To be honest, the internet was worse without Cloudflare, so as long as they provide a good service for their customers, I’m fine with it. This is one of those.
Google is in a perfect position to compete but they don’t, so it’s not like Cloudflare is a monopoly or something.
It had much more freedom. Currently it's up to Cloudflare to decide whether you will read that article or not. Tomorrow some stupid law will mandate certain ideas to be hidden from children[1] and Cloudflare will happily comply.
The growth of Cloudflare is what makes the law possible.
Several countries have stupid laws around online child protection, that are universally ignored and universally not enforced simply because there is no reasonable way to comply. Others might be tempted to introduce new stupid laws once they become feasible.
That doesn't make it Cloudflare's fault, but the centralization is still a problem.
I think it's being pointed out as an inherent weakness of greater centralization when it comes to the internet's resiliency against government interference and censorship. The internet used to be much more decentralized than it is today.
Because human nature is what it is. The best way to eat better isn't to be a better person, it's to not keep junk food at the house. It's not Cloudflare's fault that they're successful, but it's now everyone's problem that they're an easy throat for governments to choke.
Also, remember that time that Cloudflare didn't take down a Nazi website because they didn't want to be arbiters of the internet but then everyone accused Cloudflare of supporting Neo Nazis. That this led to boycotts so they ended up taking down the site and wrote a blog post being like "fine, but this is dumb"
That didn't really have to do with the law. You could segue it was a free market action. Though there were definitely legal threats as well. (There's even people here in this thread making similar claims of Cloudflare supporting specific groups/content)
Businesses are not expected to protect your freedom of speech. If you want to say stuff that no one wants to print, you can't sue a business for not printing it.
The government can't stop you from requesting a permit and saying it on public lands, though... And back when telecoms were common carriers, you could have done such from your home Internet, now you can only do it from your voice line.
Right but ISPs and services like CF should be neutral parties just like the Cisco routers and Corning fiber. They should not be arbiters of what’s currently acceptable. Thats not to say they are not subject to jurisdictional law but rather they should not be their own law imposing their views.
Now of course if they want to provide you the user with tools to filter or hide things you disagree with out, by all means.
Yep- your phone or electrical provider don’t monitor your speech for objectionable content and neither should someone like Cloudflare once they achieve ’utility’ like status.
Sorry, but sometimes they are. Laws are reactive so can only be updated when harm is done. But if businesses and people act to hold up the spirit of those laws then the harm doesn't happen in the first place. It's proactive vs reactive.
Plus, bring proactive saves everyone a whole lot of time and money. So many things would be better if people (and every entity) was just trying to do their best and no one was trying to fuck each other over. You may call it a dream and that's fine, but also remember that the vast majority of people already operate that way. A small number of people do the most harm
Are you arguing for a system where employers consider your political views before hiring you?
And no this is not an attempt to in anyway belittle what Nazi German did during WWII. Assuming the employee you are referring to has never been engaged in such acts, though, that feels like a very slippery slope.
Yes. Discrimination in hiring with regard to personal viewpoints (ie adult decisions, not built-in traits) is one of the best ways we have to shape society for the better.
As private entities, we have freedom of association - including freedom to shun certain groups. Use it!
Once we start that, we cannot control if it is going to shape the society for the better or worse. Should feminists be prevented from joining a company? How about pro-choice rights activists? And one persons better society would be totally different from the other person's better society.
We should aim to reduce discrimination not encourage it for select causes.
> Should feminists be prevented from joining a company?
Depends on the views of those doing the hiring.
Should you be allowed to not hire racists?
You are literally arguing against freedom of association. We get to choose with whom we do business! That is our right, as well as the status quo today.
I don’t hire smokers or ex cops, as I think they are unintelligent and assholes, respectively.
If it were legal I would never hire a practicing theist or anyone ex-military, as they are signs to me
of low intelligence and poor
moral character.
You have the right as a free person to discriminate against any non-protected group in service of your company and business.
Someone’s opinions are fair game for evaluation. Think Windows is better than Linux on servers? Keep
moving. Think being a culture warrior in the US is a prudent move? Same deal.
All other things being equal, I prioritize people who have lived in multiple countries over people who haven’t. This necessarily means I am discriminating against those who have not.
There are a million attributes we can use to make hiring decisions. It’s not only legal, it’s prudent.
For anyone not understanding this comment and similar ones try this for me: replace "speech" with "encryption" and "Nazis" with "pedos and terrorists".
Here's the thing, authoritarians use abhorrent groups to justify authoritarian laws. It creates a power creep. Even well meaning rulers will push for more autocratic power with the justification that they can do more good with it. But unless you can place strong guarantees that no malicious ruler can come to power, you should evaluate powers as if they are the ones wielding it.
It's the entire concept of Turnkey Tyranny. A thing we are actively watching being exploited in America and across Europe. Because you can't prevent a malicious ruler from gaining power in a free society, but you can greatly limit their ability to do harm. But this can't be done with myopia.
In my view, this whole stance is completely indefensible, and it frankly shocks me every time I hear this from the progressive side of the political spectrum.
You want to introduce additional discrimination at every workplace in order to get rid of viewpoints you don't agree with?! This is honestly closer to Nazi ideology than the actual Nazi would probably be that you want to discriminate against.
How would you ever prevent policies like this from being leveraged against minorities? How could you ever make sure that you are never gonna be a "Catholic church against Galilei" equivalent?
You do realize that such a policy would've been used like 30 years ago to exclude every pro-LGBT person from hiring, after being used against anti-racial-segregation advocates in the decades before and everyone in favor of womans voting rights well into the 20th century?
If you want some totalitarian society that enforces state-sanctioned viewpoints I would kindly ask you to build your own, preferably as far away as possible, because that stands diametrally opposed to the principles the US was founded on.
Please continue to tell me how my refusing to hire cigarette smokers, functioning alcoholics, Floridians, people who don’t read books, or people who are overtly rabid about US patriotism is the same as embracing Nazi ideology. I’m quite curious about your logic here.
I'm not throwing around the Nazi analogy lightly here:
Discrimination against outgroups/dissenters/opposition was basically the central domestic tenet under the Nazi Regime ("Gleichschaltung"), aiming to root out opposition and dissent in any form. A lot of this happened long before setting up extermination camps.
In my view, every person is free to pick who they work or associate with, but hiring discrimination achieves little and opens the door for extremely harmful abuses of this very mechanism.
People are not really gonna stop drinking, smoking or rabidly patrioting just because you won't hire them, they're just gonna hate "your" class of people more, and behave the same way towards groups they don't like.
A society where every progressive person refuses to hire rednecks is also a society where every redneck refuses to hire colored people, immigrants, LGBT people/advocates, feminists.
Not only that, but the majority of society was very obviously wrong about the merit of a lot of viewpoints in the past, and the system you advocate for would have a much harder time admitting/fixing such mistakes in viewpoint valuation (slavery, apartheid, sexism, religious intolerance, racial discrimination, LGBT discrimination just to name a few).
I'm quite happy to continue this discussion, but "what are the similarities of this to Nazi tenets" is the least interesting aspect to me.
