Stop Breaking TLS

(www.markround.com)

170 points todsacerdoti | 3 comments | 10 Dec 25 07:06 UTC | HN request time: 0s | source

Show context

arianvanp ◴[10 Dec 25 09:43 UTC] No.46215864[source]▶

Complains about TLS inspection, yet fronts their website on the biggest and most widely deployed TLS introspection middle box in the world ...

Why do we all disdain local TLS inspection software yet half the Internet terminates their TLS connection at Cloudflare who are most likely giving direct access to US Intelligence?

It's so much worse as it's infringing on the privacy and security of billions of innocent people whilst inspection software only hurts some annoying enterprise folks.

I wish we all hopped off the Cloudflare bandwagon.

replies(7): >>46216030 #>>46216051 #>>46216089 #>>46217208 #>>46217601 #>>46221412 #>>46226753 #

1. cornonthecobra ◴[10 Dec 25 10:15 UTC] No.46216089[source]▶

>>46215864 #

Three of the banks I use have their websites/apps go through CloudFlare. So does the electronic records and messaging system used by my doctor. A lawyer friend uses a secure documents transfer service that is protect by guess who.

Who needs to let CF directly onto their network when they already sit between client and provider for critically-private, privileged communications and records access?

replies(2): >>46216413 #>>46217513 #

2. progbits ◴[10 Dec 25 11:05 UTC] No.46216413[source]▶

>>46216089 (TP) #

NSAaaS and people even pay for it.

3. ◴[10 Dec 25 13:32 UTC] No.46217513[source]▶

>>46216089 (TP) #

↑