As much as I like the idea of baking better privacy tools into the browser, it's hard for me to get enthusiastic about the idea of making Cloudflare even more of an official man-in-the-middle for all network traffic than they already are.
A better question that we should be asking is, how the hell did we get to the point where we need a third party proprietary platform to serve a static file efficiently? I remember a time when mainframes would automatically place orders for their own parts when they broke down and when personal computers empowered people to easily create and remix. Somewhere between then and now we forgot how to make things simple and easy to use. Somehow despite the advances of HTTP/2, WebRTC, the upcoming WebTransport, web hosting is now harder than ever even though things are supposed to be more efficient. Apache and NGINX are far from accessible to your average user. Countless sites depend on proprietary "as a service" oligopolies like Cloudflare and Netlify. Hosting an email server these days are almost an exercise in frustration; what happened to the mythical unikernel? Where is my secure, turnkey email server image? Unikernels were supposed to make ops easier and things more secure. Somehow they never showed up despite all the hype on HN. Zero config self hosting projects like Sandstorm are half dead. It's easy to complain about tech giants, but we are not exactly providing end user alternatives. The world does not need yet another Lisp interpreter, the world needs high quality zero maintenance software that is easy and accessible.
We are so much better at adding complexity than removing it. There are tons of incentives that drive that: the difficulty of upgrading old stuff, the need for companies to invent reasons to exist, bureaucracy, job safety and creating reasons for employment (the personal version of corporate self promotion), featurism and comparison on features, etc. There are almost no incentives pointing the other way.
This is all a sign of growth, most of it for the better.
There are now billions of people accessing the web, so sometimes a web site needs the resources of a company like Cloudflare to handle traffic spikes.
Decentralized email has been a victim of its own success: because there is no central email authority, spammers and bots can easily flood email boxes. If you don't mind the spam, it's actually not hard at all to set up an email server, but most people hate spam, so most people don't want to set up an email server. There is no pure technological solution to spam, so we fall back on companies to help manage it.
Thanks for the reminder about Sandstorm. I intend to try it out sometime. I hope it's not dying.
Sandstorm kind of still there. They discontinued the free tier for their hosted platform because they ran out of money. The founders went to work elsewhere but maintained the project on the side last time I checked.
I think it’s a shame, it’s a lovely concept. The Capability-based security alone is game-changing.
It's not a sign of growth. Among other things, it's a sign that we have grown complacent about complexity and are not doing our job of keeping it under control.
I am still not sure how much one can trust Cloudflare as an entitiy. At some point people started putting loads of stuff behind Cloudflare, enabling them to be the perfect MITM, which is concerning. Probably only a question of time until some profit seeking people come around and see opportunity in it and then we are screwed even more, than we are already with Google captchas. Then we will not be able to use many more websites any longer, because someone in their incredible wisdom decided to put everything behind Cloudflare. Scary.
You could say the same thing about any CDN - Cloudfront, Fastly, Akamai, etc.
Is it right to say that the only reason Cloudflare is the forefront of this concern is because of their business model of offering the CDN for free, while the others have a much more limited free tier or service or none at all?
I am almost equally worried about other very popular CDNs. However, being the most used CDN makes some people short-circuit and not think about the dangers any longer Just like with captchas from Google. Many people simply put them onto their websites without ever thinking about that, "because everyone does it". If so many people put stuff behind Cloudflare, then at some point the same kind of people, who put captchas without thinking, will put stuff behind Cloudflare without thinking.
Scripts and other stuff from first party usually seem to me at least more trustworthy than something from a third party. It also saves me the mental step of thinking: "Hmmm, why are there scripts loaded from a third party? Is this some kind of ads stuff?"
If a website does not work without unblocking third party scripts, there is some chance, that I will simply abandon it. When a website's purpose is to inform me about something and I do not see the need for any interactivity, I might also abandon it, if it does not show content without unblocking scripts in general, including first party. Web frameworks, which do not take care of at least presenting something when scripts are not unblocked, thus make a website less trustworthy for me.
If you care about privacy then you SHOULD say the same thing about any CDN. Sucks that there's all this awesome infrastructure that we can't use anymore, but that's the trade off.
If you don't know who you can trust to provide a trustworthy proxy service, then there's a lot to be said for choosing a provider who can already MITM a good chunk of your traffic even before you turn on their proxy.
As I see it, "[i]f you don't know who you can trust to provide a trustworthy proxy service", you distribute trust among multiple providers, such that they must collaborate to pwn you. That's the basis of Tor. And you can do something similar, albeit far weaker, by using nested chains of VPN services.
Sadly, this is exactly what's being marketed as 'VPN' for about 5-10 years. Not sure who started this and whether we can ever correct this misuse of the term.
Not really. It's what's marketed as "VPN service".
And a key point of VPN services is that they don't share the ISP-assigned IP addresses of their users with anyone else. And they don't retain any logs, which an adversary could obtain in one way or another. Indeed, the best ones run totally in RAM, and don't have writable storage.
Edit: Also, using "VPN" in that context is not at all deceptive. Enterprise VPNs not only provide secure access to private resources. They also provide secure (and yes, often controlled) access to the Internet generally. And that's just what VPN services do. Except, mostly, for the "controlled" aspect. Although some VPN services do feature blocking of malicious sites, malware downloads, etc. Some even block age-inappropriate content.
Not going to happen overnight and even then technically they cannot access your emails because only you hold the password to private keys (if you trust they encrypt your emails with your public key before storing). I prefer keeping my emails local so pop does the job.
Google can access your emails but something like protonmail can't (if you trust them to encrypt your emails).
Sounds good... in theory. Truth is we don't know this, their mail client is proprietary and even if it was open source we still wouldn't know what their servers are logging. I am in a similar situation and I trust Google more than ProtonMail with all that Tesonet data weirdness pointing back to one guy. These shell companies can go and disappear overnight, something to consider.
Trust is multiple things. I "trust" that Google will manage my private Gmail account consistent with my expectations—which are effectiveness and long-term durability. I have no expectation of algorithmic privacy and thus there's no trust to break there.
3rd option. Running your own for incoming, using a service for outgoing. You get all the trust benefits of running your own server without having to worry about IP blacklists or any other crap. The nicer ones even generate your SPF, DMARC entries you add to your DNS.
I like also that it is no problem to use in countries which block VPN, like China. I had no problems accessing Posteo, but no way of accessing Gmail.
It also does not nag me every single time I change the VPN server I use, because I seem to be in a different location. I know this is supposed to be a security feature of Gmail, but man is it annoying not to be able to access your mail, because of that.
In Posteo you can also activate 2FA afaik, if you like such thing.
It just works, and I am glad to be able to give support to free software, while at the same time I also gain from it, by having an e-mail service, which is ethically way more acceptable than Gmail and is working very well.
They can just forward the encrypted bytes (I don't know if that's how they actually do it). Cloudflare does mitm decryption in order to inject its own code and captcha in the pages.