I’m not a government and I have no legal authority to build extermination camps. It’s not the same thing.
> A society where every progressive person refuses to hire rednecks is also a society where every redneck refuses to hire colored people, immigrants, LGBT people/advocates, feminists.
Yes, I’d like to live in that world. Freedom of association is a good thing, and a powerful force to shape the world for the better. If idiots want to kneecap their businesses, they should be allowed to.
What if my neighbor was born gay (can't help it), but I just decide that I want to try gay this week? Is it fine to discriminate against me, but not him? I made an adult choice this week.
> Are you arguing for a system where employers consider your political views before hiring you?
Yes? Such a system already exists and is currently in place in virtually every country in the world.
If I go online and trash talk anyone, that might prevent me from getting hired.
Similarly, if I work someplace, and I call my boss a jackass, I might get fired!
You're trying to invoke "political" as a sort of shield here. No, it's not just politics.
Its called being an asshole. Assholes might be unemployable because that's how human socialization works. Have you met a Nazi that isn't an asshole? Because I haven't. So, there you go.
> If I go online and trash talk anyone, that might prevent me from getting hired.
> Similarly, if I work someplace, and I call my boss a jackass, I might get fired!
Those examples have nothing to do with your specific political views. Both issues there are about how you engages with others and are a reasonable example of why you might cause problems on a team. The specific views you would have shared rudely have nothing to do with the actual problem at hand.
> Those examples have nothing to do with your specific political views.
Yes they do - as I've said, you can't invoke politics as a shield.
You can be fired for your beliefs. Politics are a belief. So you can be fired for politics.
If you're trying to say that you can just be an asshole in private - sure. If you share your political beliefs, it's no longer private.
Most companies don't want to hire people they think are assholes.
Ultimately, it's very simple human behavior. I don't want to work with people who suck. You don't either. Okay, so we must discriminate based on politics or other beliefs.
Hiring, in it of itself, is just discriminating. We're discriminating based on skills, personality, beliefs, and fit. That's what hiring is.
There's only a select couple of things we can't, or shouldn't, discriminate on. Politics isn't one of them. If you think black people need to be exterminated or whatever, there's no gun to my head making me hire you. No, I'm not gonna hire you.
> Yes they do - as I've said, you can't invoke politics as a shield.
That isn't the issue at hand. You are describing using ones political views against them simply for them holding those views, not someone being an asshole and attempting to justify it as a political act.
> Most companies don't want to hire people they think are assholes.
Sure, though they would base that on behavioral tendencies rather than a political survey.
> Ultimately, it's very simple human behavior. I don't want to work with people who suck. You don't either. Okay, so we must discriminate based on politics or other beliefs.
Ultimately you're the one worse off for viewing people this ways. Views and beliefs don't make a person suck, actions do.
> If I know you have political views X, you already fucked up. This is a tree falling in the forest problem.
Yes, that's the exact point the other person is making. The resulting consequences are, and should be, a consequence of that fuck-up, and not a consequence of the value of X.
Ok, sure, but now the conversation is purely theoretical. What you're talking about is a situation that, by your own admission, cannot exist!
Because in order to punish me for being X, you have to know I'm X! But if you know I'm X, then I must have said it at some point! In which case, you're firing me for saying I'm X, not for being X!
If you're a republican and nobody ever knows, then you're not a republican. Again, it's a tree in the forest problem. You literally cannot be fired for being republican then, so it's indistinguishable from you not being republican.
If you know I have political view X, I have shared my view. That doesn't mean I have acted on them.
Do you view holding or discussing a certain view as acting upon them? Is a distaste for Republicans in America today, for example, tantamount to acting on said distaste and assassinating someone?
> Do you view holding or discussing a certain view as acting upon them?
No, obviously, but they are an action. You can be fired for an action. Your action being a political one does not protect it. That is my point.
Me saying to my boss "I believe you're an asshole and you deserve to die* is an action. I am doing something - saying something distasteful.
That can get me fired. Period. And everyone agrees. No disagreement.
Okay, now I say to my boss "I believe Jews are assholes and they all deserve to die". Now it's political. And suddenly, there's disagreement.
The disagreement is very forced. This is extremely simple. Yes, you can be fired for that. Why? Because people don't like it. Nobody wants to work with people they don't like. It's very simple, very fundamental stuff about how humans work. Making it political doesn't change anything.
Their politics were expressed as behaviors: proclaiming "I'm a nazi" publicly, taking over leadership of GNAA from Stormfront's administrator, etc. These were not private beliefs that were uncovered through surveying. There was no survey.
Or by behavior do you mean that public support of terrorism isn't grounds for an employer to avoid hiring or termination? That the standard for that would be actual terrorist acts?
I'm not sure who the they are you're referring to here, sorry. If anyone acted on their opinions and discriminated against someone, or worse, of course an employer could consider that.
The whole conversation here, though, was whether someone's beliefs alone are enough to discriminate against them in a hiring process. My argument has been that beliefs or opinions shouldn't be discriminated against, but actions are fair game.
This thread is under my post about Cf employing a Nazi activist. I don’t want to name them here because their CEO targets people online who mention them. You can look it up but their X account has been wiped so you have to dig just a little
Yes. Naziism is terrorism. People lose their jobs for publicly supporting terrorism. The employee was self-proclaimed "Nazi" (including to quote, "I'm a nazi", posted publicly while working there) per views and advocacy. They also took over leadership of "GNAA" from Weev (a Nazi with Nazi tattoos etc.) while employed at Cloudflare (I won't type out what it stands for here)
Even Wikipedia does not describe that organization (I assume you don't mean the Greater Nashville Apartment Association...) as itself an extremist organization. (It is also described as defunct.) By its very nature, statements by its members (which you have not evidenced) cannot be taken at face value. Auernheimer's views are his own. The only identification I can find of a possibly other leader of the organization (who you have not named) leads to nothing that confirms any detail of your story - not the supposed Nazism of that person (assuming it's the right person), nor employment at Cloudflare, nor any knowledge on their part.
In short, I can find no good reason to believe this.
Part of being a Nazi means the sincere believe that the Aryan race is superior to all others and that eradicating them is a sensible goal.
Thats not a political view. Its one of racism and finding genocide acceptable. I would sincerely hope that any sensible person would refuse to hire someone like this.
I can't say that I have seen any party documents floating around, but I'll take your word for it here. A person having those views or beliefs still isn't a crime, acting on them is.
A person in a workplace can have whatever views they want. Holding a view in no way prevents them from being able to do the work well. Its a different story if they cause a problem at work, but that is viewpoint agnostic - anyone starting political fights or worse at work is a problem.
A person is entitled to hold any political views they wish, and a business is entitled to not hire them for those views. Just like freedom of speech does not entitle you to a platform or give you immunity from the consequences of saying things.
> I can't say that I have seen any party documents floating around
There are quite literally millions of well recorded documents, pictures, movies, personal accounts of affected people available about what Nazism did and does. If you do need a place to start, feel free give the Wikipedia article a read and use the underlying sources to learn more.
