this post was submitted on 08 Jun 2024
16 points (86.4% liked)

Monero

1653 readers
24 users here now

This is the lemmy community of Monero (XMR), a secure, private, untraceable currency that is open-source and freely available to all.

GitHub

StackExchange

Twitter

Wallets

Desktop (CLI, GUI)

Desktop (Feather)

Mac & Linux (Cake Wallet)

Web (MyMonero)

Android (Monerujo)

Android (MyMonero)

Android (Cake Wallet) / (Monero.com)

Android (Stack Wallet)

iOS (MyMonero)

iOS (Cake Wallet) / (Monero.com)

iOS (Stack Wallet)

iOS (Edge Wallet)

Instance tags for discoverability:

Monero, XMR, crypto, cryptocurrency

founded 1 year ago
MODERATORS
 

I made a post here about the danger of Cloudflare and the nightmare about how it functions:

https://sh.itjust.works/post/20529148

Cloudflare is a MITM can see everything going on and every request I'm making plus all the data I'm sending.

So explain to me why Trocador is using it? Are they a honeypot? They pride themself soooo much on anonymity, NoJS, Onion support, deletion of records, No KYC, No logs unless fully necessary, but yet, they allow Cloudflare to record every single piece of data about my interactions on trocador, all the requests, both POST and GET, all the addresses and amounts im inputting, quotes im making, and of course, associate my browser fingerprint and IP with all that yummy data that the NSA would be really happy to collect ;) ! How curious indeed..

It's a known fact that Cloudflare works the way I described. So why would Trocador willingly give over everything I'm inputting into the site over to Cloudflare? Please, someone explain this to me.

And it's not just trocador. soooo many Monero and privacy oriented sites are using Cloudflare MITM. Today I'm picking on Trocador but later I'll pick on more as I remember/come across them.

Here is a relevant paragraph I wrote:

I'm sick to my stomach of all these orgs and companies and people talking about privacy, and then they constantly do all these kinds of things thst prove that they don't actually care about privacy or anonymity or anything in between. They are Vipers and Snakes trying to make a quick dollar on a buzzword. It's become sadly trite.

I'm fully ready to somehow(?) be wrong about all this and eat my words.

you are viewing a single comment's thread
view the rest of the comments
[–] Scolding0513@sh.itjust.works 7 points 4 months ago (1 children)

Thank you for responding, the communication is much appreciated. Seems like poor timing with the attack and monerokon happening at once, for sure.

Yes, agreed, as said in another comment, it would be really great if such things could be communicated to the community. I recommend a banner on the site with the latest update and a link to a mastadon page or a third party blog page (so people can bookmark it in the case of a teml shutdown). All of the words you gave here should be in such a post. otherwise people see the infamous CF MITM page and have to assume the worst :(

Thanks again for the response, I really hope the team is able to get some long term non-Cloudflare mitigations very soon.

[–] TrocadorApp@monero.town 4 points 4 months ago (2 children)

Thanks for the kind words. Tomorrow our team will be 100% focused on these tasks! By the way, Monerokon was great! A lot of good people there, an outstanding community!

[–] Scolding0513@sh.itjust.works 5 points 4 months ago

awesome. our community really is the best fr.

[–] BobGnarley@lemm.ee 1 points 4 months ago

Were you guys able to move off of CF?