Stop Breaking TLS

(www.markround.com)

170 points todsacerdoti | 1 comments | 10 Dec 25 07:06 UTC | HN request time: 0s | source

Show context

arianvanp ◴[10 Dec 25 09:43 UTC] No.46215864[source]▶

Complains about TLS inspection, yet fronts their website on the biggest and most widely deployed TLS introspection middle box in the world ...

Why do we all disdain local TLS inspection software yet half the Internet terminates their TLS connection at Cloudflare who are most likely giving direct access to US Intelligence?

It's so much worse as it's infringing on the privacy and security of billions of innocent people whilst inspection software only hurts some annoying enterprise folks.

I wish we all hopped off the Cloudflare bandwagon.

replies(7): >>46216030 #>>46216051 #>>46216089 #>>46217208 #>>46217601 #>>46221412 #>>46226753 #

apexalpha ◴[10 Dec 25 10:10 UTC] No.46216051[source]▶

>>46215864 #

I'm not sure if you're serious but in case you are (or other people):

TLS inspection is for EVERYTHING in your network, not just your publicly reachable URLs.

Putting Cloudflare anti-DDoS in front of your website is not the same as breaking all encryption on your internal networks.

Google can already see the content of this site since it's hosted... on the internet.

replies(3): >>46216233 #>>46216504 #>>46216798 #

1. ForHackernews ◴[10 Dec 25 12:06 UTC] No.46216798[source]▶

>>46216051 #

...do you send private messages using services hosted on publicly reachable URLs?

↑