The Nazi Party no longer exists and you're linking to ideology in Germany at the time. We could similarly link to pretty terrible political party views of Republicans or Democrats over our history.
By no means am I defending Nazism here, I would take huge personal issue with any holding those views. That's entirely separate from the topic here though, and I don't agree with discriminating hiring processes based on political views regardless of what they are. If someone can go to work, get the job done, and be a net-positive member of the team I have no reason to act against them.
Not hiring people only for personal views they hold is just a weirs bar to set. Judge people by their fit for the role and their actions. Attempting to both uncover and judge a person's beliefs is a losing battle at best.
It is not a weird bar at all when the "personal view" here is being a Nazi. The action of believing in Nazism is actually a disbarring for any role of trust, integrity, or value in our society.
Being a Nazi is not a protected status (yet) and you should expect to be fired immediately if you espoused those views anywhere, at all.
Not sure how they are involved in this discussion nor do I know their current ideology besides the media reports, but collaborators were/are not uncommon. Abraham Gancwajch, for example, seemed to have no issue with betraying his people.
Be careful with your reasoning. Remember that the current ruling party in America (as well as growing movement in Europe) is using the same rhetoric to go after liberals and trans people.
The problem isn't that any sensible person supports genocide, it is that insensible people can get to power and trick normal people into thinking genocide is necessary or not happening at all. They do the former by saying "if we don't commit genocide then they will commit genocide against us".
The problem is who gets to pick who is right and not? The problem is that if you limit the right to limit speech then good rulers won't abuse that power but evil ones will. It's because they are the ones who pick and choose. It's why you have to protect the rights of those you abhor. Because if you don't you build the powder keg of Turnkey Tyranny. Doesn't matter how many signs you put up, eventually someone will light a match. My accident or because they want to watch it burn.
So yes, to protect those groups being persecuted (trans, minorities, and Jews alike) you need to protect the speech of abhorrent groups like Nazis. You don't have to like it. And you don't have to, and shouldn't, protect the actions of Nazis, but you do have to protect the speech. It's exactly why the ACLU has done this in the past because every authoritarian loves to use abhorrent characters to justify overreaching laws.
We're on Hacker News for fuck's sake! How often have we seen the same play but replace "speech" with "encryption" and replace "Nazis" with "pedos and terrorists". It's the same stupid game!
> The problem is who gets to pick who is right and not?
we all do, collectively, as a society
> So yes, to protect those groups being persecuted (trans, minorities, and Jews alike) you need to protect the speech of abhorrent groups like Nazis.
there is actually a categorical difference between advocating the persecution of minorities, and advocating the persecution of nazis. and furthermore it is actually possible and good for a society to say one of these things is bad and should not be allowed, while the other one is good and should be allowed.
I agree. But at the same time do you not recognize that collectively, as a society, Nazis decided to attack Jews, trans, disabled, and others? It's not an easy game to play and I think that's what most people here are trying to convey. In the end very few people think they themselves are evil.
> there is actually a categorical difference between advocating the persecution of minorities, and advocating the persecution of nazis.
This line is clear to you, but think harder. Abstract just a little and you can see. You program so I am confident you can handle abstraction. (if you can't program, well you're probably on the wrong forum)
Have you ever listened to the right wing talking points these days? I'm not saying you need to believe them, but "know your enemy". They are justifying their hate of minorities by making claims that those people are attacking them. They frame it as self-defense, not offense. It is absolutely critical to understand this, because that's how they have brought people to their side. It is the same way the Nazis did. But again, think carefully, were no one to actually act on said beliefs then how do you know? If you make a "preemptive strike" then you only empower their claims of acting in self-defense. Even if you can justify your "preemptive strike" as a self-defense measure too!
I think you are oversimplifying the problem because you are relying far too much on the obviousness of Nazis being evil. But if you make that mistake you'll have missed the important lesson of how the Nazis gained power and got support from so many people. If you truly believe that evil is trivial to identify then you'll have to conclude that the entire country of Germany one day decided that they wanted to be evil and then the next day they didn't. The ability to flip such a switch would be gravely concerning in of itself, and if unique to Germany then should you not conclude that they should not exist because they have such capacity for evil?
OR you can believe that things are more complicated. That evil creeps and infests. It disguises itself as good, tells you half lies so you have truth to found yourself on (even if that truth is distorted). That the road to Hell is paved by good intentions and that evil can be created by good men trying to do good things.
This is an underlying philosophy to those that acknowledge Turnkey Tyranny. And I say acknowledge, not believe, because look around you. Do you not see these leaders abusing their authoritarian powers? Look at the origins of many of those powers, especially with Trump. They don't all come from right wingers who were playing some long game. He's exploited powers brought in by Biden, Obama, and Clinton, just as he's exploiting powers brought in by Bush, Bush, and Regan.
Evil loves to convince people that everything is simple and evil is clearly identifiable. Why would it not? Do you really believe the snake isn't going to be a snake?
> do you not recognize that collectively, as a society, Nazis decided to attack Jews, trans, disabled, and others? ... in the end very few people think they themselves are evil.
yes, I agree with you, that society made some pretty bogus determinations, and they certainly didn't see themselves as evil. but in the fullness of time and history their position has been understood as wrong.
> I think you are oversimplifying the problem because you are relying far too much on the obviousness of Nazis being evil.
my point isn't about nazis or the obviousness of their evil. my point is that advancement as a species requires delegation of moral authority to collective government i.e. society. and transitively that the possibility of pathological negative outcomes doesn't somehow invalidate this idea outright. we don't throw away the concept of a judicial system because innocent people can be declared guilty. we work towards eliminating those failures in what is otherwise an essential component of government.
zoom out. think larger. be more empathetic. nazis and maga and all of this garbage are bugs in the system, which we're fully capable of stamping out, in the long term.
> Are you arguing for a system where employers consider your political views before hiring you?
Would you put a Nazi and a Jewish person in a room every day (or on a Zoom call or whatever) and expect something productive to happen? Well, no. It's a ticking timebomb. If you have an organization with multiple employees, they'll have to be people who can work together. So as a workplace, you need to either rid your employees of their discriminating views or rid yourself of employees who cause problems.
If they can be professional, yeah? I have diverse private interests that don't really get mixed with work. Don't see why my political interests should. I've worked with people I don't personally like. It's more tiring since there's less chit chat but the work gets done all the same.
The employee in question did not keep these beliefs private, and posted publicly (and not hiding behind anonymity) about them. They were also a public figure as the "GNAA" president, a hate group, a position they took over from Weev, the Stormfront administrator.
Is this fictitious Nazi working with a fictitious Jewish person acting on those views or discussing them at work? If not then why should their employer care, and why should we actually support the idea of workplace discrimination?
> Is this fictitious Nazi working with a fictitious Jewish person acting on those views or discussing them at work?
There's a reason I say "ticking time bomb" in my comment. Hypothetical Jewish person keeps kosher for instance. Is that "acting on" being Jewish at work? What about wearing a yarmulke? If that is, how do you rectify it? If you allow yarmulke, is a swastika armband okay? Both are clothing choices depicting "views".
