ExTwitter’s Brazil Ban Evasion: Cloudflare’s CDN Becomes Latest Battleground
from the cat-and-mouse dept
Update: Annnnnnnnd… Cloudflare has already said it will isolate and block Brazilian IP addresses from reaching ExTwitter. Original story below.
It appears that Elon has decided to take the Brazilian hornet’s nest he’d already kicked over the last few weeks and start slamming it with a baseball bat. It’s unlikely this will end well.
I’ve been pretty clear that I don’t think either Elon Musk or Brazil look very good coming out of the fight in which ExTwitter got blocked in Brazil. The process Brazil used, while legal in that country, has some deeply problematic components regarding due process and a lack of transparency. But, at the same time, Elon’s method of handling the situation also lacks both basic diplomacy and consistency.
Musk has made it clear that he’s fine bowing down to government orders to reveal information or to block users. Indeed, he’s insisted (stupidly, but whatever) that he thinks free speech means whatever the country’s laws allow:
Just a few weeks ago, he reiterated that stance as he was fighting with Brazil.
Of course, Elon was willing to obey similar orders from Turkey and India. It’s only when he disagrees, ideologically, with the government of a country, such as Brazil, when he suddenly decides to pretend to be a free speech martyr.
Even then, there were likely better ways to protest the secret court orders that ExTwitter was receiving. However, Elon decided to continually mock and poke at the judge, Alexandre de Moraes. He posted memes of de Moraes. He made fun of him. He called him a dictator. He released what he called “the Alexandre Files” to reveal at least some of the demands that were sent to the company (though often without context).
There are principled ways to stand up for free speech and push back against excessive government demands. But it does not appear that Elon cared to bother with such an approach.
That said, Brazil’s approach has been problematic as well. There are serious due process concerns about a single Supreme Court judge being able to sign orders to block content, even if it’s possible for those orders to be reviewed by a large segment of the court at a later date. Furthermore, allowing a single judge to order a block of an entire site and/or the jailing of a local representative and/or the seizing of another company’s assets all seem problematic.
The fact that de Moraes’ original order effectively banned VPNs in the Google/Apple app stores (even if that was quickly put on temporary hold) should at least give you a sense as to how this kind of power has a high likelihood of abuse.
However, now it’s being reported that ExTwitter quietly put its service behind Cloudflare’s CDN, enabling people in Brazil to access it again, at least for a little bit.
A news release from ABRINT explains how Musk was able to outfox the country’s ban allowing people to access the platform.
It says the X app was updated overnight and the new software started using IP address linked through Cloudfare, which “makes app blocking much more complicated”.
“Unlike the previous system, which used specific, blockable IPs, the new system uses dynamic IPs that change constantly,” the news release states. “Many of these IPs are shared with other legitimate services, such as banks and large internet platforms, making it impossible to block an IP without affecting other services.”
The BBC says this is ExTwitter “outfoxing” Brazil, but it seems very unlikely to last very long.
The original order from de Moraes makes it pretty clear that all levels of infrastructure providers must stop Brazilian IP addresses from reaching ExTwitter’s services. I would imagine that, if it hasn’t already, Cloudflare will be quickly receiving a notification from Brazil’s Supreme Court that it needs to do something about this or face legal consequences.
I have no idea if Cloudflare has a legal representative in Brazil. However, that rep could face jail, since the Brazilian Supreme Court seems to enjoy putting tech company employees in jail. Alternatively, it could face fines or the nuclear option: banning all Cloudflare IPs in Brazil. That would create quite a mess for people in Brazil who want to use the internet, as a huge portion of the internet (including Techdirt) relies on Cloudflare for CDN services.
The most likely outcome is that either Cloudflare boots ExTwitter from its services or quickly works out a way to block traffic coming from Brazil from reaching the service.
Of course, this still isn’t great. I know some people who simply dislike Musk or ExTwitter will cheer on this result, but, again, consider what other countries are the ones that regularly ban apps and demand third party tech providers help them. It tends not to be the kinds of countries generally seen as big on freedoms: China, Russia, Iran, Turkey, Pakistan and more. Brazil has been big on freedom, and internet freedom specifically, over the years, so this situation isn’t great for anyone.
Either way, I trust that if Cloudflare does receive such a demand from the Brazilian Supreme Court, its response would be at least a bit more diplomatic than Elon posting AI-generated memes about de Moraes.
