🖼 | 🖼 | 🖼 |
---|---|---|
Matthew Browning Prince (@eastdakota), born on November 13th, 1974, is the CEO and co-founder of Cloudflare.
Thanks to his rich dad, John B. Prince, he attended the University of Chicago Law School ('00) and Harvard Business School ('09). Prince taught Internet Law and was a specialist in anti-spam laws and phishing investigations.
I’d suggest this was armchair analysis by kids – it’s hard to take seriously.
That was simply unfounded paranoia, pretty big difference.
We also work with Interpol and other non-US entities
― Matthew Prince (@eastdakota)
Watching hacker skids on Github squabble about trying to bypass Cloudflare's new anti-bot systems continues to be my daily amusement.
― Matthew Prince (@eastdakota)
Website consumer
We recommend that you reach out to the administrators for the specific services or sites that you run into issue with and share your experience.
If you don't ask for it, website owner never know this problem.
You have a problem? Raise your voice now. Example below.
You are just helping corporate censorship and mass surveillance.
http://crimeflare.eu.org
Your web page is in the privacy-abusing private walled-garden of Cloudflare.
http://crimeflare.eu.org
It must explain what the "Cloudflare" is and ask for permission to share your data with Cloudflare. Failure to do so will result in the breach of trust, and the website in question should be avoided.
An acceptable privacy policy example is here ("Subprocessors" > "Entity Name")
I've read your privacy policy and I cannot find the word Cloudflare.
I refuse to share data with you if you continue to feed my data to Cloudflare.
http://crimeflare.eu.org
This is an example of privacy policy which does not have the word Cloudflare. Liberland Jobs privacy policy:
Cloudflare have their own privacy policy. Cloudflare loves doxxing people.
Here's a good example for website's signup form. AFAIK, zero website do this. Will you trust them?
By clicking “Sign up for XYZ”, you agree to our terms of service and privacy statement.
You also agree to share your data with Cloudflare and also agrees to Cloudflare's privacy statement.
If Cloudflare leak your information or won't let you to connect to our servers, it's not our fault. [*]
[ Sign up ] [ I disagree ]
[*] PEOPLE.md
Try not to use their service. Remember you are being watched by Cloudflare.
Search for other website. There are alternatives and opportunites on the internet!
Convince your friends to use Tor on the daily basis.
Add-ons
Name | Developer | Support | Can Block | Can Notify | Chrome |
---|---|---|---|---|---|
Bloku Cloudflaron MITM-Atakon | #Addon | ? | Yes | Yes | Yes |
Ĉu ligoj estas vundeblaj al MITM-atako? | #Addon | ? | No | Yes | Yes |
Ĉu ĉi tiuj ligoj blokos Tor-uzanton? | #Addon | ? | No | Yes | Yes |
Block Cloudflare MITM Attack DELETED BY TOR PROJECT |
nullius | ? , Link | Yes | Yes | No |
TPRB | Sw | ? | Yes | Yes | No |
Detect Cloudflare | Frank Otto | ? | No | Yes | No |
True Sight | claustromaniac | ? | No | Yes | No |
Which Cloudflare datacenter am I visiting? | 依云 | ? | No | Yes | No |
"Decentraleyes" can stop connection to "CDNJS (Cloudflare)".
You can also remove or distrust Cloudflare certificate from your Certificate Authority(CA).
Website owner / Web developer
🖼 | 🖼 |
---|---|
IP list: "Cloudflare’s current IP ranges"
A: Just block them
server {
...
deny 173.245.48.0/20;
deny 103.21.244.0/22;
deny 103.22.200.0/22;
deny 103.31.4.0/22;
deny 141.101.64.0/18;
deny 108.162.192.0/18;
deny 190.93.240.0/20;
deny 188.114.96.0/20;
deny 197.234.240.0/22;
deny 198.41.128.0/17;
deny 162.158.0.0/15;
deny 104.16.0.0/12;
deny 172.64.0.0/13;
deny 131.0.72.0/22;
deny 2400:cb00::/32;
deny 2606:4700::/32;
deny 2803:f800::/32;
deny 2405:b500::/32;
deny 2405:8100::/32;
deny 2a06:98c0::/29;
deny 2c0f:f248::/32;
...