I don't care what religion or political views they have. Its a workplace, if either person can't check it at the door then that's the problem to deal with.
Honestly its pretty insulting to both of the people involved for you to assume so strongly that they couldn't be professional that (a) you never give them the chance and (b) you chose to hire only the one who you agree with (or disagree with the least).
the people talking to you are talking about something very different than simply "political beliefs that you disagree with"
the appropriate level of capital gains tax at the 80th percentile is a political belief that you can tweet about in your personal time and allowing there to be a civil relationship with your colleagues in a professional environment. this is a political belief that reasonable people can disagree with.
asserting the supremacy of the white race is not a political belief that you can tweet about in your personal time while still allowing a civil relationship with your colleagues in a professional environment. this is not something that reasonable people can disagree with.
> Would you put a Nazi and a Jewish person in a room every day
Today's Nazis have more diversified targets for discrimination. Concentrated antisemitism was a side effect of the personal issues of the most famous Nazi exponent in history, but they're more about racial supremacy. Today they might be Islamophobic more then antisemitic.
To answer to your question, their thoughts and views don't matter in the office, their behavior does. You can deeply dislike a colleague for various other reasons too but the effect is the same. I don't want to be fired because I unilaterally hate, or even love, my colleague. As long as I don't act on it, that is.
I know people working together in the same office where one's grandfather was in the Nazi military guarding one camp, the other's was a civilian killed in that camp. Whatever their deep feelings, they mind their job as expected.
What counts as acting? This employee was openly self proclaimed Nazi, member of groups that spread explicitly Nazi ideology online, and the leader of a hate organization (previously led by Weev, the Stormfront administrator, who handed over the president position to them). I don’t understand quick defense of this.
Acting is doing something, as opposed to saying something. One of them counts as freedom of speech and hint, it's the one you quickly attacked. It's when you go to work and do your job as per the contract which can demand you not express certain opinions in the office but not in your private life.
> I don’t understand quick defense of this.
You are like those people who gagged Kimmel because they didn't like what he was saying. You will quickly defend firing people just for saying they support abortion rights (which is illegal in many states), or LGBTQ+ rights. You playing the "you defend Nazis" card works both ways. Just like you taking away freedom of speech works both ways. I wonder if choosing a German name was intentionally ironic.
I don't have to like a guy or his opinions to defend a bigger principle.
This employee organized and led explicitly Nazi ideology hate campaigns. Freedom of speech applies to government. I still don't understand the need to hire organizers of Nazi hate campaigns that advocate for extermination, or (maybe you accept this though) for the responsibility of the public to avoid criticism or organizing boycott of businesses for hiring individuals that publicly advocate for exterminating them. The issue isn't illegality, or advocacy for anything in general, but public advocacy for extermination (of Jews, black people etc.), understanding that a government does not make that illegal (which I didn't advocate for changing).
The username is irrelevant and older than CloudFlare hiring Nazis
This is a serious accusation. What exactly is your evidence that they did any such thing? I can find nothing relevant in a search, only stories about the Neo-Nazi sites getting blocked.
It's both. In allowing Cloudflare to grow so big, we now have one huge universal button for governments to push. If instead all of these customers were dispersed over hundreds of different services from different countries, good luck with trying to keep them all in line with your specific country's whims.
Worse, governments can also just block Cloudflare's IP ranges wholesale - because Cloudflare is used to launder IP addresses for sites with shady and/or illegal content.
Legitimate sites get blocked too, but most governments probably won't care.
Isn't this an argument in favor of centralization? Right now, those legitimate sites include many government websites which means that most governments do care. You know what IP block they definitely don't use? A tiny provider for DIY blogs or whatever.
So, interestingly, the places that actually did the worst in the Holocaust were generally the places where there were the least legal structures--even though you would expect it to be worst for Jews in Germany, it was often Poland and other states that had all legal structures and civil institutions destroyed who had it the worst.
For example, recently certain big corp ask me to verify something. I clicked on the link in the E-Mail and it was suck on Cloudflare the click button over and over again. No matter how many times I clicked.
No, it's a common issue. A bit of traffic is always misclassified and one day you'll be the unlucky one. And there's nothing you can do about it beyond trying different device on a different network.
No VPN (unless your ISP is extremely shady, then do use a VPN or change ISP), no overly zealous adblock (ublock origin on default settings should be fine), no JS blocking / weird privacy extensions / whatever, nno PiHole, just what your average, relatively tech-savvy geek would use.
HN readerships's problems with Cloudflare are mostly their own fault. "normal" internet users don't have these problems[1].
[1] except for people in specific countries, and I do feel sorry for those.
>[1] except for people in specific countries, and I do feel sorry for those.
Normal people also travel, and ended in those said countries sometimes. Which is the time when you need these things to work from any kind of connection.
Hmmmm, it's rare that I'll bite, but in this instance, I just have to
> You need to become more like a "normal person."
Isn't in inherently problematic that there is even a definition of a "normal person"? Who gets to judge this? Why do I have to conform? This immediately creates in-groups and out-groups. We should all know better than to allow this to happen. Classification is fine. Probably even needed to help with inclusion. Restriction based on classification can very quickly become problematic.
> No VPN (unless your ISP is extremely shady, then do use a VPN or change ISP)
That's all ISPs by now. You should never just trust any authority logging what you do. What is fine today might not be fine with tomorrow's government and those logs (as much as some might pretend they are not) are permanent.
VPN bans will start to pop up all over the place soon and everyone half-paying attention knows why
> no overly zealous adblock (ublock origin on default settings should be fine)
And what is the definition of overly zealous? Chrome has already dropped support for ublock, more or less. Adblocking is directly hostile to the data-hoovering machine. That should be enough reason to use very restrictive adblocking. I am using every filter list there is with Firefox on Linux. Cloudflare's checks are basically always fine. ReCaptcha, however, is a nightmare.
> no JS blocking / weird privacy extensions / whatever
Well, most of the web doesn't work when blocking JS outright. So I guess we've lost that battle. Though I'd argue that things like reader-mode and the ability to just get text content is pretty important to quite a lot of people still, especially those with disabilities. I don't understand the derogatory tone used when calling privacy extensions weird and the 'whatever' part is just a flippant dismissal of an entire ecosystem of extensions and applications that have a right to exist
> nno PiHole
PiHole is soon going to be the only way to protect yourself, considering what Google is pushing for with manifest v3. I don't yet use it, because it's a pain in the ass, but I'd rather have less internet and more control than vice versa
> just what your average, relatively tech-savvy geek would use.
Why do you think that you should be the one to define what or who that is? Furthermore, why should anyone be given that right?
What are we really losing by allowing people to have custom setups vs. what are we losing when we don't?
> HN readerships's problems with Cloudflare are mostly their own fault. "normal" internet users don't have these problems
This reliance on the definition of "normal" is problematic, for the aforementioned reasons. You don't know what normal is and having a gate-keeper of this definition will lead to ever-smaller circles of people falling under that definition, until one day you are no longer normal and then what?
