deleted by creator
Both can be true?
Yup
Cloudflare is a business. Businesses protect their profits. Online casinos are scams subject to regular massive DDOS by their scumbag competitors and by people who want them shut down. Cloudflare wasn’t going to eat that loss anymore so they kicked them to the curb to save money. Also the time frame wasn’t 24 hours. More like a month. This makes me suspect the scamming casino’s story more.
Removed by mod
And insurances provide monetary compensation until you become a common liability, too high to be covered by any sort of fee. DDOS protection is just the same. It’s only feasible if it happens rarely, like they usually happen. However if it’s a common occurrence it will just eat up the profits made by the fees and then some, which just is stupid to do in any case.
Comparing Cloudflare to insurance companies is not how you’ll convince me they’re not acting like jerks lol
I don’t want TP convince anyone they are not like jerks, but rather highlight why a corporation would do something like this to a (most likely) lucrative client.
Removed by mod
It is similar in that there’s a pool of resource shared between all the clients, and the service provider can shift this resource around when in need.
Removed by mod
You can make this argument for literally every business, though. Which business does not have a single pool of resources and multiple clients to consume them?
The majority of factories. They get an order in and produce the product until that order is fulfilled. They don’t have to be running 24/7, it is just that that is the most profitable.
But if you stick to your “analogy”, a factory also chooses who their customers are. And if some are too demanding, they just drop them. Like the casinos.
I should have elaborated on it a bit more, my bad.
While it’s true that DDoS is more of an active technology rather than a CYA thing. It does however also act as insurance when it comes to the “blame game”: if your site goes down it’s not your fault but the provider’s fault, meaning you might be able to recoup lost profits through a lawsuit.
Of course the only way to avoid this for the provider is to provide better and stronger systems, which normally would grow homogenous through more customers and/or growing fees for all customers, which would pay for better capacity and stronger protection by itself.
However here we have a client that is a high value target that others might want to take down at all costs. Even if they didn’t sue, a strong enough attack might, alongside naturally expected DDoS on other clients, not only take down this customer’s server, but others as well, which really isn’t something you want, for the reasons stated above. And rapidly increasing security could be not worth it, as it could devolve into an arms race by proxy with a high risk of the customer leaving if you raise their fees to much, leaving you with a system which’s maintenance will now dig into your profits due to a lost big income stream, or make other customers leave if you raise the general fee.
Removed by mod
I think they are only “very regulated” if they are based in certain western countries?
I used to hear a bunch of stories about issues getting payouts.
Removed by mod
It’s not that they got DDoSed, it’s that unregulated off-shore gambling is illegal in many countries, so their IP addresses were getting blocked in these countries. The way CDNs like CloudFlare work is that many customers share the IP addresses, so they were getting other CloudFlare customers blocked as well.
CF wanted them to move to a “bring your own IP” plan so that their IP blocks wouldn’t affect other customers, and that came with the steep price tag.
That’s not what OC mentioned, which is what I was answering to. They mentioned the logic that getting DDoS made them unprofitable customers, I questioned it.
I perfectly understand the issue. If cloudflare was getting their IP blocked in countries where the casino was dodging regulations, they should have simply written that, and forced the customer to block traffic from those countries. The BYOIP is not the only way to solve it. Imperva forced the website i worked for to block Russia (which was not a market we were operating in) to prevent their IPs being blocked in Russia, for example. They didn’t bring it up as an option somehow, and that gives to this an extortion vibe.
Online casinos are also tech. The devops in the article literally says they set up proxies to continue operating in countries where their main domain is blocked. I know the core domain of casinos are very regulated, but I doubt the entire tech aspect of online casinos are regulated. I imagine there’s plenty of fuckery to do there.
Also casinos will throw out people who benefit too much at the expense of the casino. The casino benefitted too much at the expense of Cloudflare and refused to share the profits, so Cloudflare did what any casino would do and kicked them out.
Removed by mod
They provide a whole lot more to begin with.
Sure, which is why I said:
(Sure, WAF etc. but you get the point).
An online casino would mostly benefit from WAF, DDoS protection and caching.
