I think Cloudflare is starting too have too much influence on the net.

I'm hitting their captchas often when using sites. A friend was recently asked to install a browser extension after failing a Cloudflare captcha check, something which is a BAD idea to train people to do.

I remember back when they started offering DNS, asking myself "Why should I trust them? I trust my ISP more than Cloudflare given that we already have a business relationship."

Now they're doing dodgy things like this. A little bell rang in my head "I knew it!"

Show thread

They had a DNS failure recently that took out hundreds of sites.

The original design of the Internet was distributed and decentralized. We're putting too much power and control into the hands of too few companies. It's only going to get worse.

Show thread
Follow

There's a good bet that soon SSL will be fully required by major browsers. This is good for security, but it's also symbolic:

Now you need someone's permission to put up a web server.

Now, LetsEncrypt is great and grants SSL certs freely. But what if they go away?

· · Mastodon Twitter Crossposter · 3 · 18 · 12

Maybe I'm overreacting, or being needlessly paranoid, but I don't like the way the Internet is going. As soon as too few hands have too much power, those hands can become corrupt.

Anyway, that's another rambly thread from me. :)

Show thread

@zorinlynx *sighs* yeah.

It'd be really good if we normalized self-signed certs and pinning, like Mumble does.

@zorinlynx I don't think this is needlessly paranoid: Cloudflare's prevalence has already caused major global disruptions to Web traffic when they've had an outage.

@zorinlynx hear me out: decentralized "dns" except it's a new naming system. The system in use is just weird, and not so decentralized.

@zorinlynx I fully agree with the points you make in this thread.

Let's Encrypt is fine and dandy now, but if they go away it will be barrier for site owners to get SSL working. They might don't have the money or knowledge to get it otherwise.

Other people are fucked in that situation as well, because a lot of webhosts who offer SSL with their plan use Let's Encrypt for that...

But yeah, the way the internet s going it is not going to be inclusive at all. Which is worrying.

@zorinlynx It's not even that impenetrable, what with deep packet inspection and such; it causes trouble with self-signing; and maybe you've heard how it prevents caching, and thus good service, in remote locales with poor connection.

@zorinlynx It's a gung-ho kind of security and privacy, typical of tech-happy techies who don't know much about anything else (and when all you have is a hammer...)

@zorinlynx

> Now you need someone's permission to put up a web server.

DNS.

@emacsen @zorinlynx definitely think you missed the point here
yes, you can still technically put up a website without ssl in the situation that's described here, but if everyone's browser requires it and there isn't a free method of getting SSL certificates and everyone's browser mandates SSL, well now you've just made a website no one can look at

@Lyude @zorinlynx

I don't think I missed it at all.

The point was "What it takes to put up a website?" and more precisely- do we have a reliance on centralized entities for putting up a website.

SSL is such a centralized mechanism.

And so is DNS. DNS is a system that is controlled by a central entity, where your name is rented, not owned, and can be taken from you at any time.

This is no joke and very concerning.

@emacsen @zorinlynx @Lyude All of these problems could be solved easily by using Tor.The .onion domains don't belong to anyone and are automatically generated.It doesn't use centralized certificate authorities but its own encryption instead which works fully decentral (yes,it's encrypted,even if the browser shows http) and additionally you get great privacy and anonymity.I really don't understand why .onion sites aren't used more 🤔

@emacsen @zorinlynx ah, I see I was the one who misunderstood then! Apologies

Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!