Filed Under: alexandre de moraes, brazil, cdn, elon musk
Companies: cloudflare, twitter, x
Comments on “ExTwitter’s Brazil Ban Evasion: Cloudflare’s CDN Becomes Latest Battleground”
This comment has been flagged by the community. Click here to show it.
ExTwitter is better than ever and Double-M only hates them because 1) Musk is rich and successful and 2) He’s compensated to promote BlueSky.
Not a fan of courts using hostages.
Re:
Agreed, but not a fan of unelected billionaires subverting entire countries.
Re:
I’m wondering. What hostages?
The whole process is completely lawful in Brazil and Twitter was given plenty of warns and time to comply, the court gave 24 hours initially but tried to avoid the ban for a whole week. Data from law enforcement agents and judges was leaked by some accounts criminally and posed risks to those people and their families and a takedown of the offending content and accounts was requested.
The article says Brazil came out looking bad from this but where’s the problem? The free speech issues can be discussed but Brazilian Constitution is different from the US and there are consequences for spreading hate and falsehoods. There was no overreach, the only problematic decision that was too broad was quickly corrected and would be promptly shot down by the rest of the supreme court if it stayed up.
Re: Re:
The jailing of a local tech executive to force compliance may be legal, but holding a person to force the compliance of another is hostage taking.
As to how brazil comes out looking bad, as the article notes:
“There are consequences for hate speech”, and when those consequences fall on third parties rather than the speaker, it doesn’t look good. When there are questions about due process, or how certain factual findings are made, that doesn’t look good.
Its a wildly bad faith strawman take to take “these legal actions brazil took look bad”, and focus your rebuttal on the idea that everything brazil did was legal.
Re: Re: Re:
Comparing this to slavery is dishonest. I do agree there were some procedural problems and this was pointed out by multiple sources here but slavery? Seriously? Orders to remove content directly advocating for the death and violence towards people or groups of people, to remove content calling for a violent coup and sensitive information that was putting not only law enforcement officers and judges but their families and people unrelated to the investigation conducted by the affected persons. All of those ignored. I fail to see how this is remotely similar to slavery. The legal aspect can be improved? Probably. But you solve this going to the Congress, not disobeying the court because the content deemed criminal here is not someone questioning slavery, it’s very problematic content being kept online. And the court tried for a whole week to contact the moron that owns the company to avoid a complete block.
As for the “hostages” issue, though luck. If you work at or to a company that is engaging in criminal behavior, it is publicly known and you have any degree of representation or power inside said company you will be caught in the middle. I expect most of the people you are calling hostages will be cleared soon (if they weren’t already). Surely the law can be tweaked to avoid it but comparing it to absurdities such as slavery laws is… absurd. We can and should question and improve the problematic parts that are there but this hardly makes this the problem to Brazil some are painting.
And honestly, with what has been happening in the US, I think things here are progressing in a much better way, regarding the far-right being held accountable for their bullshit.
Re: Re:
Yes or no. The whole process of slavery was once completely lawful in the US. Did that make slavery right?
A little more of substance to your text, the removal of fake or offensive content is normal in any country, Musk try to make this a vendetta of one judge, but is not, the Brazil have rules, and X just try to avoid the law, that movement is another one, they got ban, not only because he refuse to follow the law. But he remove all legal representation for Brazil, and we cannot let a company operate on the country without any legal representation that is the law
Re:
Be quiet, sweetie.
Re:
This is false. Lots of countries allow plenty of fake or offensive content. It is a sliding scale, but saying that “any country” requires “the removal of fake or offensive content” is false.
Indeed, your statement is “fake.” Should I be forced to remove it?
Techdirt does not have legal representation in Brazil. Should we be banned?
Re: Re:
For starters, there’s the United States.
This comment has been flagged by the community. Click here to show it.
Re: Re: Re:
Touché. Look at all the anti-Elon hate speech and anti-Republican disinformation you regularly post on this site!! 👌🏻
Re: Re: Re:2
Oh look, another “free speech absolutist” crying about other people having the right to free speech also!
This comment has been flagged by the community. Click here to show it.
Re: Re: Re:3
I don’t want that the autist be prohibited from posting disinformation and dumb anti-Elon hate speech.
Re: Re: Re:4
You have be a particularly stupid snowflake to think that pointing out shit Elon does is hate speech.
If we use your shallow gene-pool reasoning, every time you attack people for having an opinion about Musk’s brainfarts it’s hate speech.
