Richard Stallman's personal site.
For current political commentary, see
the daily
political notes.
RMS's Bio |
The GNU Project
Reasons Not to Use Cloudflare
Many web sites use Cloudflare to filter access. The goal of
preventing DDS attacks is not in itself bad, but Cloudflare does bad
things to each legitimate visitor:
- It determine's the visitor's location based on per IP address.
(Using a proxy can thwart this.) Tracking people is unjust.
- It acts as a man-in-the-middle in encrypted (HTTPS) communication
between the visitor and the site: Cloudflare knows what page the
visitor is looking at and sees any other communication as well.
At times in the past I've noticed that Cloudflare blocked connecting
via Tor. My recollection — which is somewhat hazy by now — was that
Cloudflare decided that the Tor exit node cast doubt on whether I was
a human being, and it asked me to answer a CAPTCHA.
(Why should it matter whether I am a human being, I wonder, when all I
try to do is look at a page once?)
I have no objection to answering a CAPTCHA, in principle; however,
Cloudflare disregarded my answer, because the CAPTCHA depended on
nonfree JavaScript code that Cloudflare sent to my browser. Of
course, I refuse to run that.
Copyright (C) 2022 Richard Stallman
Verbatim copying and distribution of this entire page are
permitted in any medium, provided this notice is preserved.