← Back to context

Comment by wumeow

3 days ago

https://blog.cloudflare.com/cloudflare-prism-secure-ciphers/

> At CloudFlare, we have never been approached to participate in PRISM or any other similar program.

> To date, CloudFlare has never received an order from the Foreign Intelligence Surveillance Act (FISA) court.

8 comments

wumeow

Reply
fidotron  3 days ago

Overly specific weaseling. (Not by you, by Cloudflare).

The questions are not about if they were approached or participate in any programs, it's what they do and if they provide the data or not.

  • wumeow  3 days ago

    Again, an offhand comment about an email from the DHS is given all the weight in the world while a direct statement from Cloudflare is nitpicked to death.

    • fidotron  3 days ago

      The whole point is it's not a direct statement. It is a lot of words which fails to answer the core question: is cloudflare syphoning data off to any of the Five Eyes (and I almost wrote Five Guys . . ) government intelligence agencies or their allies?

      For example, in your link: "One of the ways we limit the scope of orders we receive is by limiting the data we store. I have written before about how CloudFlare limits what we log and purge most log data within a few hours. For example, we cannot disclose the visitors to a particular website on CloudFlare because we do not currently store that data."

      So if they are MITMing everything they totally could just send everything out straight away and not contradict what they're saying at all. Them storing the data or not is completely beside the point.

ahofmann  3 days ago

US based companies (like china and europe based ones) are not allowed to talk about it, when state actors implementing their spying tools. It is just naive to think that cloudflare doesn't give access to state agencies. As others have said, it is more likely that cloudflare as a company is entirely built around the idea to provide a singe point of surveillance to US agencies.

  • wumeow  3 days ago

    Love the double standard here. An offhand comment about an email from the DHS is considered strong evidence that Cloudflare was "started from day one to be a government spying program" while anything Cloudflare could say to deny it is brushed off as not strong enough.

    • mattbee  3 days ago

      I'm not judging the evidence FOR Cloudflare being a spy.

      But it's a natural double standard that when your potential spy says "I'm not a spy!", well it's no evidence AGAINST.

jazzyjackson  3 days ago

>> At CloudFlare, we have never been approached to participate in PRISM or any other similar program […because we approached them]

>> To date, CloudFlare has never received an order from the Foreign Intelligence Surveillance Act (FISA) court […because they never had to ask in the first place]

My paranoia was cemented by the book When Google Met Wikileaks. Silicon Valley types do not have to be coerced to share data with 3 letter agencies, they have aligned incentives to ensure American dominance. Which is fine with me, as an American, but I won’t pretend there’s some rivalry where Cloudflare won’t comply without a court order.