this post was submitted on 05 Aug 2024
81 points (98.8% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54716 readers
340 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] neshura@bookwormstory.social 32 points 3 months ago (4 children)

I'm sure this is definitely going to go how the regulator thinks it will go. What with Cloudflare being one of the driving factors behind e2e encrypting more and more of the HTTP stack, making it ever harder for ISPs and other 3rd parties to see inside the HTTP traffic.

[–] 01189998819991197253@infosec.pub 3 points 3 months ago* (last edited 3 months ago) (3 children)

While true, to accomplish this, cf becomes a MitM, effectively making seeing encrypted traffic obsolete, as all traffic goes through cf unencrypted, before being re-encapsulated by cf again.

Edit, maybe I wasn't clear. It isn't a MitM attack, but it is a MitM (by design, it must be). In the wrong hands or the wrong management or under the wrong government, it could be the attacker, as it's in the perfect position to do so, but I highly doubt it will be in the current environment.

[–] Natanael 5 points 3 months ago

CF has multiple options, you can use them as just a load balancer/firewall while handling your own TLS cert. I think most let them hold the cert so they can get CF caching services though

load more comments (2 replies)
load more comments (2 replies)