@sheogorath tor people have been criticizing (yelling actually) cloudflare for a long time, as it is MITM-as-a-service. No doubt it should be raised earlier. Ironically this instance uses cloudflare as well. @PeterCxy

@sheogorath @PeterCxy It is justifiable as centralized is usually more efficient than decentralized, but for people willing to sacrifice 500ms and 10$/mo it just smells disgusting. Yet "people are using it"

@sheogorath @PeterCxy I still remember that knownsec used a metaphor to explain their CDN service - joining a mall so that you don't need to setup your own chain stores everywhere. Didn't think about centralisation back then.

@ghost @PeterCxy Tor people criticized Cloudflare for blocking tor users, not for being a CDN. The problem is that people tend to no longer user the tor browser because it's blocked on so many web pages and instead use their insecure default browser.

Has nothing to do with the current problem.

And yes, Cloudflare is a big MITM but that's how reverse proxies/WAF works ^^ I wouldn't blame them for that.

@sheogorath @PeterCxy I remember someone even suggested to block cloudflare IPs by raising a security error (treat it as a TLS error), so I think it's beyond discrimination against Tor.

@ghost Are you sure this was a member of the tor project and not just an enthusiast who "overdid" it?

It's over-blocking for no reason as the use-case itself is completely valid. I'm also wondering if cloudflare will make their promise true to provide .onion services once hidden services no longer rely on SHA1 hashes. (Which they no longer do with V3)

We will see ^^

@ghost @sheogorath The only point I am still using Cloudflare on this instance is that the beast VM I am running Mastodon on has no public IPv4 addresses. The only reverse proxy I had back then was a Aliyun VPS which is a worse idea to me than using Cloudflare.