Comment by altcognito
4 years ago
Cloudflare has probably more than one person now involved in monitoring with realtime tools what is being done on their network.
This doesn't take a lot of intuition to think that they have a better idea than a random person on the internet.
CF provided domain DDOS protection, not serving, for KF. So content/hosting isn't part of service CF were providing.
The posts are public on a public forum. You dont need an account. Like Twitter! :)
>realtime tools what is being done on their network.
That inspects every post? That sees some hidden forums for ultra doxxing and crime?
I don’t know where posts are coming from when I see them online. We can only guess at the specifics (which will hopefully be released when there’s time for an after-action report) but presumably cloudflare may be able to see ip addresses and have some idea of location. If someone posts “I’m coming to kill you” a dozen times but the ip is in Europe and doesn’t appear to be a VPN then that’s less cause for concern than the same posts made by someone with a residential ISP ip that’s half an hour away from the target.
Of course that may not at all resemble what happened, but you are incorrect to believe the cloudflare doesn’t have a privileged position that allows them more information.
When the topic under discussion are the contents of a publicly available website, unless you think that Cloudflare has some kind of tooling scanning for specific terms on the CDN origin (why?), no, I am pretty confident in saying they do not have any additional information. This is not some arcane matter of network management, this is the public contents of a public website that anyone can verify.
The additional information would be “the board is getting pissed and you need to fix this now”.