> [1] except for people in specific countries, and I do feel sorry for those.
Get ready to feel sorry for yourself in the near future :)
Nearly any company under a government's jurisdiction will comply to a legal order to censor content, especially if its done in the claimed goal of protecting children.
Those companies that don't comply will be shut down or targeted in some way if the legal order had any political teeth behind it.
There's no way around that unfortunately, short of limiting government power in the first place so such an order would never be lawful.
The problem with Cloudflare is that it does business everywhere, so it has to appease all governments.
If you're a news site registered in the US or a porn site registered in Canada, with relatively few ties in other countries, you have far much less pressure to comply with unreasonable demands from India or Bahrain. They just don't have that much leverage. If you use Cloudflare, they can put the pressure on Cloudflare instead.
To make matters worse, some governments will demand worldwide removal / blocking of certain content they don't like.
This is what makes the internet so weird and pre-internet intuitions about how governments work so treacherous.
in other words, i was trying to imply that the only way to prevent gov't overreach is to continue developing technical solutions which are distributed and decentralized, so that there's no single button for which the gov't could press for removal of these fundamental rights.
Yes, it's unfortunate that a network service provider whose primary business model is checks notes preventing network abuse would try to detect and prevent abuse via various heuristics such as captchas.
I also agree that Cloudflare should get all the blame here, since none of their customers voluntarily chose to use them, and Cloudflare doesn't give their customers a huge variety of options for bot detection sensitivity.
Matt Prince personally kidnaps CTOs and waterboards them until they agree to use Cloudflare, and the thousands of configuration options and rule combinations on the WAF are just for show - customers can't actually use them.
So far Cloudflare have generally been good guys on the web. They're in an incredibly abusable position, but so far have refrained from doing that.
So far.
The problem with Cloudflare is that institutions change over time. It's a slow process, doesn't happen overnight, but it does happen to almost all of them sooner or later. Building institutions that stay good is one of the big unsolved problems for humanity.
The problem with Cloudflare is what happens the day this good guy MITM:ing half of the web is no longer a good guy. We need to at least have a plan for dealing with this scenario, because otherwise this could get very ugly.
I've got a treat for you, cloudflare's business model moved heavily towards crime as a service during the last decades, including DDoS botnets that host their own CnCs behind cloudflare, while themselves even relaying cloudflare DNS data to DDoS cloudflare instances itself.
The guy behind Crimeflare, when it was still available, tried to accumulate a dataset by running his own resolver, which filtered out domains in the zones of cloudflare's known ASNs.
This was actually also part of a lawsuit against lieferando (takeaway) because they're registering domains of restaurant owners and blackmail them into using their delivery service, after they already registered the Google business entry with that cloudflare domain to a call center of Takeaway, so the actual owner of that restaurant has no chance in terms of SEO and google searches that people would find them again.
You can probably safely assume the 3-letter agencies are snooping on this data. It is and has always been very hard to resist government pressure. Happens all around the world, China, Russia, EU; all the geopolitical players find various means of eavesdropping where they can.
Also likely part of why ECH is taking such incredibly long time to see widespread adoption and why it's still quite a shit solution to SNI. As it stands, anyone with network level access can see which websites you are visiting, despite HTTPS.
The internet is worse for me with Cloudflare. I'm using a cellphone router for my internet. My guess is I don't get a dedicated IP and probably behind a NAT with other users. 85% of my request needs me to solve a cloudflare captcha. on bad days I have to do this easily 100+ times.
It is not Cloudflare's fault. It means the website operators were so fed up with bots and bad actors that they just applied a carpet ban and called it a day.
Thanks to Cloudflare I was able to reduce my website load threefold and downscale my VMs and my monthly cloud bill, and seeing how 50k daily requests were shown CAPTCHA and not even tried to solve it makes me terrified of running anything without Cloudflare.
Don't blame site owners and service that is trying to help them. Blame the fact that 90% of today's Internet traffic is bots
If I click on a search result and it shows me a CloudFlare CAPTCHA I leave. Immediately and permanently. I get what you are saying but also you will not get a dime from me if I have to waste my time solving a CAPTCHA prompt that half the time is so broken it just gets stuck in a loop.
I guess whatever revenue you lose you make up for in a lower hosting bill. I just go to your competitor that doesn’t have the horrible UX. Usually those websites also tend to have much more optimized web pages too so it is an all around better experience.
Of course it's cloudflare's fault. They monetized and scaled a service that blocks humans from interacting with websites.
They're also essentially a deanonymization reverse proxy that can track everyone's browsing history and decide whether you get to see websites based on social credit.
That I'm not so sure about. If they get too block-happy they'll lose customers.
But I don't think they care if they block firefox users, or people who delete cookies, or VPN users, or Tor users, or people who resist fingerprinting, or people who block ads, etc.
It's cloudlare's fault that it's so common to have very overzealous blocking. Site owners need access to bot protection but that doesn't mean highly flawed protection gets to be blameless.
> It means the website operators were so fed up with bots and bad actors that they just applied a carpet ban and called it a day.
Many of my websites get 98% of their traffic from bots and bad actors, but it doesn’t really matter because the extra load of all these fake requests is absolutely negligible. I have a hard time understanding how someone would be bothered by an extra 50k requests a day. That’s less than a request per second. Most of the sites on even the weakest VM’s can easily do 10r/s these days.
But what's the counterfactual? People use cloudflare because they want protection from ddos attacks and bots. If cloudflare didn't exist there would probably be similar measures.
Businesses want to protect the continuity of their business operations, and to that end they buy such protection as a service, from a business that managed to MitM half the Internet in order to provide such service.
Point being, it's a commercial subverting the Internet from inside, reshaping it to better serve the interests of commerce. It is indeed protection, but it's accomplished by reducing variance. 99% of legitimate commerce on the Internet follows the same patterns, use a small subset of possibilities offered by the technology - so why not just block the remaining 1% that doesn't fit and call it a day? It will stop most of the threats to running businesses on the Internet. The 1% of legitimate commerce that doesn't fit the pattern? It's not being ignored per se, just pressured to adapt and conform to the majority.
What is being ignored is that the Internet is not just a place of commerce, and non-commercial use cases, ideas such as empowering people to better their lives, are gradually becoming impossible, as fundamental Internet infrastructure becomes inhospitable for them.
Some of us still remember the Internet being more than just a virtual mall, and are unhappy about it gradually becoming one. And it's not like CloudFlare, et al. are hostile to non-commercial interests as a matter of principle - it's just out of scope for them.
I actually think that Cloudflare has made publishing on the internet _more_ accessible for many individuals. I’ve helped a few people get personal websites running on Cloudflare pages and run my own there—it’s free and extremely easy. They could obviously pull the plug at any point, but with static sites it’s easy to avoid lock-in. If it weren’t for Cloudflare and other services that give free, easy hosting, I suspect there would be even fewer of the non-commercial small-internet sites that you value.
There have been places that host personal and hobby websites for free for at least the last 30 years. Some older ones have left, and newer ones keep coming along. Cloudflare didn't make this any more accessible.
