Well this is nice. Apparently I reached some limits (thanks all), and had to pay Cloudflare more. Fair I guess, although some warning would've been nice. Tried multiple payment options multiple times just now and Cloudflare botched every time without giving me an error message. Finally managed to get it through on the 10th time. Please be gentle now :/
That sucks... Bunny CDN served me and others great when it comes to a Cloudflare alternative, if you're looking for an alternative.
I understand the pragmatism with going with CF, but I'd lie if I didn't also say using CF as the front for your entire "European Digital Stack" kind of makes the blog-post feel less authentic compared to my initial impression, because of that.
Oh that's "funny". Where I work we used to pay for cloudflare, then the credit card expired and we didn't notice in time (our bad, for sure), now our account still works fine, just no premium features and all tickets we've made in order to _resume paying them_ have gone unanswered. Big shrug
I want point out the other aspect of that decision to use cloudflare because the content is already public.
If your users are in a sanctioned region or a sanctioned entity it is entirely possible for cloudflare to deny serving them traffic. In a way your website users are still bound to the US policies even if you or your country doesnt approve of those sanctions.
fwiw I've had my site on front page hn a couple of times. It is a completely unoptimized hetzner server running nginx and serving HTML.
computers are _fast_ these days, you're more likely to have an outage from cloudflare than by just skipping it IMO (for basic personal sites, like yours seems to be)
I think it's more likely they just use/abuse it than specifically created it, same as things like google spyware. The NSA's desires and the ad industry are aligned, so its a match made in heaven.
Have to wait for the next Snowden before you get any citations.
NSA collaborator or not, the mere existence of something like Cloudflare, which also tries to nudge you into skipping internal http/tls and just use that at the front, makes it highly likely that NSA is already deep in their infrastructure, just like they've been in the past for literally any big technology company in the US.
But yeah, zero citations, zero evidence, just based on history and what the goal of the organization is, it's pretty clear what's going on already.
Ok, that makes sense. "Likely, based on heuristics" is sufficient to inform your opinions and decisions about Cloudflare. I was hoping you might have something more concrete, but appreciate the thoughtful reply.
Tangent: I found your blog in your profile and liked your post on "Good Taste"^1
This is just categorically different and epistemically dishonest. It is, frankly, an embarrassing attempt to defend the fact that you don't actually have any evidence to support the claim that Cloudflare is supposedly an NSA creation beyond "believe me bro, ever heard of PRISM?"