Cloudflare

From Soyjak Wiki, The Free Soycyclopedia
Revision as of 16:28, 8 February 2022 by Cliffsend (talk | contribs) (Created page with "'''Cloudflare''' (also known as '''Cuckflare''' and '''Crimeflare''') is an {{glow|American}} botnet disguised as an affordable reverse-proxy and [https://en.wikipedia.org/wik...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

Cloudflare (also known as Cuckflare and Crimeflare) is an American botnet disguised as an affordable reverse-proxy and DDoS-mitigation service. Its business model consists of a campaign of intimidation of DDoS attacks against website administrators with, against which funnily enough, only Cloudflare's service is effective. The army of servers grows through harassment-sales. Thus the botnet grows, kind of like homosexuals.

The Man in the middle

Cloudflare-protected servers are instanced across a vast content-delivery-network, with visitors never interacting the real server. The unencrypted contents of user's interaction are entirely handled by Cloudflare. This is indistinguishable from a man-in-the-middle attack, no more no less. From hosting your bank's website to soyjak.party, Crimeflare dominates the CDN market with an 80% share. Essentially performing a man-in-the-middle-attack on all of the internet. Some have pointed out the colossal datamining potential of such a position, but the argument loses ground when verified fact-checkers pointed out the proponents are conspiracy theorists who should take their meds.

Note for a site to use cloudflare, the owner has to point their DNS records to cloudflare's servers, at which point they effectively handed cloudflare full control of their website (as long as the DNS records point to cloudflare's servers). They can prove control of a domain to certificate authorities who will issue certificates for your domain to cloudflare.

Now cloudflare has control to eavesdrop and log any user interactions with your website or silently tamper content if they please.

However, this is not a Man-in-the-Middle attack, because the website owner gave cloudflare permission to do all of this. So it's not an attack, it's a secure connection to cloudflare (who the website owner gave permission to serve content at their domain name).

[...]

In the end, that's all you have. You have to trust that the organization running the website at the other end is trustworthy with whatever data you give them by browsing there. When visiting websites on the cloudflare CDN part of the trust is in cloudflare.

(This is in contrast to real MitM attacks, where some attacking middleman who does not have authorized access eavesdrops and/or tampers with the network traffic).[1]

See also

Citations

  1. https://security.stackexchange.com/a/177301
Retrieved from "https://soyjakwiki.net/index.php?title=Cloudflare&oldid=10144"