←back to thread

Using Cloudflare on your website could be blocking RSS users

(openrss.org)
556 points campuscodi | 8 comments | 16 Oct 24 22:46 UTC | HN request time: 0s | source | bottom
Show context
amatecha ◴[17 Oct 24 06:43 UTC] No.41867018[source]
I get blocked from websites with some regularity, running Firefox with strict privacy settings, "resist fingerprinting" etc. on OpenBSD. They just give a 403 Forbidden with no explanation, but it's only ever on sites fronted by CloudFlare. Good times. Seems legit.
replies(13): >>41867245 #>>41867420 #>>41867658 #>>41868030 #>>41868383 #>>41868594 #>>41869190 #>>41869439 #>>41869685 #>>41869823 #>>41871086 #>>41873407 #>>41873926 #
BiteCode_dev ◴[17 Oct 24 07:26 UTC] No.41867245[source]
Cloudflare is a fantastic service with an unmatched value proposition, but it's unfortunately slowly killing web privacy, with 1000s paper cuts.

Another problem is "resist fingerprinting" prevents some canvas processing, and many websites like bluesky, linked in or substack uses canvas to handle image upload, so your images appear to be stripes of pixel.

Then you have mobile apps that just don't run if you don't have a google account, like chatgpt's native app.

I understand why people give up, trying to fight for your privacy is an uphill battle with no end in sight.

replies(3): >>41867859 #>>41867883 #>>41869163 #
KomoD ◴[17 Oct 24 09:32 UTC] No.41867883[source]
> Then you have mobile apps that just don't run if you don't have a google account, like chatgpt's native app.

That's not true, I use ChatGPT's app on my phone without logging into a Google account.

You don't even need any kind of account at all to use it.

replies(1): >>41867965 #
BiteCode_dev ◴[17 Oct 24 09:47 UTC] No.41867965[source]
On Android at least, even if you don't need to log in to your google account when connecting to chatgpt, the app won't work if your phone isn't signed in into google play, which doesn't work if your phone isn't linked to a google account.

An android phone asks you to link a google account when you use it for the first time. It takes a very dedicated user to refuse that, then to avoid logging in into the gmail, youtube or app store apps which will all also link your phone to your google account when you sign in.

But I do actively avoid this, I use Aurora, F-droid, K9 and NewPipeX, so no link to google.

But then no ChatGPT app. When I start it, I get hit with a logging page to the app store and it's game over.

replies(4): >>41868612 #>>41868843 #>>41869090 #>>41869477 #
acdha ◴[17 Oct 24 12:05 UTC] No.41868843[source]
So the requirement is to pass the phone’s system validation process rather than having a Google account. I don’t love that but I can understand why they don’t want to pay the bill for the otherwise ubiquitous bots, and it’s why it’s an Android-specific issue.
replies(1): >>41869497 #
BiteCode_dev ◴[17 Oct 24 13:30 UTC] No.41869497[source]
You can make a very rational case for each privacy invasive technical decision ever made.

In the end, the fact remain: no chatgpt app without giving up your privacy, to google none the less.

replies(1): >>41870085 #
1. acdha ◴[17 Oct 24 14:36 UTC] No.41870085[source]
“Giving up your privacy” is a pretty sweeping claim – it sounds like you’re saying that Android inherently leaks private data to Google, which is broader than even Apple fans tend to say.
replies(3): >>41870994 #>>41871023 #>>41874026 #
2. michaelt ◴[17 Oct 24 16:11 UTC] No.41870994[source]
A person who was maximally distrustful of Google would assume they link your phone and your IP through the connection used to receive push notifications, and the wifi-network-visibility-to-location API, and the software update checker, and the DNS over HTTPS, and suchlike. As a US company, they could even be forced to do this in secret against their will, and lie about it.

Of course as Google doesn't claim they do this, many people would consider it unreasonably fearful/cynical.

replies(1): >>41872182 #
3. BiteCode_dev ◴[17 Oct 24 16:14 UTC] No.41871023[source]
Google and Apple were both part of the PRISM program, of course I'm making this claim.

That's the opposite stance that would be bonkers.

replies(1): >>41872251 #
4. acdha ◴[17 Oct 24 18:17 UTC] No.41872182[source]
Sure, but that says you shouldn’t have a phone, not that ChatGPT is forcing you to give up your privacy.
5. acdha ◴[17 Oct 24 18:23 UTC] No.41872251[source]
PRISM covered communications through U.S. company’s servers. It was not a magic back door giving them access to your device’s local data, and even if you did believe that it was the answer would be not using a phone. A major intelligence agency does not need you to have a Google account so they can spy on you.
replies(1): >>41877118 #
6. ForHackernews ◴[17 Oct 24 21:31 UTC] No.41874026[source]
> it sounds like you’re saying that Android inherently leaks private data to Google, which is broader than even Apple fans tend to say.

Yes? I mean, not "leaks" - it's designed to upload your private data to Google and others.

https://www.tcd.ie/news_events/articles/study-reveals-scale-...

> Even when minimally configured and the handset is idle, with the notable exception of e/OS, these vendor-customised Android variants transmit substantial amounts of information to the OS developer and to third parties such as Google, Microsoft, LinkedIn, and Facebook that have pre-installed system apps. There is no opt-out from this data collection.

7. BiteCode_dev ◴[18 Oct 24 07:31 UTC] No.41877118{3}[source]
Forest for the tree.

Google and Apple are both heavily invested in ads (apple made 4.7 billion from ads in 2022), they have a track record of exfiltrating your data (remember contractors listening to your siri recordings?), of lying to the customers (remember the home button scandal on iPhone?), have control over a device that have your whole life yet runs partially on code you can't evaluate.

Trusting those people makes no sense at all. You have a business relationship with them, that's it.

replies(1): >>41878967 #
8. acdha ◴[18 Oct 24 12:52 UTC] No.41878967{4}[source]
It’s interesting how each time you say something which isn’t accurate you try to distract by changing the topic.