> Is the value provided by Cloudflare to public so great
turnstile is not a public good, it's a private product, promoted to private entities that want to achieve a certain outcome that is beneficial to them privately.
The mass surveillance is a side-effect - an externality that cloudflare does not have to pay for (but we as netizens pay collectively).
It is the role and responsibility of gov't to regulate away externality (or make those who benefit from it pay a cost somehow, to equalize said externality). Unfortunately, like with climate change, nothing has been forthcoming, and only a few people care about the actual damage enough to even talk about it.
So it will go on, and the masses do not have a say.
That’s a better question. So far the answer seems to be yes.
Large companies and banks see >95% fraud on sign in / sign up flows. It’s a constant battle and the law of large numbers says even a tiny false negative rate can be catastrophic.
A bogus GCP or AWS or Azure account costs those companies hundreds to thousands of dollars. I don’t know what the average loss is on fraudulent bank signins, but probably on that order. And there are millions, sometimes billions of attempts per day.
I worked at a tech company that used an off-brand, truly awful captcha provider. Think “drag the mammal to the habitat it lives in, avoiding the wiggly lines”. When this awful provider went down (frequently), we fell back to recaptcha. Fraud rates were 100x higher in those minutes-to-hours outages. Though of course real users were also able to get in at higher rates.
Considering how much of the internet is already trying to track me? Yeah, Cloudflare provides more than enough value.
It's pretty clear that this is being done to solve an actual problem that they and their customers have. I'd prefer if it wasn't necessary, but I'll take this over solving challenges any day.
the toolmakers and merchants aren't inherently amoral, though. if you're making kitchen knives to sell at Crate & Barrel you probably sleep soundly. if you're filing down shivs to sell to street gangs, they're probably not using them to cut steak, and you know that.
so as a toolmaker (presumably) you still have to answer for what you do.
Talking about mass surveillance: After taking the usual measurements against cross-site browser tracking- who knows most about my website visits? Meta, Google or Cloudflare?
Blocking me from site visits with fingerprinting shut off, forces all my traffic back into the CF funnel. Number of websites soaring.
Try it yourself
https://sereneblue.github.io/chameleonhttps://github.com/kkapsner/CanvasBlocker/
and you're increasingly off.
Tools are inherently amoral; only people can have motives we can celebrate or condemn.