I doubt that pointing out the obvious flaw in your reasoning skills will make you any smarter, it’s apparent that the opposite is the most likely outcome.
Now go eat some crayons or something more worthwhile.
Re: Re: Re:2
You tried so hard, and in the end, noting you said mattered.
Re: Re: Re:
FTFY. YW. 😉
Re: Re: Re:
And we have a nominee for VP and more who are attempting to incite pogroms in Ohio and nobody’s doing anything about it. Ain’t it grand?
Re: Re: Re:
And how is that working out these days?
Re: Re:
If some Brazilian user posts criminal content in the comments and you refuse to remove even after being notified? Yes.
But there are 2 points to be considered: first is you don’t need to have legal representation due to size and not having operations in Brazil, second the court would try to reach you via notifications to your government (diplomacy and all).
It wasn’t just a blunt ban.
Re: Re: Re:
Techdirt allows Brazilian users to login (Least ways, pretty sure it does, I am not from Brazil). Does that not qualify has “having operations in Brazil”? If not, what does Twitter do that qualifies that Techdirt does not?
Re: Re: Re:
Elon also did not have operations in Brazil once he pulled out of the country.
Re: Re:
Presumably, you aren’t seeking advertisers in Brazil i.e. “operating” there. Taxable revenue, and that sort of thing.
Re: Re:
Wait, what? The idea that moderation of content is normal in any country is false? Are you now arguing against Section 230, Mike?
Re: Re: Re:
Why did you remove the context Mike provided in his answer? Disingenuous much?
Re: Re: Re:2
You mean the context Mike gave by directly quoting AC in saying that the removal of certain content from websites is normal and made the false equivalence that said content removal is mandatory. It’s not either AC that’s being disingenuous here, it’s you.
Re: Re: Re:3
I’m the second AC, and I’d like to correct you slightly by stating that the AC troll you replied to is actually being more mendacious than disingenuous, as individuals like that tend to be.
Re: Re: Re:3
OP wrote:
Mike responded:
The follow up response to Mike:
The OP argued that “the removal of fake or offensive content is normal in any country” which is an objectively false statement which Mike rightly pointed out, and then he added context to why it is false.
The response to Mike was made by removing the context he provided, all to make a strawman to attack because nowhere did Mike say that moderation doesn’t happen at all. It is further evident that it’s a strawman because mentioning section 230 when we are talking about other countries have fuck all to do with how they moderate or not.
So yes, the response was disingenuous and so are you because the alternative is that you lack reading comprehension.
Re: Re: Re:4
Not really. Saying that moderation is not normal in any country (as Mike implied with his otherwording strawman) is saying it’s not normal in the US, and therefore Section 230 is not needed to protect moderation decisions. You accuse others of lacking reading comprehension, but yet can’t read the messages between the lines.
Re: Re: Re:5
This is what Mike said:
Which you translated to:
It’s quite easy to see who did the otherwording…
Re: Re: Re:6
Indeed it is, since the second AC quoted both the first AC in stating that removal of certain content from websites is normal and Mike’s response that that is false, and you put up a strawman by quoting Mike stating that countries allow fake or offensive content, itself a strawman, and creating the implication that the second AC was reacting to that.
Re: Re: Re:5
It’s not reading comprehension to imagine meaning that the writer didn’t write or intend.
Re: Re: Re:
Reading comprehension fail.
We are talking about the legally mandated removal of content. Not just the practice of moderation.
Everyone else was able to keep up, why not you?
Re: Re: Re:2
So, the trolls are correct. The Big Kahuna does lie sometimes.
This comment has been flagged by the community. Click here to show it.
Re: Re: Re:2
Which context you completely failed to provide.
Just because AC was the only one to respond to your strawman doesn’t mean they were the only one to pick up on it. As AC pointed out, the AC you initially responded to said that the removal of content was normal, i.e., occurs every day, and you response to say that is false and of course content removal is not mandatory. So not only did you indeed set up a strawman as AC pointed out very well, you’re now lying about having done so. So not only are you a liar, you’ve also become a troll on your own website.
Re: Re: Re:3
Let me help you out
I have emphasized three sections that clearly indicate this is a legally mandated thing, not a content moderation question.
So, just kind FYI. generally speaking, providing the basic subject of the conversation is not considered needed in the middle of an English conversation. So the fact that Mike didn’t spell out the obvious topic is… kind of expected. I would suggest polishing your English, especially reading comprehension.
