Stop Breaking TLS

(www.markround.com)

170 points todsacerdoti | 2 comments | 10 Dec 25 07:06 UTC | HN request time: 0s | source

Show context

arianvanp ◴[10 Dec 25 09:43 UTC] No.46215864[source]▶

Complains about TLS inspection, yet fronts their website on the biggest and most widely deployed TLS introspection middle box in the world ...

Why do we all disdain local TLS inspection software yet half the Internet terminates their TLS connection at Cloudflare who are most likely giving direct access to US Intelligence?

It's so much worse as it's infringing on the privacy and security of billions of innocent people whilst inspection software only hurts some annoying enterprise folks.

I wish we all hopped off the Cloudflare bandwagon.

replies(7): >>46216030 #>>46216051 #>>46216089 #>>46217208 #>>46217601 #>>46221412 #>>46226753 #

1. port11 ◴[10 Dec 25 13:01 UTC] No.46217208[source]▶

>>46215864 #

Do you have an alternative, potentially one that's less centralised or private or in bed with three-letter agencies? I ask because my last infra was probed for vulnerabilities hundreds of times per day; putting Cloudflare in front with some blocked countries and their captchas brought the attempted attacks down to a few dozen per month.

replies(1): >>46224985 #

2. halJordan ◴[10 Dec 25 22:39 UTC] No.46224985[source]▶

>>46217208 (TP) #

I mean, is doing your own geo blocking actually a blocker for you?

↑