Hi Dave and Jonathan

I highly recommend you contact them and see what their approach is in regards to the protection of vile sites. I suspect you may be somewhat disappointed by their response, or perhaps you won't be.

They protect *ALL* of the most utterly vile content on the internet including the chans and a number of other vile sites I won't mention.

Other WAFs/CDNs such as AWS Cloudfront, Akamai, Fastly, MaxCDN, Project Shield don't seem to have this problem as they have an AUP and appear to enforce it.

I made the mistake of attempting to use their abuse form to be then doxed as the company who runs the site is the same as the person who runs the hosting infrastructure on one of the sites actively hosting and promoting the video and manifesto. I haven't received any response from Cloudflare after I attempted to contact them saying I was doxed because I was following their process.

It's my view Cloudflares role in providing DDoS mitigation on sites is to also have an acceptable use policy. Their lack of AUP speaks volumes about where they place that importance on if anything is unacceptable.

Appreciate your opinion Jonathan, I have asked InternetNZ the same question but wondered if there was a view from NZNOG too.

Cheers

Peter

On Fri, May 3, 2019 at 9:00 AM Dave Mill <dave@mill.net.nz> wrote:

I have a good contact at Cloudflare if we did want to discuss this with them at all. I find Cloudflare very good to deal with and deal with someone there regularly.

I personally think that service providers just peer with other providers to get content to our customers. We don't make ethical decisions when doing this - its about getting content to our eyeballs in the best possible manner.

Is it really Cloudflare's job to censor the internet? If anyone is performing censorship shouldn't that be our respective governments?

Just my 2c.

Dave

On Thu, May 2, 2019 at 1:54 PM Peter Lambrechtsen <peter@crypt.co.nz> wrote:
I don't think this question has been asked but I think it's worth asking.

After the Christchurch attacks and the fact that Cloudflare clearly support terrorist and white supremacist sites has there been any consideration on if peering or engaging with Cloudflare is something that providers no longer wish to participate in.

Or there isn't a sense of morality when it comes to the internet.

Cloudflare have a LONG history of not caring about any and all vile material and have absolutely no intention to do anything about it from the engagements I have had with them post Christchurch.

https://arstechnica.com/tech-policy/2017/05/cloudflare-changes-abuse-policy-but-refuses-to-censor-the-internet/
https://www.theregister.co.uk/2018/12/19/cloudflare_terror_groups/
https://suespammers.net/tag/cloudflare-com-doing-nothing-about-spam-abuse/
https://krebsonsecurity.com/tag/cloudflare/
https://www.propublica.org/article/how-cloudflare-helps-serve-up-hate-on-the-web

To me they are clearly supportive of all sorts of vile content and have zero interest in doing anything about it while they still earn money.

Has the horrific events of Christchurch given anyone pause to think if they want to engage with Cloudflare?

Are morals important when running a service?.

Peter
_______________________________________________
NZNOG mailing list
NZNOG@list.waikato.ac.nz
https://list.waikato.ac.nz/mailman/listinfo/nznog