Re: Re: Re:3
No. That’s not how context works. The context is in response to THIS POST, which is ABOUT GOVERNMENT MANDATES, the response comment was clearly saying that such MANDATES are common around the world.
Again, everyone else understood that context based on the story and the reply.
Why can’t you?
I didn’t need to “provide” the context. It was already provided.
Don’t be a fucking idiot.
Re: Re: Re:3
Yeah, this is a chronic issue where you seem to be reading comments in isolation rather than in a thread and following the flow and context of the comments. You keep trying to tell people they have a reading comprehension problem or that “actually the AC is right” because you’ve decided your limited understanding of the context or imagined implications are infallible. You seem to expect everyone to write you an essay with every piece of context that’s available in the preceding comments.
Re: Re: Re:4
Actually, it seems to be you and everyone else jumping into bed with you that seems to be reading comments in isolation since I read both Mike’s post and the post he initially responded to, and all the ACs calling him out are absolutely correct. Using otherwording, he created a strawman. In addition, he conflated multiple ACs, giving him a new status as a troll.
Re: Re: Re:5
Yes, it’s everyone else. You’re the only one who understands. You’re the main character of this story. Congratulations.
You agreeing with random ACs (who in fact might be the same person) doesn’t mean both of you are objectively correct. It’s been explained to you multiple times why you’re wrong and you’re just doubling down with your stubborn insistence that you know Mike’s mind better than he does himself.
You’re accusations are a confession. You’re inventing a straw man. You’re accusing people of saying things they didn’t say.
They are by definition anonymous, so you can’t assume you know for certain that they are all different people. Some of their posts feature patterns such as misspellings, tone, vocabulary that help in at least having a decent guess at which comments are made by the same people. For instance, you like to say “actually the AC is correct” a lot, so whether you sign a name or not, it’s likely we can identify you by this.
Even if he were provably conflating different ACs, that behavior wouldn’t constitute trolling. Apparently you don’t know what a troll is.
Re: Re: Re:6
So you not only conflate multiple different ACs as Mike did, but now also claim a named commenter is an AC. Enjoy your new status as a troll, Mr Wilson.
Re: Re: Re:7
Provide evidence that they are different people and I’ll concede the point.
I didn’t claim a named commenter is an AC at all. Quote me where I said that. Oh wait, let me guess, “it was implied.”
What exactly is your definition of a troll? Have you been on the internet for only five minutes?
Re: Re: Re:8
I didn’t claim a named commenter is an AC at all. Quote me where I said that.
That is what you said in response to me. If you don’t understand that claiming different individuals are one person, including one who is a named user, that provides evidence you’re a troll, and then to double down by denying the blatantly obvious only confirms it.
Re: Re: Re:9
1) That’s not a quote of me claiming that a named commenter is an AC, so you failed in that regard.
2) You quoted me making fun of you for pretending like you’re the only one who’s right by your arbitrary declaration. It’s unrelated to any claims regarding the sameness or identity of anyone in the thread.
3) You still didn’t provide any proof that the ACs are different people (which you can’t because they’re anonymous), making your claims unsupported.
4) You switched your claims here. You claimed previously that I had called a named commenter an AC, which I hadn’t, but now you’re conflating calling a named commenter an AC with calling all ACs the same person, which is a different claim. It’s obvious you don’t understand what you’re talking about.
5) But on top of that, you don’t seem to understand that people can use a name on one comment and be an AC on the next, so they can be the same person even if they’re named, so your entire premise is flawed.
Except even if it were true, it wouldn’t make me a troll. A troll isn’t a person who makes incorrect claims.
It’s blatantly obvious that what is “blatantly obvious” to you isn’t blatantly obvious to others. In a logical world, you would deny doing something you didn’t do. And you’d be able to, like I have, point out how that’s not true and demand evidence to the contrary, which you haven’t (and can’t) do. “Blatantly obvious” isn’t proof. Show your work. Quote me where I did what you claim.
Re: Re: Re:10
Nope, Walden is right. By replying, “You’re the only one who understands. You’re the main character of this story,” to Walden despite the fact that he wasn’t the only one who responded, you did indeed conflate him and multiple ACs. So you either lack the reading comprehension necessary to know what you said or you’re a troll, and I know which is more likely; both.
Re: Re: Re:11
Every accusation is a confession.
You’re the troll. You’re literally just trying to annoy people with intentionally contrarian comments.