Your first paragraph summarize why businesses want to use Cloudflare and how it helps them maintain their business.
Your second paragraph talks about other (non-commercial) sites. I think I'm missing the link here. Why would the admins of such sites resort to Cloudflare if 'fundamental Internet infrastructure becomes inhospitable for them' by making that choice? They could very well choose to implement their own or no measures at all.
I think the issue is that the general threat level has massively increased compared to the past - not in terms of sophistication but frequency/scale. But that's a consequence of widespread adoption, nothing Cloudflare in particular is responsible for.
> Why would the admins of such sites resort to Cloudflare if 'fundamental Internet infrastructure becomes inhospitable for them' by making that choice? They could very well choose to implement their own or no measures at all.
Marketing and free tiers.
But my point is that Cloudflare is addressing threats that predominantly affect businesses, and does so well, but the way it does is effectively changing the whole Internet to be more hospitable for commerce, and less hospitable for any other kind of use.
I don't know what kind of internet you used but mine didn't randomly decide to block my access to a website because some quasi monopolist decided I wasn't allowed to use a certain website for intransparent reasons.
Being blocked from a web site and having to hit a little box are two different things. Are you talking about the former or the latter? If it's the former ... that has literally never happened to me unless I'm on a VPN and even then it's rarely (if ever) CF that's doing the blocking.
If it's the latter then it reflects the sad truth that we can't have nice things anymoret. I have lots of problems with the accessibility of that box, but either Cloudflare would be implementing it, somebody else would be implementing it, or a huge chunk of data would be unavailable to you anyway because of accidental DDoS attacks caused by irresponsibly deployed bots.
It was implied that the "let's check you're human" didn't do a good job at that, causing the block - without a VPN. Meanwhile, certain bots just circumvent it (there's even a couple of videos showing robot arms/fingers prove their humaness) while legit users, even coming from Tor, get blocked. That's the internet I used to know. (I am not in the "everything was better" camp though.)
I can’t book a table at a local restaurant without calling because their resy link is behind Cloudflare and Cloudflare has decided that my up-to-date Firefox is out of date and therefore can’t pass the challenge. In reality it’s more likely that one of my ad blockers is stopping it from doing what it wants. It doesn’t even let me hit the box.
> "Never happens to me means never happens to anyone"
I see your point.
> Also it's quite amusing what if you had got hit with an infinite captcha here then you couldn't post your comment.
And you couldn't have hit me with that sick burn ;)
Seriously though I see where you're coming from in that I was implying that there must be something wrong with the original person's set-up that causes this, and that is not the case.
The thing is that while there's plenty of complaining about CF's approach nobody is offering a better alternative.
The thing is what CF essentially became a monopolist and if for whatever reason you are on the CF's naughty list you are essentially blocked from a lot of resources even if the resource itself pretty fine with you. And yes, there are no alternatives because guess who isvthe first one both in Google's top search and word of mouth?
Due to implementation chosen by Cloudflare, allowing Cloudflare also allows the proxied website to run code, because Cloudflare blends with it, but why the proxied website should be trusted if the challenge is served by Cloudflare?
That's like saying that you're blocking yourself when installing an adblocker.
No, it's for safety and hygiene.
> Seems really disingenuous to imply it's someone's fault
That's because it is. I didn't make the web and I don't work on websites. But I have to deal with it because some fucking dumbasses decided they wanted to save some server cycles by offloading all the hard work onto the client and ruining internet safety in the process, while also offloading the cost of power and performance onto users.
So if disabling javascript is what's needed to keep my safety? So be it. If it breaks some asshats' websites, then they're websites I don't want to use anyway.
Sure, the restaurant down the street chose to protect themselves against the likely risk of their competitor running DDoS against their website instead of their website agency getting a kickback out of a cloudflare partnership.
CDNs always existed IMHO. The world before cloudflare was just much more hidden. In general I find their take at the typical cloud business from a network perspective mostly refreshing.
However, I guess they have become the major player now and certainly try to optimize the world towards their business model.
IMHO it needs other enterprises entering the competition. Maybe it could be new more software defined mobile network providers offering edge compute. Maybe data from IoT could never enter the Internet and we could have some confidential computing power when we need it for our IoT stuff. Maybe we could get a more decentralized Internet again...
> However, I guess they have become the major player now and certainly try to optimize the world towards their business model.
I don't think that's it, and I think the explanation is much more simple and straight-forward.
Cloudflare established a very successful business model around a straight-forward, very transparent, no-bullshit CDN. Now, they started offering other cloud services build around their CDN. Cloudflare Workers kind of extend their CDN pipeline to allow clients to run arbitrary code to customize caching logic, but it turns out their function-as-a-service model is exceptionally good, and higher-level services like email are a low-effort way to meet existing needs.
> had they not been VC funded and given away free service I suspect many would still never have heard of them.
What does this purity test accomplish? that's just how things work in this industry. Can you name a company that has innovated on their scale that hasn't taken VC?
I'm not entirely aware of all their products, but just thinking about a CDN, isn't that in many ways kind of fungible? Is it really that hard to migrate to your big cloud co's CDN (CloudFront, Google Cloud CDN) or the several other large competitors without an immense amount of work?
Like what? Give an example. I'm struggling to think of something they offer that is particularly unique and not offered by the other public clouds or several SASS companies.
It's not the specialization around hosting that's the problem, but that entities running CDNs realized they're in a privileged position in the network, and decided to capitalize on it.
That's not what CDNs are for.
They exist for primarily two purposes: a) speed up video loading for end-users, and b) anonymize IP addresses and routes for businesses.
Cloudflare built a business around b). This doesn't save on hosting costs, only lowers some operational and legal risks.
I still believe that CloudFlare means well, but that doesn't mean that I agree with the increased centralization. This isn't the fault of CloudFlare, they are just exploiting a business opportunity and as you say: At least they're not selling ads.
It is a legitimate business, from my perspective. I'd just wish we weren't in a situation where CloudFlare isn't exactly struggling to sell their services.
> I still believe that CloudFlare means well, but that doesn't mean that I agree with the increased centralization.
I'm perplexed by this sort of comment. Cloudflare doesn't even feature in the top 10 of cloud provider market share, and the number 8 spot already reports 2%. And here you are, complaining about Cloudflare and centralization.
Furthermore, AWS is by far the biggest cloud provider, reporting around 30% market share, and I don't see AWS being referred as a concern.
> At least they’re not selling ads using your data.
Yet. Since it's an american company with an ever-growing influence, I dread and expect that to change, among other things, down the road. I assume the three-letter agencies also already MITM the traffic.
Blocking access to everyone or to scraping crawlers?
They have detailed stats about the behavior of all visitors, including how bot-like they are and how likely they are to scrape your (their users’) content.
That’s exactly the part that people forget: all these policies are decided to be applied by the website owners. It started with DDoS blocking and they just extended it to more things.
I feel like people here are forgetting the fact just how hostile bad actors on the internet are / can be.
That brings up opt-in vs opt-out tho, and last time I looked, Cloudflare defaulted to automatically signing website owners for it. That is to say, if you just mash next, Cloudflare blocks "AI", whatever that means.
