cloudflare

The inspiring story of how Cloudflare defeated a patent troll and broke the patent-trolling business-model

In 2016, Cloudflare was targeted by a notorious patent troll called Blackbird Technologies; rather than capitulate, the company set up a fund called "Project Jengo" to pay bounties to researchers who documented prior art that could be used to invalidate the patent in question -- and all of Blackbird's patents, and began to file to have additional patents invalidated based on that crowdsourced research. Read the rest

America's rotten ISPs object to encrypted DNS, argue that losing the ability to spy on your traffic puts them at a competitive disadvantage

I'm 100% in favor of pro-competitive regulation of Big Tech, and that is because I'm 100% in favor of pro-competitive regulation of all our hyper-concentrated, monopolistic industries. Read the rest

UK ISP Association, spies, censorship organsation jointly condemn Mozilla for supporting secure DNS because it breaks UK internet censorship rules

ISPs in the UK are required to censor a wide swathe of content: what began as a strictly limited, opt-in ban on depictions of the sexual abuse of children has been steadily expanded to a mandatory ban on "extreme" pornography, "terrorist content," copyright and trademark infringement, and then there's the on-again/off-again ban on all porn sites unless they keep a record of the identity of each user and the porn they request.. Read the rest

Millions of rehab records leak, including patient names – nearly 150,000 affected

Every NSFWpocalypse sends users to small, indie platforms, who are threatened by the same factors that make no-platforming practical

Back when Livejournal purged its NSFW fanficcers and other text-based purveyors of delightful smut, users flocked to Dreamwidth, a small, indie, smut-tolerant community run as much as a labor of love as it is as a business. Read the rest

In less than 24 HOURS, an EU committee votes on whether to mass-censor the global internet

We've got less than a day until the key vote on the wording of the new EU Copyright Directive, when members of the EU's legislative committee will vote on whether to include controversial mass censorship language in the proposal that the parliament will vote on. Read the rest

The upside of big tech is Russia vs Telegram, but the downside is Cloudflare vs SESTA

Yesterday, I wrote about the way that tech-sector concentration was making it nearly impossible for Russia to block the encrypted messaging service Telegram: because Telegram can serve its traffic through giant cloud providers like Amazon, Russia can only block Telegram by blocking everyone else who uses Amazon. Read the rest

Russia's fumbling, heavy-handed Telegram ban is a perfect parable about the modern internet's promise and peril

Russia tried to get the creators of the private messaging service Telegram to create a back-door so its cops could spy on Telegram users; Telegram refused and Russia banned Telegram in retaliation. Read the rest

Cloudflare's 1.1.1.1: an encrypted, privacy-protecting DNS service

Cloudflare, a company with a history of resisting surveillance and censorship orders (albeit imperfectly and sometimes with undesirable consequences) has announced a new DNS service, hosted at the easy-to-remember address of 1.1.1.1, which accepts connections under the still-novel DNS-over-HTTPS protocol, and which has privacy designed in, with all logs written only to RAM (never to disk) and flushed every 24 hours. Read the rest

The latest "reflection attack" gooses Denial of Service attacks by a factor of 51,000

To launch an effective Denial of Service attack, your bots need to overwhelm your target with a flood of requests; the more bandwidth and computing-power your target has, the more you need to knock them off the internet. Read the rest

Cloudflare terminate Sci-Hub domains, declining to challenge court order

Cloudflare has terminated service to Sci-Hub, the site that provides paywall-free access to virtually all scholarly work, citing Aaron Swartz as inspiration -- Cloudflare previously serviced the sci-hub.la, sci-hub.tv, and sci-hub.tw domains, but in response to an injunction obtained by the American Chemical Society, they will no longer provide that service. Read the rest

The Paradox of Tolerance: should intolerance be tolerated?

With the rise of white nationalist groups whose allies in government extend all the way to the President of the United States, tech companies are finding themselves in the uncomfortable position of deciding where tolerance begins and ends -- where they have a duty to step in and silence certain kinds of speech. Read the rest

Cloudflare CEO ponders legal methods of slowing down Ajit Pai's internet connection

As Trump FCC Chairman Ajit Pai tries to kill Net Neutrality under cover of Thanksgiving, Cloudflare CEO Matthew Prince has tweeted that he is looking into ways that he can legally take up Josh Constantine's challenge to give Pai "14.4k dial-up speeds for killing net neutrality." (Image: Evan-Amos, CC-BY-SA) (via /.) Read the rest

How these lava lamps are securing the internet

"Something like ten percent of the web flows through Cloudflare's network," states Nick Sullivan, Head of Cryptography for internet "gatekeeping" service Cloudflare.

So, in order to keep their client's protected, they need to generate a lot of unpredictable, completely random numbers. That's where this wall of lava lamps comes in.

Cloudflare's "Wall of Entropy" sits in the lobby of their headquarters in San Francisco. It uses the unpredictability of its flowing "lava" to assist in randomly generating numbers.

On their blog, they explain how it works, for people both with technical and non-technical backgrounds. This is an excerpt from their non-technical explanation:

At Cloudflare, we have thousands of computers in data centers all around the world, and each one of these computers needs cryptographic randomness. Historically, they got that randomness using the default mechanism made available by the operating system that we run on them, Linux.

But being good cryptographers, we’re always trying to hedge our bets. We wanted a system to ensure that even if the default mechanism for acquiring randomness was flawed, we’d still be secure. That’s how we came up with LavaRand.

LavaRand is a system that uses lava lamps as a secondary source of randomness for our production servers. A wall of lava lamps in the lobby of our San Francisco office provides an unpredictable input to a camera aimed at the wall. A video feed from the camera is fed into a CSPRNG, and that CSPRNG provides a stream of random values that can be used as an extra source of randomness by our production servers.

Read the rest

4-10% of encrypted web connections are man-in-the-middled and intercepted

Cloudflare's joint research with "a large e-commerce site" and Mozilla found that between 4-10% of secure, encrypted web connections are "intercepted," largely by corporate antivirus software that inserts its own certificates into users' browsers, allowing it to scan all traffic entering workers' computers. Read the rest

The "anti-patterns" that turned the IoT into the Internet of Shit

Cloudflare presents a primer on "anti-patterns" that have transformed IoT devices into ghastly security nightmares. Read the rest

Enterprise firewalls are man-in-the-middling HTTPS sessions like crazy, and weakening security

A group of security researchers from academe and industry (including perennial Boing Boing favorite J Alex Halderman) have published an important paper documenting the prevalence and problems of firewalls that break secure web sessions in order to scan their contents for undesirable and malicious content. Read the rest

Next page

:)