[jasode]

>, I intend to create a new internet-wide scanning system in order to revive the functionality of CrimeFlare just to prove a point that security through obscurity is no security and all,

I'm not familiar with CrimeFlare and its technical details but a cursory google search shows that security-through-obscurity is possible with Cloudflare if one follows the correct sequence of steps to hide the ip. Otherwise, a careless setup such as public MX mail record will inadvertently "leak" the ip. E.g. Stackoverflow Q&A: https://stackoverflow.com/questions/58591448/how-does-crimef...

>, I intend to create a new internet-wide scanning system

But the host systems at the receiving end of your scanning tool still have to respond to your tool pinging them with network requests and if your ip origin isn't Cloudflare, the host server doesn't have to reply with useful information. Or did you have another mass scanning technique we're overlooking?

[5ESS]

What % of Cloudflare customers actually have their server set to only accept traffic from cloudflare IPs? Probably not the majority. If this is coming as a surprise to people then maybe Cloudflare isn’t doing enough to help people secure themselves against it.

[zinekeller]

As someone else (https://news.ycombinator.com/item?id=31096321) pointed out, everyone does that already, with Shodan (https://www.shodan.io/) being one of the most popular ones.

[5ESS]

I don’t trust Shodan (a Corporation) not to hide / omit certain results or certain ranges. A self hosted scanner that could be deployed on a cheap VPS would be a better solution. having the ability to scan the entire internet is pretty fascinating honestly. Who knows what kind of sick and bizarre content dredging the entire internet with no filters might dig up.

[zinekeller]

I genuinely don't get your point to be honest.

First, you allege that Cloudflare took down a repository that you claim might harm their interests. It could be indeed Cloudflare or it could instead be just GitHub noticing this repository by the "crime" in the repository name.

Second, you have said that one legitimate reason is because "they categorically block" Tor (https://news.ycombinator.com/item?id=31095920). I asked you if you can give a website that is fronted by Cloudflare and has blocked Tor users and is otherwise not something that would usually block Tor users and VPNs in any situation like banks (https://news.ycombinator.com/item?id=31095982). I haven't received any reply from you or even someone else to substantiate this.

Then, you said that you will build a similar too to scan the IPv4 internet space. Guess what: automated nefarious scanners are pounding on every IPv4 address to find unprotected systems, either because it's Windows and it's SMB feature is so bug-ridden that exploits are patched nearly every Patch Tuesday. Or old Wordpress installations where fully-automatic worms will hijack the site for spam links. Or even directly hacking routers and servers for botnets. It already exists to be honest, so I don't get why are you pretending that this is a new vulnerability or something.

[5ESS]

It’s a story in itself that a simple script which locates a site’s real IP was taken down for TOS violations. Cloudflare doesn’t own the real IPs or something so it’s really unclear why they (or GitHub) were entitled to take down this repository. Just because it threatens their million dollar buisness model they think they can take it down? That’s wrong my friend. And people need to know. Cloudflare or GitHub overstepped it’s boundaries to help a corporation enforce security by obscurity. Since this method is proven to be preventable, why take it down? Instead of taking it down from public knowledge (which does nothing to stop cybercriminals with private forks) why don’t they help their customers mitigate the impact instead?

Also, they stopped blocking the Tor IPs now but this wasn’t always the case. Many people remember a few years ago the IPs were blocked.

[jgrahamc]

As I stated above (https://news.ycombinator.com/item?id=31097086), we did not take this down. Please stop claiming that.

[zinekeller]

Apparently you will not believe anything, but the CEO responded here: https://news.ycombinator.com/item?id=31097086