I was only speaking to Walden when I sarcastically made that remark. I wasn’t talking to anyone else. Again, you can’t tell me what I meant or intended. You are not a mind reader. You are not an authority on other people’s comments.
Re: Re: Re:12
By the one who first said this in this comment thread, because to come back with this in place of a substantive explanation of your reasoning that repeated conflation and then doubling down is not trolling is a classic example of trolling.
Re: Re: Re:13
Look at the previous comments by me in this thread. They are quite substantive. You disagreeing with me or misunderstanding me is not a lack of explanation nor is it trolling.
Quote the conflation. You keep keep accusing but can’t provide any evidence to prove your claims.
When I told Walden that he was the only one, I was making fun of his comments alone. I wasn’t saying he was the only one who commented. If I did say that, you would be able to quote where I said it, but you can’t.
This is a loaded question issue. If you accuse me of being a troll despite your lack of evidence, my denial of being a troll isn’t confirmation that I am in fact a troll. Saying the equivalent of, “that’s what a troll would say,” is some middle school level logic. I’ve been a commenter on this site for something like 15 years. I’m not posting here to get a rise out of anyone. You’re an anonymous coward who just likes being a contrarian. You add nothing to the discussions at hand.
Re: Re: Re:14
I already did, but you keep simply denying it and doubling down. AC is right, you are a troll.
Re: Re: Re:15
“Why do you keep denying it when it’s not true?”
This is a weird argument.
I already refuted your quote. It’s not what you claim. I’m not going to suddenly admit to something that’s not true just because you’re insistent that you know my mind better than I do. This is narcissistic behavior.
Re: Re: Re:16
Again, Walden is right. You said:
But if you check the the comment that the quote was taken from, it was indeed you that said that. Or are you now trying to claim that the “Mr Wilson” tag is also used by multiple individuals? Remember: Lying is trolling. Quit lying and doubling down now.
Re: Re: Re:17
No, I never said that. And if I did, you could quote it, but you haven’t because you can’t.
What you quoted was “Yes, it’s everyone else. You’re the only one who understands. You’re the main character of this story. Congratulations.” I said that specifically to one person. I didn’t address anything about ACs in that comment. I didn’t say, “you’re an AC, named person.” More than that, it’s a stupid, meaningless thing to be arguing about.
But if you also notice the comment I was responding to, Walden stated: “In addition, he conflated multiple ACs, giving him a new status as a troll,” in reference to Mike. So Walden accused Mike of the conflation of ACs and trolling and then switched the accusations to me when I responded. And this is setting aside the fact that it’s Mike’s website. He’s not trolling his own website.
First, I’m not lying. I can and have proven everything I’ve claimed. Second, lying isn’t trolling. But I appreciate you pointing out that you don’t know what trolling is. The most commonly used meaning of trolling is posting comments with the intent to piss people off. I’m not doing that. You are.
You’re lying about what I’ve said and you can’t support your claims.
Re: Re: Re:18
That is what you indeed said in response to multiple ACs and one named commenter, as they have already stated. I guess you’ll carry on with your lying even though I provided the link to the original comment in which you indeed said this, though, confirming you’re a troll.
Re: Re: Re:19
Holy fuck, dude! Do you not understand how comment threads work?!? Every comment in a thread isn’t a response to the first comment in the thread or to every other earlier comment in the thread. People can and will jump in anywhere and say anything to any commenter in the thread without addressing anyone else. I was literally only speaking to the one person to whom I responded. I wasn’t addressing anyone else. You really don’t get to tell me I was responding to other people when I wasn’t. If I was responding to other people with that comment, I would have posted it multiple times by hitting reply to their comments in the thread. This really explains a lot about why you can’t track conversations.
But I appreciate that you actually logged in for this one. The pattern makes a lot more sense now.
Isn’t that similar to the U.S.? Most court cases start before a single judge (who has the power to jail people, issue fines, etc), and it’s only once it gets escalated for review are there multiple judges.
For instance, Twitter was fined $350k recently in a case with DOJ, for contempt of court (which can be escalated, if necessary). That was a single judge.
Why? They’re not related.
The fact that Russia jails dissidents doesn’t mean all jails are bad and that the U.S. shouldn’t put criminals in them. Whether a power is used for good or bad often depends on the context in which it is used. It’s very often not black and white always good or always bad.
