samefag. that's not even a thing
Hey user!
I would love to see your pic, but it appears that you have linked a website that uses CloudFlare, meaning that I would have to complete A STUPID FUCKING CAPTCHA YOU MENTALLY IMPAIRED ABORTION
you can bypass cuckflare by setting your user agent to
Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0
how do you even browse anything if you can't bypass cuckflare?
This is what is wrong with kikeflare: crimeflare.com:82
Didn't work for me. Cuckflare isn't retarded, they don't just trust UA. They look at IP also.
Actually for tor IP's they let the tor browser through. Which means you need the exact same useragent, platform agent, javascript oscpu, accept headers, appversion agent, canvas fingerprint, and your browser can't broadcast anything unique like chrome's botnet bullshit in the canvas.id. If you can do all that with a browser that isn't modern chrome/firefox 52+ and isn't the tor browser then you can bypass the capcha. But let's face it, at that point you will need to change your default supported fonts to be whatever the tor browser supports too, that way you perfectly replicate the tor browser except for the backdoors and telemetry portion you skip over.
Then again, they could just test for the backdoors and telemetry in the future, which you can fake but it would be difficult as it requires writing functions that return whatever cuckfare/nsa expects from the tor browser user.
you don't need JS what are you talking about. just compare your headers to that of Tor Browser for a plain GET request and see what's different
It's literary a MitM service, people are buying into.
Cloudflare is a MITM attack that site owners actually pay for, and if you don't pay they will unleash their botnet on your site.
It's a mafia operation.
Timing attacks.
I don't know what could possibly not be good about centralizing every website with a single service who can do however they please and monitor pretty much everything people access online.
Don't be paranoid! I'm sure Cloudflare puts your privacy before their own interests goy, go ahead and blindly trust it.
lol, and for example with a text captcha different people will read it differently.
Literally why
Why do you accept to be paid to spread bs all day ?
Don't you have something that you would love to work for instead of this ?
As everyone else has mentioned Cloudflare is a MTM attack, they also store cached site data on their servers possibly including cached logged in accounts for the sites that use them.
The most famous case of misuse of caching services was what happened during a DoS attack on Steam on Christmas of 2015:
store.steampowered.com
This was because a service similar to Cloudflare (akamai) fucked up and potentially leaked personal data (including credit card data) to Steam users over a few hour period.
No you faggot, all of that is with javascript disabled.
If you enable javascript they can check build dates/times against the official tor browser build and also check your audio setup along with a dynamic javascrip OSCPU there is two of them, platform OSCPU for javascript disable and javascript OSCPU for enabled. If you wanted to enable javascript why would you ever do this? you need to block the audio API from ever being accessed for fingerprinting and change the build date/time to match that of the official tor browser along with changing the javascript enabled oscpu. Then you would be replicating the tor browser enough that cloudfare probably can't see its another browser.
literally what info about canvas are you sending when you just do a GET?
here's my headers: (using the built in webdev tools in palemoon so it may be slightly inaccurate)
Host: nigger.comUser-Agent: Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alive
and this is good enough to bypass cuckflare.
I'm talking about when using cuckfare behind tor you niggerfaggot. If you don't want to use the tor browser what I described is how you replicate to bypass the cuckfare checks. If you are accessing cuckfare over the clearweb with JS disabled then yea, your changes work.
The canvas API is always able to be accessed when enabled with firefox, palemoon, icecat, seamonkey, tor browser, etc mozilla fork even with javascript off. Just because the page you visted didn't list the information in the GET doesn't mean it didn't transfer, use wireshark to check with a cuckfare page. But the page has to explicitly request the information via whatever method cuckfare is using which isn't javascript. So spoof or disable the API.
