Hacker News new | ask | show | jobs
by _-____-_ 1124 days ago
Why not? Most of the complaints people have with Cloudflare regarding CAPTCHAs and user-hostile behavior are opt-in features that are not enabled by default. A website behind Cloudflare needs to enable extra protection to opt into the CAPTCHAs.

If your issue is more generally with a single provider becoming a global MITM for 10% of the internet, then that's a more understandable argument, albeit a meaninglessly existential one.
1 comments
goodpoint 1124 days ago
A global MITM is a huge problem for privacy and access to information. Not to mention is anti-competitive.

But, importantly, Cloudflare is also very hostile to Tor. A number of people in the world rely on it for their security and safety.

link
_-____-_ 1124 days ago
Cloudflare has made demonstrable efforts to accommodate Tor users, and I've personally noticed a reduction in the number of CAPTCHAs I encounter while browsing Cloudflare sites with Tor. They were definitely not required to do this, especially considering that sites like Google give Tor users unsolvable CAPTCHAs or block them altogether. And yet they did, which I took as a gesture of good faith.

Some sites are still annoying to browse with Tor, but it's only those that opted into the strictest security settings with their Cloudflare plan. In my experience, the default Cloudflare behavior is not any more unfriendly to Tor than it is to any VPN (which is not too unfriendly, for the most part).

I do agree with you that the global MITM is a huge problem for privacy and access to information. I'm just pointing out that Cloudflare has made some good-faith effort to reduce the friction encountered by Tor users. If I had to choose an operator of such a global MITM, Cloudflare might be the least bad choice.

link
tga_d 1124 days ago
Yeah, as annoying as the CAPTCHAs are, at least Cloudflare is aware of and acknowledges the problem, and is actively working on solutions like Privacy Pass. Much more than can be said for many other services that block Tor.
link
goodpoint 1123 days ago
> Cloudflare has made some good-faith effort

What they did is too little and, especially, too late. They could have very easily disabled the blocking and yet they are still doing it.

Besides, you claim that it's done in good faith without backing that claim with evidence.

> If I had to choose an operator of such a global MITM, Cloudflare might be the least bad choice.

"could be worse" does not make something acceptable.

link