}
B: Redirect to warning page
http {
...
geo $iscf {
default 0;
173.245.48.0/20 1;
103.21.244.0/22 1;
103.22.200.0/22 1;
103.31.4.0/22 1;
141.101.64.0/18 1;
108.162.192.0/18 1;
190.93.240.0/20 1;
188.114.96.0/20 1;
197.234.240.0/22 1;
198.41.128.0/17 1;
162.158.0.0/15 1;
104.16.0.0/12 1;
172.64.0.0/13 1;
131.0.72.0/22 1;
2400:cb00::/32 1;
2606:4700::/32 1;
2803:f800::/32 1;
2405:b500::/32 1;
2405:8100::/32 1;
2a06:98c0::/29 1;
2c0f:f248::/32 1;
}
...
}
server {
...
if ($iscf) {rewrite ^ https://example.com/cfwsorry.php;}
...
}
<?php
header('HTTP/1.1 406 Not Acceptable');
echo <<<CFHTML
Thank you for visiting ourwebsite.com!<br />
We are sorry, but we can't serve you because your connection is being intercepted by Cloudflare.<br />
<a href="http://crimeflare.eu.org">Please read why for more information</a>.<br />
CFHTML;
die();
Software user
Discord is using Cloudflare. Alternatives? We recommend Briar (Android), Ricochet (PC), Tox + Tor (Android/PC)
If you use Debian GNU/Linux, or any derivative, subscribe: bug #831835. And if you can, help verify the patch, and help the maintainer come to the right conclusion on whether it should be accepted.
Always recommend these browsers.
Name | Developer | Support | Comment |
---|---|---|---|
Ungoogled-Chromium | Eloston | ? | PC (Win, Mac, Linux) !Tor |
Bromite | Bromite | ? | Android !Tor |
Tor Browser | Tor Project | ? | PC (Win, Mac, Linux) Tor |
Tor Browser Android | Tor Project | ? | AndroidTor |
Onion Browser | Mike Tigas | ? | Apple iOSTor |
GNU/Icecat | GNU | ? | PC (Linux) |
IceCatMobile | GNU | ? | Android |
Iridium Browser | Iridium | ? | PC (Win, Mac, Linux, OpenBSD) |
Other software's privacy is imperfect. This doesn't mean Tor browser is "perfect". There is no 100% secure nor 100% private on the internet and technology.
Let's talk about other software's privacy.
Remember, Mozilla is using Cloudflare service. They're also using Cloudflare's DNS service on their product.
Firefox Focus is a joke. They promised to turn off telemetry but they changed it.
SRWare Iron make too many phones home connection. It also connect to google domains.
Microsoft Edge lets Facebook run Flash code behind users' backs.
Apple iOS: You shouldn't be using iOS at all, mainly because it is malware.
Therefore we recommend above table only. Nothing else.
Mozilla Firefox user
"Firefox Nightly" will send debug-level information to Mozilla servers without opt-out method.
It is possible to prohibit Firefox to connect to Mozilla servers.
"/distribution/policies.json
"
"WebsiteFilter": {
"Block": [
"*://*.mozilla.com/*",
"*://*.mozilla.net/*",
"*://*.mozilla.org/*",
"*://webcompat.com/*",
"*://*.firefox.com/*",
"*://*.thunderbird.net/*",
"*://*.cloudflare.com/*"
]
},
How?
Action
There is always hope in resistance.
Resistance is fertile.
Even some of the darker outcomes comes to be, the very act of resistance trains us to continue to destabilize the dystopic status quo that results.
Resist!
Someday, you'll understand why we wrote this.
There isn't anything futuristic about this. We have already lost.