• mox@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    10
    ·
    7 hours ago

    music group IFPI complained that while Cloudflare discloses the hosting locations of pirate sites in response to abuse reports, it doesn’t voluntarily share the identity of these pirate customers with rightsholders.

    “Where IFPI needs to obtain the customer’s contact information, Cloudflare will only disclose these details following a subpoena or court order – i.e. these disclosures are mandated by law and are not an example of the service’s goodwill or a policy or measures intended to assist IP rights holders,” IFPI wrote.

    So the corporations enjoying enormous profits from other people’s work are unhappy that Cloudflare doesn’t make it easy for them to circumvent due process. What a surprise.

    (I’m generally not a fan of Cloudflare, because its man-in-the-middle position between users and services has grown to an unhealthy scale, making it ripe for dragnet surveillance and other abuses. But it would be even worse if it was actively helping these greedy, predatory corporations dodge the law.)

    • go $fsck yourself@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      34 minutes ago

      It bugs me when people say Cloudflare is a MitM, because that is a disingenuous representation the situation. Mainly that a MitM is done without either party’s knowledge or consent. It even describes that in the very first sentence of the wiki page you linked. A better description would be a “middleman”, but that’s not scary so people don’t call it that. It’s just a proxy and you opt into it.

      If you are signing up for Cloudflare to use their proxy services then you are opting into having a middleman, which then means it cannot be a MitM because both sides of the connection are aware of this layer. They are not trying to hide the fact there is a Cloudflare connection layer to either side. If Cloudflare is a MitM then any networking layer for any hosting service would be considered a MitM as well.

      The arguments that Cloudflare is ripe for abuse and the scale of their systems are separate arguments that should also be applied to many other providers but that is never mentioned when people bring this up. It just seems like the MitM claim is just a tactic to leverage fear in an attempt to add weight to arguments that should be perfectly valid on their own.

    • lud@lemm.ee
      link
      fedilink
      English
      arrow-up
      3
      ·
      2 hours ago

      Except the absolutely valid (I don’t not necessarily agree but it’s fair) criticism about mitm and other similar stuff, cloudflare actually does a lot of good stuff.

      In general they stand their ground against companies who try to force them to do stuff like this.

      They are also seemingly involved in developing and finding ways to make the internet a more secure place, like with encrypted client hello. And encrypted DNS.