Comment by hoorayimhelping
8 years ago
>edit: why the revulsion
I'd guess it's because of the crude and reductive way you describe the service cloudflare provides. I don't know what type of programming you do, but many small services don't have the infrastructure to mitigate the kind of attacks cloudflare deals with and they wouldn't be around without services like this.
I don't like the internet becoming centralized into a few small places that mitigate DDOS attacks like this, but I like the alternative (being held ransom by anyone with access to a botnet) even less.
I'm going to take a more even handed approach than what you're suggesting. Any time you work with a service like this you risk these kinds of things - it's part of the implicit cost/benefit analysis humans do every day. I'm not ready to throw out the baby with the bathwater because of one issue. I'm not sure what alternative you're suggesting (I didn't see any suggestions, just a lot of ranting, which might also contribute to the 'revulsion') but it doesn't sound any better than what we have.
So rather than demand fixes for the fundamental issues that enable ddos attacks (preventing IP spoofing, allowing infected computers to remain connected, etc), we just continue down this path of massive centralization of services into a few big players that can afford the arms race against bonnets.
Using services like Cloudflare as a 'fix' is wrecking the decentralized principles of the Internet. At that point we might as well just write all apps as Facebook widgets.
When in a tactical emergency do not say "and why is this shit raining down upon us?"
That is a separate step. First you either take cover or help.
Problem most often is that after you take cover, you forget to ask that question.
1 reply →
Interesting, so to make people stop thinking strategically and run the way I want, just throw shit at you?
Do you see a problem with that?
However, I haven't seen people enable ButtFlare's proxy only when under DDoS. Most of their users enable the proxying just for the CDN performance or just in case or… you get the idea.
4 replies →
>I'm not ready to throw out the baby with the bathwater because of one issue.
Extreme centralization of the Internet is not a "baby", except maybe in the sense of a cuckoo's egg.
But I'm willing to bet the mentality of this comment is highly representative of many web developers and service providers. They will not seek to fix anything, because they don't see this state of things as a problem in the first place.
How about... stop CLOUD THIS and CLOUD THAT.
Cloud means extreme centralization.
It means giving your data to a third party you don't control.
Why?
Why does our networked software have to assume a centralized topology?
In the days when developed countries had dialup, protocols (IRC, Email, etc.) were all decentralized. Today, all the famous developers live with fancy broadband internet connections and forgot what it's like to have to think about netsplits.
The result... all the software is either "online" or broken.
There shouldn't be an "online" or "offline". There should be "do I have access to server X currently?"
Why do we need Google Docs to collaborate on a document if we are all in the same classroom?
Why do we need centralized facebook server farms whose engineers post on highscalability how they enable us all to post petabytes of photos and comment to our friends?
Why do we need centralized sites to comment at all? Each thread is local to its parent.
Why does India need internet.org from facebook?
If communities could have a network that survives without an uplink to the outside world then DDOS from the global internet would just cut off that network's hosting of documents to outsiders. They'd still be able to do EVERYTHING locally - plan dinners, book a local appointment, send an email etc. and even post things out to the greater internet.
This is a future I want to see.
We already have mesh networks. We need more web based software to run these things.
That's what we are building at qbix.com btw.
Your why questions can all be answered by "It's cheaper than hiring a team to do it in-house". At the end of the day it's all about money and non-techy people are often the people in charge of the money.
Doesn't have to be. Services can be packed into easily deployable package. It's even easier now thanks to container technology.
I agree with you 100%.
Tim Berners-Lee, the "father" of World Wide Web, is currently advocating for exactly what you are asking for.
See: https://www.decentralizedweb.net/
lol, qbix.com connects to cloudflare.com
What are you talking about?
1 reply →
wonder how he spells "hypocrisy".
from wikipedia [1]: - Cloudflare was ranked in the 7th rank among the top 50 Bad Hosts by HostExploit.[41] The service has been used by Rescator, a website that sells payment card data
- Two of ISIS' top three online chat forums are guarded by Cloudflare
- An October 2015 report found that Cloudflare provisioned 40% of SSL certificates used by phishing sites with deceptive domain names resembling those of banks and payment processors.
and so on... WTF is wrong with those guys? money-first approach?
[1] https://en.wikipedia.org/wiki/Cloudflare#Criticism_and_contr...