#DNS changes preceded (and later ended) the outage.
Now #real_talk: No matter how much you like Facebook, #Instagram, #Whatsapp, Facebook #Messenger … you need to make sure that you and your contacts have another active channel of communication that can be used in place of each of those. Because your communications and relationships with people you care about are too important to entrust them solely to one corporation.
#privacy#itsec#security#tor#cloudflare using Tor shows how much sites are hidden behind Cloudflare. Yesterdays DNS problem of them showed even more of this privacy problem.
With the EU making it clear that data transfer to US is not allowed this opens the question if transparent proxying traffic through Cloudflare is illegal now too. Especially where this opens MITM data collecting.
IMHO sites behind Cloudflare should be blocked making them learn that privacy is valued.
Now someone else says it was a #regex issue that brought down #CloudFlare #DNS ... which also happened last year (2019-07-02, according to #Wikipedia). I have not gone looking for an authoritative source, so consider this an unconfirmed rumor.
Also: * #PrivateBin.info, a fork of #ZeroBin, a "minimalist, open source online pastebin where the server has zero knowledge of pasted data" * #PasteBin.to, another zero-knowledge pastebin but it uses #CloudFlare * #HasteBin, but it doesn't seem to work without allowing scripts from ajax.googleapis.com.
@kenton @strypey Or, rather, that there weren’t enough paid users so that your company and its employees did not need to join #CloudFlare to find challenging work that puts food on the table.
Holy cow. #Mozilla's new "privacy network" #VPN is all being funneled through #CloudFlare?! It's a #privacy service... funneling *all the users browsing*... through #&$!$&#ing CloudFlare?!
Ok, they're promising to delete the data after 24 hours (after $diety-knows-who has taken a copy) but still... does this not seem like insanity to anyone else?
Oh, #Cloudflare was having issues and brought a lot of websites down with it? That's not great.
But thankfully it's not that hard to roll out your own "DDoS protection" (or caching; just call it caching) setup. Here, you can even use our configs: https://git.occrp.org/libre/fasada
Yes, we use them in production, serving sometimes hundreds of thousands views per day.