Because centralization is bad for the internet. CloudFlare unwraps every single SSL connection, they see every cookie, they can modify every response. It is a goldmine for a bad actor to compromise.
I'd love to see every market segment have its share of competition, but at this point, cloudflare comes pretty close to "doing magic" in terms of dealing with the increasing volume of DDOS, and I frankly don't know anyone else who offers the services or results they do. (my only connection to them is that they've pulled a few sites I follow out of the fire over the last few months, and getting to see the before/after more firsthand convinced me a bit more of their importance.)
Basically, I'd rather there is _some_ company that can shut down these exiting known bad actors than avoid it on the off chance that it becomes a bad actor down the road. Better to use the time that buys us to look for better ways to deal with DDOS, both policy and tech based, as other comments suggest.
Basically, I'd rather there is _some_ company that can shut down these exiting known bad actors than avoid it on the off chance that it becomes a bad actor down the road. Better to use the time that buys us to look for better ways to deal with DDOS, both policy and tech based, as other comments suggest.