The arguments I was responding to is like saying that if you get too many web attacks they should kick you because the WAF is not anymore profitable. It doesn’t make any sense.
They didn’t get kicked out. Just moved to a more expensive solution / pricing structure
Removed by mod
That wasn’t it, Cloudflare didn’t like they way the casino was using Cloudflare’s IPs, since they were getting banned in multiple countries.
Cloudflare only offers byoIP as part of a business package, and that comes with extortionate pricing.
Cloudflare is a business. Businesses protect their profits
You say that like it’s ok to do shitty things as long as “you’re a business protecting profits”
I say that like its the way things are.
The purpose of the comment is clearly: “Cloudfare didn’t kick out the casinos because of a compromise with good ethics, but because it was making them lose money”. Please read it again.
I was just having issues with your opener which sounds whole lot like justification.
I was reading the blog post by the casino’s tech person and kept thinking to myself, “this is a casino; they may not be the most reliable narrator”. That said, CF was also stupid slow on taking down kiwi and stormfront, so they’re not great either.
Both of them suck and this whole thing is amusing to me. Hopefully this will serve to improve CF’s behaviour.
What was kiwi?
KiwiFarms, a forum dedicated to doxxing and IRL harassing of LGBTQ people, women, and anyone else they didn’t like. It was a breeding ground for Nazis and other Conservative bigots and their ideologies, and they successfully harassed people into moving and hiding (or worse).
Specifically, it started out to track, dox, and harass Chris-Chan (originally just for being a weirdo though they eventually came out as trans and made news in 2021 for being arrested for incest). The nearly two decade old (since 2007) ongoing campaign against them means they are probably the single most documented human being in history.
They don’t often target women just for being women, but much like with trans people and furries they also hate a hate-on for crowdfunded youtube personalities and fat acceptance and all of those groups do have their share of women (especially the last one - fat acceptance is primarily about women). They even target fundamentalist Christians and Quiverfull families sometimes (which tend to be very Conservative).
Also, there’s no “was” - they still exist are are operating.
For those horrible enough to like this.
Sometimes each other too if my information is correct. So even if you are a bad person and want to harass innocent people, kiwi farms isn’t the place to be.
Bad people are bad people towards you too if you give them the chance. Just don’t be bad, much better. Don’t hate!
A website similar to 4chan, but much much worse. They’d dox pretty much anyone they didn’t like, often LGBTQ+ people and allies
deleted by creator
I feel like if you’re protecting a site that has caused as much harm as kf, it might be morally correct to stop doing so.
Fuck CloudFlare – I don’t like monopolies or monopolike.
What exactly has Cloudflare done to those poor casino thugs, they were only trying to extract more money from gambling addicts?!?
reminder that cloudflare routinely works with white supremacist and other hate sites to protect them and have most recently refused to stop hosting kiwi farms, as they were doxxing and threatening trans people
THIS MESSAGE (MATERIAL) CREATED AND (OR) DISTRIBUTED WITH PURPOSE OF HATE AND (OR) ENCOURAGING HATE.
You forgot to put it.
I heavilt dislike cloudflare, but this is not valid reason to hate them.
They don’t “work with white supremacists”. They try to self-polish the tremendous power the have, seeking neutrality in most cases.
You have it wrong, which really shows what you stand for:
Cloudflare refused to block KiwiFarms as there was no evidence of criminal activity or violation of their policies, and doing so would tarnish their reputation in regards to free speech. They did stop hosting KiwiFarms, in September of 2022 (you can find their statement here) in response to a libelous pressure campaign ran by Keffals when she/they/it found out users were pulling out receipts of it engaging in lewd conversation with minors and providing them with DIY hormone replacement therapy kits without any medical oversight or parental consent.
And KF did not attack Keffals out of nowhere, it was only after she started engaging with Chris-chan as she was attempting to use him to boost her own reputation at a time when he was already in a perilous mind.
I’m not sure exactly where you got the “threatening trans people” from, that is the first I’ve heard of it. I know of one incident that is much more grave and potentially what you are referring to, but your reference leaves out almost the entire context of that one particular incident and there have been no repeats of it to my knowledge.
