[psd1]

CF sells treatment, not cure, for ddos. They are a major player in internet technology.

I presume that fora exist for players to discuss blue-team strategy, and that decisions are nuanced and detailed. If so, there's a lot of leeway to pursue a hidden agenda.

I'm not so concerned about what their doing now. It's about in a few years, when stock isn't as strong and MBAs are parachuted in to perk up the bottom line.

[suprjami]

How do you suggest CloudFlare "cure" DDoS? Wouldn't that mean finding the people who make the decision to do this and physically stop them? They're a CDN not the Mafia.

[psd1]

I never suggested anything so simplistic.

Imagine some replacement for tcp is proposed and a working group is set up to develop it. A member of that group might advocate for or against features. You could take the position "we should not include Feature X because it will have a performance impact in Scenario Y".

Scenario Y may or may not be real, but it doesn't matter, because you're using it as a stalking horse to get the outcome you actuality want, which happens to be defeated by Feature X.

The other group members know what you're up to, but they can't prove it because you have plausible deniability. They can't kick you out of the group because you serve 20% of the web.

To reiterate, I have no allegations to level against Cloudflare. I think it's a useful heuristic to assume that a public company, given sufficient market power, will become evil. CF has the market power.

[suprjami]

> Imagine some replacement for tcp is proposed

No need to imagine, QUIC exists.

Like every technology since 1980, it's unlikely to supplant Ethernet and TCP/IP, but it's the most successful effort yet.

SCTP also solves the problem of TCP-based DDOS because the client must participate in the handshake.

Good luck convincing all existing network software to switch to these protocols. I would like that too but it won't happen.