Y
Hacker News
new
|
ask
|
show
|
jobs
by
spacefight
4047 days ago
Yes. I have said it before and I say it again: Cloudflare (and any other large CDNs) are a perfect setup for a MITM or a perfect target for a nation-state's secret service.
1 comments
sschueller
4047 days ago
Especially when cloudflare is governed by the laws of the US which includes the patriot act. How do we know this isn't already the case?
link
sarciszewski
4047 days ago
If your threat model includes intelligence agencies, set up your own HTTPS with HSTS and HPKP and don't use CloudFlare.
Wow, that was easy.
link
tikums
4046 days ago
So, basically anyone providing online services to customers then? Who's threat model should not include intelligence agencies? Online pet shop?
link
sarciszewski
4046 days ago
It comes down to personal opinion more than anything.
link