We said the same thing with Google, "Don't be evil", "They are better than MS", now here we are, Google, became something that doing everything to squeeze every data off us, so that they can sell them to their partners.
And, anything that stops them from doing it, well, you are kind of erased from the Internet. The freedom we had, slowly becoming non-existent now.
Corporates have one and only one target. It is to make money. And this mentality, enables them.
> To be honest, the internet was worse without Cloudflare, so as long as they provide a good service for their customers, I’m fine with it.
Internet had problems before Cloudflare, but for the most part it was useable. Now, suddenly I've been getting IP blocked by Cloudflare on large swaths of websites. Cloudflare is a monopoly when you're a user trying to get to a website.
Amazon are no longer the golden standard of e-commerce. I think 5-10 years from today we're going to look back at 2025 as the year Amazon started to destroy itself from within. They are pushing AI to "update" and "optimize" product descriptions. It's already made art supply descriptions a mess and now I see the same thing happening in the music gear section. I noticed that I go to other sites to buy stuff I was planning to buy on Amazon, because I am not sure what I'm buying anymore on Amazon.
Same day shipping was always the norm here. Order something before 14:00 - 16:00, depending on where the company was on the route for package pickups, and you'd have your package the next day. Amazon has normalized multi-day / weeks shipping, so they've made it worse.
Denmark, there is no close Amazon warehouse, so shipping always suck. Not only is shipping times frequently a week or more, it's also overpriced and items are frequently less expensive from local online stores.
Amazons only advantage is it's massive selection, if you can find what you're looking for.
In the US, it's the opposite. If you order directly from the brand, you get multi-day or more often multi-week delivery times. Unless they are using amazon logistic and which case it's the same as buying off amazon - 0/1/2-day delivery times.
> To be honest, the internet was worse without Cloudflare, so as long as they provide a good service for their customers, I’m fine with it. This is one of those.
Who here remembers exactly the same being said by large swaths of the "technologist" community about Google starting the development of Chrome and Chromium?
It's usually good until it isn't. It's still a company that has to make profits, so when the moment comes when they have to chose between "making money" and "provide good service", we all know what choice companies tend to lean towards.
If you're a normal person in a country that Cloudflare considers "scammy" - your internet experience is very different from someone based in the US. Your personal online behaviour is irrelevant
If CF limited their clients to big businesses (just like Akamai and who else?) it might be less bad, but as it is, they're trying to get the whole internet including small sites on board.
> At least they’re not selling ads using your data
Sounds great, until a new CEO steps in. Any company is exactly one (or more often zero) CEO away from doing whatever they want (within legal constraints) with their business, in order to fulfill their fiduciary duty (and greed).
I am genuinely curious what protections are in place to ensure that? What is the plan after you are gone?
It looks like you have voting shares with 10x the power of institutional investors, but activist investors aren't dumb either.
My biggest fear of Cloudflare has always been that one day you'll get hit by a bus and someone will figure out that merging Cloudflare with an ad network would create so much more shareholder value. The road to hell is paved with free DDoS mitigation, so to speak.
Huge fan of Cloudflare here actually. It’s always such a breath of fresh air compared to the heavyweight configuration hells like AWS. And for doing super convenient stuff like make node:http work on cloud functions recently, but guess only certain DevOps guys realize how cool that is compared to other FaaS wrapping ceremonies.
Too bad you don’t hire senior folks in Germany currently, would probably join in a heartbeat for emotional reasons alone. Keep going, lightweight features on a tap and solid reliability over years is exactly what I need and want at least.
At least Brian Thompson wasn't complicit in helping the IC conduct bulk violation of the fourth amendment rights of the entire country, unlike you. He was just a greedy bastard. Your actions, on the other hand, render you a traitor and a threat to the democratic process of the country itself.
> Google is in a perfect position to compete but they don’t, so it’s not like Cloudflare is a monopoly or something.
Not to comment on whether they're actually a monopoly or not (since idk much about CF's market share, except that it's big), but how does this prove they aren't a monopoly? If anything, it'd work as evidence to prove that they are.
You could run this business like a protection racket, to drive demand to your service, where you can then provide unencrypted traffic of much of the Internet to other parties.
I think the point is to keep them in that mindset, and that requires competition and some counterbalance that won't be there is everyone just moves to Cloudflare.
Cloudflare acts as a proxy for dynamic content, thereby slowing down the internet.
Their existence (and success) suggests a lack of infrastructure or solutions (ie. DDOS, CDN) from data centers on their own and by default, what is... sad, as if the data centers were falling asleep without adapting to the times.
Soon we may have this picture: User > ISP > VPN (or proxy) > Cloudflare (proxy) > Server.
Intermediaries are slowness... and in the case of Cloudflare sniffing if they want (if they manage the TLS certs).
Cache of static content, ie. images, css, js or an static html, the CDNs purpose, to shorten location.
At moment you serve dynamic content, you are literally redirecting the request through an intermediary server (from Cloudflare/Homologous to the original server and come back, they are acting as a proxy).
This results in a slowdown of the internet. In fact, it's easy to tell when a regularly visited site has changed and put Cloudflare in between, because it takes longer to load.
> It also keeps hackers from knowing origin's ip which is nice.
Only if you put extra care trying to hide tracks. But certainly it keeps script kiddies from knowing origin's ip, what it is the only one nice feature.
Datacenters should deal with this, but their passivity over the years seems to know no bounds.
CDN (can't say specifically about Cloudflare but that's true for other) may allow picking faster routes than BGP (BGP tends to optimize cost rather than perf), sometimes better compression than Origin on the path, and fast handshakes at Edge with already hot connections towards Origin.
Edgecomputing can also help accelerating dynamic content.
I believe you that this is your experience, but this is not the case in general. Cloudflare will generally result in a faster experience for a correctly configured setup. That's kind the whole point of using them.
There are other services, but CloudFlare is too well known. They're close to monopoly in the DDoS protection business unfortunately. But we still have a choice and for long-term success we should be choosing other companies where possible.
If Cloudflare is so vital to the internet, it should be nationalized for the public benefit as having a private entity with so much control over the internet is not a good thing. Corporatized control of the internet should not be encouraged.
I trust a corporation more than I trust the nation you want it nationalized in (America?)
EU maybe. But yes I don't want cloudflare to be part of america after patriotic acts and all the dystopia.
Honestly, cloudflare is not so vital to the internet. Like, The only thing its gonna be a problem if they stop working without giving any way to migrate. Then yes, its gonna be a bit of problem to the internet.
Really? Try distrusting CF certs, and see how much of your internet activity breaks. CF certs should be distrusted, because it's MITM by definition. At the very least, I'd like an addon that makes the URL bar bright red, so I know my connection isn't secure.
Yup, I also meant the same when I was writing my comment and although I agree about regulation, the thing is, that I don't even trust that aspect...
Also, I know that there are sometimes where cloudflare sits in the middle between your servers and your users for DDOS protection, and so yes theoretically its a point of interception but given how their whole thing is security, I doubt that they would exploit it but yes its a point of concern.