I’m not a fan of KiwiFarms, but they did not earn their censorship. It was the result of a successful attempt by a revisionist career troll to cover their tracks when they realized their goose was about to get cooked, nothing more. If you truly stand for free speech, you would realize just how dangerous the precedent set by such an unreliable source as Keffals is.
And yes, I realize that if my comment gains enough traction, it and its army will be at my throat and by no doubt have doxxed me in no time if they so choose. But that’s not going to keep me from preventing people like you from twisting the narrative.
The same place that regularly bullies and bear-baits ‘lulcows’ for entertainment? The same people who bullied an autistic adult over a shitty Sonic fan character webcomic?
Your describing Twitter and Facebook as well.
🤘
Por qué no los dos?
whenever websites break, you can see cloudflare, and also online casinos!
Nice! A topical meme relevant to today’s top Lemmy story!
I think I haven’t seen story you mention.
Thanks
What is a “top” story on Lemmy, given everyone subscribes to different communities? Is it the most popular across all communities?
Only two buttons and you got five fingers. Math>you
What’s the problem with CloudFlare? They’re trying to make a profit, and so in the long run are the same as anybody, but every interaction I’ve had with them recently has left me impressed.
RIP your inbox. Enjoy a whole lot of self-righteous lectures in business ethics.
- They seem to hate my devices. Lots of captchas.
- They seem to hate when people bypass their country’s censorship. Using sites behind cloudflare through tor is pain without end.
They’ve gotten a lot better over Tor - that’s the main thing I’m thinking of, actually. I used to give up most of the time when captcha’d, but now with the JavaScript based verification I pretty much always can get in, even on mobile.
Most providers don’t give a shit about Tor, or actively try to block it. They actually went out of their way to make it easier.
I get so many cloudflare captchas browsing on Firefox. They mostly go away when I change my user agent string to Chrome. Making the Internet more hostile for a particular group of users is pretty shitty behavior in my book.
I use Firefox and can’t remember the last time I got a cloudflare captcha
What’s the problem with CloudFlare?
So far, not much other than being “too” content neutral for a lot of people. They have potential to be immensely horrible whenever they decide to engage in enshittification to maximize profits.
they’re called crimeflare for a reason. besides being a government goldmine having access to everyone’s encrypted TLS traffic, they selectively enforce censorship in unethical ways.
why block kiwifarms when you still allow hosting monkey torture sites? or sites for sourcing bathtub HRT secretly sent to minors? they shouldn’t be policing the internet in the first place. this is dangerously close to invalidating Section 230 protections as well.
there’s so many more reasons it’s not even funny.
Apparently they also strip encryption off and see everything, too.
They see everything because they have to for some of the services they offer which gives them a huge potential to do terrible things that they have not actually pursued yet to date, hence the “so far” in my comment.
No terrible visible things, at least. God knows how much data they’ve hoovered up.
True. But that just falls back on the “not yet” part of things. They’re likely sitting on a massively valuable pile of user data and when they get greedy enough it’s going to be ugly.
They’re a giant middleman getting everything you put into html forms unencrypted.
That includes all your usernames, passwords, and everything you submit via text boxes. Do not trust any site that uses cloudflare.
This is such a Lemmy take, good god.
“Cloudflare has been around for over a decade and doesn’t do anything nefarious with my data and have never shown any intention of doing so… but, consider this for a moment… what if they DID?”
This is such a Lemmy take
What makes it funnier is that he’s one of the main Lemmy devs lol
Trusting US corporations by default rule
NGL I’m struggling to follow that image, do you have a higher res version or an explanation if you don’t mind?
Cloudflare has been around for over a decade and doesn’t do anything nefarious with my data and have never shown any intention of doing so
Citation needed.
Oops, I’ve got a citation for you.
https://blog.cloudflare.com/cloudflare-prism-secure-ciphers
I know the response will be what you already said in a previous comment about companies saying “trust us bro” so I’ll take the L on this one.
Appreciate the humility, thx.
