← Back to context

Comment by nicholasjarnold

3 days ago

Gotcha. Yeah, I mean all of these platforms are certainly juicy targets for room 641A [0] shenanigans. I just wondered if there had been some public leaks or something which we might not all be aware of yet.

[0] - https://en.wikipedia.org/wiki/Room_641A

I'd also point out the following from Cloudflare CEO Matthew Prince's wiki page [1]:

> "Prince co-founded Unspam Technologies, which supported the development of Project Honey Pot [2], an open source data collection software created by Prince and Lee Holloway designed to gather information on IP addresses used by email-address harvesting services."

> In 2008, the Department of Homeland Security (DHS) contacted Unspam Technologies, asking, "Do you have any idea how valuable the data you have is?" The DHS' email served as the impetus for Cloudflare, a technology company Prince co-founded with Holloway and fellow Harvard Business School graduate Michelle Zatlyn the following year

> The DHS' email served as the impetus for Cloudflare

Emphasis mine. I love Cloudflare, their tech is amazing, but to bury our heads in the sand that it wasn't started from day one to be a government spying program would be extremely naive.

[1] https://en.wikipedia.org/wiki/Matthew_Prince

[2] https://en.wikipedia.org/wiki/Project_Honey_Pot

  • https://blog.cloudflare.com/cloudflare-prism-secure-ciphers/

    > At CloudFlare, we have never been approached to participate in PRISM or any other similar program.

    > To date, CloudFlare has never received an order from the Foreign Intelligence Surveillance Act (FISA) court.

    • Overly specific weaseling. (Not by you, by Cloudflare).

      The questions are not about if they were approached or participate in any programs, it's what they do and if they provide the data or not.

      2 replies →

    • US based companies (like china and europe based ones) are not allowed to talk about it, when state actors implementing their spying tools. It is just naive to think that cloudflare doesn't give access to state agencies. As others have said, it is more likely that cloudflare as a company is entirely built around the idea to provide a singe point of surveillance to US agencies.

      2 replies →

    • >> At CloudFlare, we have never been approached to participate in PRISM or any other similar program […because we approached them]

      >> To date, CloudFlare has never received an order from the Foreign Intelligence Surveillance Act (FISA) court […because they never had to ask in the first place]

      My paranoia was cemented by the book When Google Met Wikileaks. Silicon Valley types do not have to be coerced to share data with 3 letter agencies, they have aligned incentives to ensure American dominance. Which is fine with me, as an American, but I won’t pretend there’s some rivalry where Cloudflare won’t comply without a court order.

Post Snowden, I think the assumption has to be any large US hosting/service provider is compromised in a similar fashion.