On the other hand, if something like this does happen, migrating can be easier or on the same level if something like this happened on like AWS.
But cloudflare still feels safer than AWS y'know?
That being said, I am all in for some regulations as a public utility but not nationalizing it as the GP comment suggested. Just some regulations would be nice but honestly we are in a bit of tough spot and maybe it was the necessity of the internet to have something like cloudflare to prevent DDOS's.
Hm, you raise good points but I just thought when I was writing that comment, that if there was even a single case of somebody using that MITM then that would just make everyone leave cloudflare and find either other mechanism or something else that's safer for sure.
I think that cloudflare is used by most as DDOS protection and so they still have the servers.
There are also cloudflare workers and pages but even migrating them is somewhat doable as I think that cf workers have a local preview option somewhat available in their node etc., so you could run it locally somehow.
Sure its gonna be a huge huge problem but something that the internet might look past of (I think).
Honestly, I kinda wish that there was a way to have something like how the tor onion links work in the sense that the link has the public key of the person running the server and so uh, no matter if its cloudflare serving the link or something else, its still something that can't be MITM'd for the most part.
Am I right in thinking so? Sure, its gonna make the links longer but maybe sacrifices/compromises must be made?
The EU is quickly becoming a dystopian nightmare with age verification, mandated encryption backdoors, and generally an extremely invasive form of government. So no thanks.
No thanks to this level of evaluation which doesn’t even rise to “analysis”, it’s just a word salad association that picks two hobby horses and pretends they represent the apocalypse while ignoring all the measures on which many EU participating countries are producing quality of life and personal freedom at outlier levels.
Lets just hope that EU doesn't add that age verification thing or those Cert based things which is controlled by the govt.
My opinion is simple, age verification won't work unless they block VPN (something which UK wants to do/ is doing) and that sets a really really bad precedent and I doubt if its entirely possible without breaking some aspects of internet or complete internet privacy.
EU in aggregate is net positive but it still has some things which are kinda flawed regulations that are a bad precedent, but germany kinda blocked the verification thing iirc so there is still a lot of hope and EU does look like its trying its best but I think that it can do just a bit better if they don't think of age verification or some other stuff but that's just my 2 cents.
This was why I added "maybe" tbh. They are one of the best options but even they aren't thaat good. Like its questionable I think and needs a much bigger debate
What quality of life improvements? I seriously hope major tech companies pull out of the EU market altogether instead of complying when client-side scanning is mandated. Then you can come back here and brag about how great life is in the EU.
I would say if the political environment pre 1980s was still in existence that might be true. Today that would just mean the entire thing would unravel as it ate its own tail in the race to the bottom environment we are currently in.
You can create democratic policies to thwart this. Even something as basic as nationalizing Cloudflare then forcing workplace democracy provisions on it would probably do more good for, not just the Cloudflare workers, but society writ large.
I can't imagine what a court case about whether the US president has the power to unilaterally dismiss officials in executive-branch agencies could possibly have to do with this.
At least you're referencing the United States in 1934, though. Things were very dysfunctional politically in the US at that time, but not nearly as bad as what was going on in some other parts of the world.
> can't imagine what a court case about whether the US president has the power to unilaterally dismiss officials in executive-branch agencies could possibly have to do with this
Seriously? You don't see the relevance of independent agencies to this discussion?
And the dynamics of inter-branch checks and balances within the US federal government aren't directly relevant to the question of whether the federal government as a whole is a reliable institution in the first place (nb: it isn't).
> the dynamics of inter-branch checks and balances within the US federal government aren't directly relevant to the question of whether the federal government as a whole is a reliable institution in the first place
You don’t see a reliability difference between a self-moderating and unmoderated system?
> You don’t see a reliability difference between a self-moderating and unmoderated system?
I don't see there being a distinction between the two in the real world. An institutional system's behavior largely determined by the incentive structures that actually exist on the ground, irrespective of initial intentions or de jure rules.
An institutional system that is expected to self-moderate is one where the motivations that inform its primary behavior are the same ones ultimately informing its self-moderation -- i.e. it's functionally equivalent to an unmoderated system, just more pretextual rationalization.
> Do you see any value in QC?
Sure. But I don't see much value in a QC process that's administered by the same people or judged against the same metrics as the thing it's QCing.
I'd love the equivalent of QC to be applied to both legislation and administrative rule-making in our current system. Maybe with the Loper Bright decision, the courts will gradually resume responsibility for doing this properly. But the capricious and arbitrary nature of the current administration is revealing the extent to which checks and balances are already eroded, and just what an uphill battle that's likely to be.
The entire political system in its current state is riddled with perverse incentives, and the mechanisms of external accountability are totally broken. Even with inter-branch checks and balances, the federal government in its current form is simply not trustworthy.
I don't think there has ever been a perfect time but I also think there has been an ever increasing weakness in the governments desire/ability to enforce regulation roughly since that time period.
I mean the reconstitution of AT&T was one of the IMO the biggest middle fingers to the public I've seen. It was broken up because it was a bad actor and now its back again as a worse than ever bad actor. That was kind my wake up call. I'm sure there is worse though that I don't remember because it was not tech related.
I could be wrong I'm not a huge politics person. Either way I don't think any response to me invalidates my opinion that the current government would not do a better job than cloudflare currently is.
To make sure I understand, your position is that anything vitally important to the internet should not be under the control of a plurality of institutions subject to heterogenous incentive structures, but instead should be under the centralized, monopolistic control of a single institution that is perpetually compromised by perverse incentives and ulterior motives, whose mechanisms of accountability are mostly performative and demonstrably broken?
I'm not sure that sounds like a good idea, if that's what you're saying.
My position is that if something becomes critical it should be under democratic constraints in a democratic society and not private enterprises that have no forms of control by the populace.
Maybe if Cloudflare had workplace democracy my concerns would be different, but they don't and wield too much power.
If it also helps I also think 99.99% of big tech should be broken up into separate, probably a few 100, different companies.
So yes, anything vital for the internet should be controlled by the people through democratic norms, institutions, and values rather than dictatorships by those with money over those with none.
No such thing as "democratic constraints" or "democratic society" at the level you're discussing. Democracy is an imperfect safeguard against certain types of extreme dysfunction of the political system -- a necessary one for sure, but not nearly sufficient to make the institutions it applies to trustworthy with monopolistic control over other aspects of society.
Everything reduces to specific people acting on their a priori motivations in bounded contexts, and any system of centralized control is guaranteed to enable expressions of the worst motivations of the people involved. The distinctions you're making -- "private" vs. "public", "corporations" vs. "governments", etc. -- are fundamentally meaningless.
There are no "democratic norms", just norms adhered to by specific people and the factions they form, contesting against each other for power over others. Performative "democracy" is often just cover to allow the currently dominant factions to function as "dictatorships".
Decentralization and individual autonomy are the only solution to the problems you rightly care about, but what you're proposing is literally the opposite of that.
Google is in a perfect position to compete but they don’t, so it’s not like Cloudflare is a monopoly or something.
At least they’re not selling ads using your data.