Oh yeah I’ll do a full research next time I enter a web page to see who hosts it. If it’s by Amazon or Microsoft I’ll give green light.
None of the above is easily possible, a lot of us do it.
Oh hey, thanks for Lemmy!
Yeah, I’m a bit horrified to learn that Cloudflare is the crytographic endpoint for clients. I’m wondering how much stuff I’ve let them see unaware now. Because obviously nobody would voluntarily sign up for this kind of security bad practice. /s
No probs! Yeah it’s wild that a lot of people not only using cloudflare sites, but also running them, don’t seem to mind that cloudflare is hoovering up everything.
Remember when google was beloved by everyone back then when they’re still have “don’t be evil” motto? Cloudflare right now is like google back then: super useful, provides a lot of free services that would be expensive on other providers. But unlike google, if cloudflare go full evil in the future, the impact will be much larger because they’re an mitm proxy capable of seeing unencrypted traffics across all websites under their wing. Right now they’re serving ~30% of top 10,000 websites and growing.
Oh, okay, so I’m not wrong that they’re good right now.
I’m a little unclear on how it works. Do they strip off HTTPS somehow? Otherwise, there’s not too much unencrypted traffic around anymore.
One of the services they provide is free SSL certificates. As part of that, they have the private key to decrypt the traffic. They aren’t trying to hide that— this is true of any service that hosts the SSL cert for your site.
Does that mean it wouldn’t be an issue if you bring an SSL cert from say ZeroSSL but use Cloudflare for DNS, caching, DDoS protection etc?
For DNS and DDoS protection that wouldn’t directly be an issue.
For caching it would be breaking. You cannot cache what you cannot read (encrypted traffic can only be cached by the decrypting party).
It’s not who issues the cert that matters, it is who hosts it. Hosting it includes having the private key. You always have to trust your website host, full stop.
Man, I thought we were done with this shit when HTTPS became standard.
With what? HTTPS has to terminate the encryption somewhere and that place has to have the private key to do so.
CloudFlare is providing the same service here as all other hosts of HTTPS websites do.
Well, depends. If it’s hosted on AWS and HTTPS terminates there like it’s supposed to, Amazon could look inside, but a human being would have to personally hack your container and extract the data, so that’s a bit better. If it’s something more like Wix, though, sure. (Is Wix still a thing?)
If you use the AWS load balancer product or their certificates, they have access to the private key, regardless of whether you forward traffic from the LB to the container over HTTPS or not.
If you terminate the SSL with your own certificate yourself, Amazon still installs the SSM agent by default on Linux boxes. That runs as root and they control it.
If you disable the SSM agent and terminate SSL within Linux boxes you control at AWS, then I don’t think they can access inside your host as long as you are using encrypted EBS volumes encrypted with your key.
Do they strip off HTTPS somehow?
Well yes, how else they can provide their services such as page caching, image optimizing, email address obfuscation, js minifications, ddos mitigation, etc unless they can see all data flowing between your server and your visitors in the clear?
Cloudflare is basically an MITM proxy. This blog post might be helpful if you want to know how mitm proxy works in general: https://vinodpattanshetti49.medium.com/how-the-mitm-proxy-works-8a329cc53fb
Jesus Christ, I didn’t realise.
You have no proof that they’re “good right now”. The big five corporations were forwarding data to the NSA for years before the surveillance leaks exposed them.
Your privacy default should not be to trust an MITM, ever.
There’s no proof they aren’t doing anything nefarious with that data right now, other than company statements saying, “trust us”.
People default to trusting giant corporations first it seems.
Their a corporation, at best they’re baby Hitler…
I’m not sure if this is ironic bc I’ve been exposed to too many irony-poisoned comments lately, but cloudflare exists to profit off your data. They’re not there to help you, your data and its trends are the product.
They are the world’s largest MITM as a service.
I’m staying out of this
Where does online sports “betting” fit into this meme? Genuine ask because I have no experience or awareness of online casinos. Thanks.
They usually go hand in hand.
Generally if it’s connected to gambling there’s scummy stuff going on.
That was number 13. Online casinos.