$ torsocks ncat -C magaimg.net 80GET /img/6i7y.jpg HTTP/1.1Host: magaimg.netUser-Agent: Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-aliveHTTP/1.1 200 OK^MDate: Sun, 21 Oct 2018 02:00:27 GMT^MContent-Type: image/jpeg^MContent-Length: 37468^MConnection: keep-alive^MSet-Cookie: __cfduid=d4af05162d6f4f6bd6be37c8d65bd3b501540087227; expires=Mon, 21-Oct-19 02:00:27 GMT; path=/;domain=.magaimg.net; HttpOnly^MCf-Bgj: imgq:100^MCf-Polished: origSize=38991^METag: "984f-578a01e580db3"^MLast-Modified: Sat, 20 Oct 2018 02:53:02 GMT^MCF-Cache-Status: HIT^MExpires: Mon, 21 Oct 2019 02:00:27 GMT^MCache-Control: public, max-age=31536000^MAccept-Ranges: bytes^MVary: Accept-Encoding^MServer: cloudflare^MCF-RAY: 46d02145270c97ec-FRA^M^MÿØÿà^@^PJFIF^@^A^A^A^@H^@H^@^@ÿÛ^@C^@^F^D^E^F^E^D^F^F^E^F^G^G^F^Hetc
This isn't fucking hard.
No it can't.
No it fucking can't. Fucking ncat doesn't implement canvas api, and it works fine.
addons.mozilla.org
it blocks and redirects the site that uses cloudflare to internet archive. i gotta whitelist Zig Forums though since it uses cloudflare as it can be seen by this addon
s-so am I? im using palememe over tor and i never get the cuckflare captcha page
literally all i had to do is set the user agent to
Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0
and to make embedded images load, in palememe you need to set image.http.accept to */*
okay, i ran nc -l -p 80 and connected top 127.0.0.1, and got this:
GET / HTTP/1.1Host: 127.0.0.1User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alive
literally how? you're doing a single GET without ever having loaded anything from their page. the whole problem about cuckflare's captcha gate is only related to the initial visit
Some addons can make that happen. Check your addons m8 some of them can be botnet it happened to me a few months ago.
i dont use addons
That's not the kind of timing I mean.
yes, I have seen the recent blackpilling campaign, jew. you arent fooling anyone here.
Pirate bay uses Cloudflare, as do most of the big name sites.
Cloudflare also makes it difficult for Tor users to use their sites.
I don't know much about how they work, but I don't like it.
Very soon there will not be a single website that doesn't use CF.
NO ESCAPE
I only know this because whenever I visit they have the big cloudflare server error page. Works fine over onion though.
uj3wazyk5u4hnvtk.onion
I figure this poster is actually a bot.
...
So uh, has it ever been explained how the internet ran just fine without cloud 10 years ago? why is this being pushed because of muh ddos?
More bandwidth available than before and people don't want to mitigate DDoS attacks on their services themselves, I would assume.
torrents are public anyway, sites like this aggregating information about regime critical users and the option to create virtual realities for user by serving them a certain kind of website and censoring them could be an issue. not so much now, but shutting internet discourse down is a top priority since trump happened, and centralized frontends like facebook are not as powerful as they thought before.
They started pushing that cloud shit like around 2006 or so. That's also facebook got big, and the nasty web 2.0 shit was rolled-out all over the place. Seems like a push from the top industry bigwigs to take over control of everything. So now you've got this cloudflare and amazon cloud shit that accounts for a large portion of all the corporate servers. And on the individual side the facebook, google, and related social media crap have taken over a lot of what used to be smaller sites and services.
Also now they're showing their true colors with all the political bias and censorship, so I think this reinforces the idea that everything was planned to be taken over, when they realized the Internet gave plebs too much freedom.
>crimeflare.com
This is why kikeflare is bad
Can someone explain to me why the crimeflare site uses both port 80 and 82(same situation for both TLDs)? They go to different pages but I don't see why they need to differentiate between "crimeflare.org" and "crimeflare.org:82". What purpose does this serve? Why not just link to the different pages?
==THIS== , major DDoS and really most cyber-threats are from nation-states, not script kiddies. Isreal basically DDoS sites they (and their ISPs) lack oversight on and the only solution for these sites is to adopt Cloudflare who are APPARENTLY the only company that is successful at mitigating these attacks.. pure coincidence. It's basically a 'if they won't join you, beat them until they will' kind of situation.
And (((they))) will win. They always do.
assuming the admin is shit, they could be running different server software. Each server just listens on a different port, rather than needing some fancy reverse proxy to connect them together.
good job america. really teaching your citizens well.
here's a source ya retard, from a presentation on cybersecurity from the Bank of England. and if any prodigies comment on me using windows, feel free to hack into my machine any time you want, stolen games and throwaway emails await you.
any genuine hacker who's breaking into critical infrastructure and doesn't have state protection already is gonna get doxxed sooner than later, and then probably recruited by the very state they were fucking with in the first place.