Comment by pabs3
3 years ago
PS: I note cloudflared uses some form of telemetry, although I have not looked at what data is transmitted and didn't try to remove it after seeing the above license.
PPS: I wish cloudflared were split up into client and server instead of one binary for both, it would be easier to audit and understand that way.
PPPS: I noted while auditing that cloudflared embeds its dependencies instead of depending on them and uses some golang libraries that are obsoleted.
hearing this I'm not sure I want cloudflared inside my network at all
it's already vast... and telemetry always seems to be the thin end of the wedge
a minimal version, not maintained by the company, under a proper open source license with no bullshit and a vastly smaller attack service would seem like a easy win...
(and even better if it supported more service providers than just cloudflare... killing their lock-in)