Comment by tfar
8 years ago
"CF doesn't even host them, they just protect their sites from DDoS and DNS."
The #1 excuse people use. They do more than just DNS, they deliver the actual data, that would have been delivered by the original host, to visitors. So I'd consider them hosting an automatically updated mirror, and as bad as the original host.
Related story:
I used to use Cloudflare for DNS, but I left because I was becoming uncomfortable with their policy regarding DDoS attack sites. We run our own Anycast CDN now for the HTTP, but I didn't want to have to deal with the DNS servers so I outsourced it to DNSimple.
Turns out that DNSimple unknownst to me started using Cloudflare's DNS servers under the hood. They were getting attacked by the DDoS attack sites Cloudflare hosts and it was threatening the service. I figured this out by doing a lookup of their nameserver IPs.
So my attempt to get away from using Cloudflare has meant that I'm just right back on Cloudflare's servers, again.
This is an insidious cycle that will not end well for the internet, or for our freedom on it. The internet will not be decentralized anymore if the entire thing sits on Cloudflare and depends on Cloudflare to function. Cloudbleed is a canary in the coalmine.