this post was submitted on 04 Mar 2025
573 points (99.1% liked)

Technology

63897 readers
5458 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
573
Cloudflare blocking Pale Moon and other browsers with smaller user bases (www.theregister.com)
submitted 1 day ago by [email protected] to c/[email protected]
84 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 12 points 1 day ago (1 children)

What is MITMed?

[–] [email protected] 47 points 1 day ago (1 children)

"Man in the middle". They are used by a lot of web services as a proxy, usually to prevent DDOS attacks.

[–] [email protected] 22 points 1 day ago (2 children)

And when Cloudflare is the proxy for a web site, it's Cloudflare that provides the HTTPS connection, meaning that you don't actually have an encrypted channel directly to the site. Cloudflare is the man-in-the-middle eavesdropping on all of your communications with that site. Your bank transactions, your medical records, your personal messages, etc.

[–] msage 2 points 17 hours ago (1 children)

Lol what?

I thought they just did rate limiting and such, I can't believe they do SSL as well.

[–] [email protected] 3 points 12 hours ago (1 children)

Have you ever tried to visit a web site and found a Cloudflare error page instead? It might have looked like this:

https://www.webproeducation.org/wp-content/uploads/2020/10/error-524-cloudflare-233e5a08ce8c4d92843b7a841fa7c015.png

Do you know how they're able to insert that error page into the response that reaches your browser, even though it's an https connection and your browser assures you that it's "secure"?

Clouldflare is able to do this because they are a middle-man between you and the site. They can eavesdrop and/or alter anything sent or received on that connection.

[–] msage 1 points 9 hours ago

I thought that was for their hosted websites, had no idea whether they even do hosting/cloud infra.

But yes, I hate them to my core.

[–] [email protected] 1 points 22 hours ago (1 children)

Interesting. I'm going to keep this in mind.

Weird how much of a monopoly cloudflare has on the internet. I guess it's going to start being an indicator for me for services that have becomes "too big for their britches."

[–] [email protected] 1 points 17 hours ago (1 children)

Small companies use CF as well. It really is one of the best ways to prevent all sorts of bad actors

[–] [email protected] 2 points 12 hours ago

One of the easiest, perhaps. Not best. Anything that gives a single entity control over so much of the internet, and positions them to snoop on so much of everyone's communications, will never be "best".