[zelphirkalt]

I am still not sure how much one can trust Cloudflare as an entitiy. At some point people started putting loads of stuff behind Cloudflare, enabling them to be the perfect MITM, which is concerning. Probably only a question of time until some profit seeking people come around and see opportunity in it and then we are screwed even more, than we are already with Google captchas. Then we will not be able to use many more websites any longer, because someone in their incredible wisdom decided to put everything behind Cloudflare. Scary.

[judge2020]

You could say the same thing about any CDN - Cloudfront, Fastly, Akamai, etc.

Is it right to say that the only reason Cloudflare is the forefront of this concern is because of their business model of offering the CDN for free, while the others have a much more limited free tier or service or none at all?

[zelphirkalt]

I am almost equally worried about other very popular CDNs. However, being the most used CDN makes some people short-circuit and not think about the dangers any longer Just like with captchas from Google. Many people simply put them onto their websites without ever thinking about that, "because everyone does it". If so many people put stuff behind Cloudflare, then at some point the same kind of people, who put captchas without thinking, will put stuff behind Cloudflare without thinking.

Scripts and other stuff from first party usually seem to me at least more trustworthy than something from a third party. It also saves me the mental step of thinking: "Hmmm, why are there scripts loaded from a third party? Is this some kind of ads stuff?"

If a website does not work without unblocking third party scripts, there is some chance, that I will simply abandon it. When a website's purpose is to inform me about something and I do not see the need for any interactivity, I might also abandon it, if it does not show content without unblocking scripts in general, including first party. Web frameworks, which do not take care of at least presenting something when scripts are not unblocked, thus make a website less trustworthy for me.

[mrspeaker]

If you care about privacy then you SHOULD say the same thing about any CDN. Sucks that there's all this awesome infrastructure that we can't use anymore, but that's the trade off.