Same with say, the U.S. taking down some websites (like child porn), or other examples. The fact that Russia (or China) restricts access to websites doesn’t make it universally bad. Whether it’s good or bad depends on how it is used.
Re:
In the U.S., judges don’t (or shouldn’t) issue orders demanding apps or websites to be blocked, nor do they order accounts to be blocked for being misleading. So, no, it is not similar at all, only very superficially.
The lower courts are also structurally separated from SCOTUS. This case would be more like if one justice in SCOTUS was handing down “rulings”, then the full court (might?) decide to vote on it at a later date.
If someone is involved in “child porn”, then yes, they could be arrested (there are stories of people being arrested for such in Brazil) and relevant assets seized. That is not the same thing as what Alexandre de Moraes is doing here. Note that even criminal law in the U.S. can be over-broad, such as in the case with the Backpage founders, however, notice how this involves a much narrower criminal statute (2251) and an investigation and various elements of due process.
Also, notice how this one judge has become a face of censorship. In many countries, people hardly even know who the judges or supreme court justices are. Didn’t he have a political position prior to this?
Re: Re: yeah, that happens
Yes, that happens with the U.S. Supreme Court. It is standard practice for the circuit justice to rule on at least procedural matters. There are 11 geographic circuits as well as a couple of specialty circuits, so each justice is the circuit justice for at least one.
Woe unto the petitioner who has forgotten to buy his circuit justice a new motor home or provide luxury vacations!
One thing this tells us about Twitter...
…is that Elmo and his acolytes really, truly, do not understand how the Internet works. Techniques for blocking Cloudflare-hosted operations have been around just about as long as Cloudflare…and they exist because they need to, and they need to because Cloudflare will host anybody: scammers, Nazi, phishers, malware distributors, spammers, extortionists, money launderers, drug dealers, anybody.
So all that Elmo has managed to do here is poke the bear. I expect that will have consequences: no court anywhere likes it when people play cutesy games with their orders.
Re:
because Cloudflare will host anybody: scammers, Nazi, phishers, malware distributors, spammers, extortionists, money launderers, drug dealers, anybody
Including Techdirt, but people here don’t want to use X because they host some of those same people.
Consistency. What is it?
Re: Re:
Infrastructure as a service. What is it?
Learn the difference between that and hosting, but also the difference between actually have to deal with assholes on a failing social media site with using a service that a failing social media site also happens to use.
If you really want consistency it is really simple, exercise it yourself like stop using the internet – it hosts people you don’t want to associate with.
Re: Re: Re:
it hosts people you don’t want to associate with
Why do you people always turn everything around?
Did I say I wouldn’t use X because of nazis? Or is that a bunch of people here, who according to you, should get offline.
Re: Re: Re:2
Who are these “you people” you are talking about?
No, but you complained about the consistency of others and their choices, all the while you are making such choices yourself on a regular basis.
I don’t recall any time that Cloudflare stood for any sort of freedom of reach/speech.
They still struggle to make real money. They need to make some money first, then and only then, you could try to stand for something.
And for what? Brazil is about 25M Twitter users, one user out of ten. Is that not meaning that Twitter is going to bankrupt 10% faster?
Re:
They actually have, and they’re really weird about it. They’ve decided that “no more how heinous the speech, no site should be DDOSed! Everything should be secure!”
Infamously, they said this when defending giving their services to a site called KiwiFarms. They then backpedaled after realizing the site was committing human rights violations (although its also likely that users of the site doxxing their paying customers had something to do with it)
This comment has been flagged by the community. Click here to show it.
Re: Re:
And yet KiwiFarms (.st) is alive and well today.
Just reading the “Dr. Rachel McKinnon / Dr. Veronica Ivy / Rhys McKinnon / Rachel Veronica McKinnon / Foxy Moxy / SportIsARight – failed out of a tenured job,man who competes in womens sports, gained like 100 lbs in 2022 (page 813), comically fell off bike before a race (page 830)” thread now!! 😂
Re: Re: Re:
As it turns out, killing a very active site fueled by both malice and spite is very hard, even factoring in the Internet.
The hilarious thing is, now that there’s an onion site for the accursed place, someone from a state-aligned agency will probably be watching it…
I really don’t like this recent trend of the backbones of the internet acting as content moderators. It sets a precedent that Republicans and their fascist goons could compel service providers to blackhole content they find objectionable at the ISP level. Not fun to think about.
Re:
Cloudflare is NOT any part of the backbone of the Internet. Not even close. If they disappeared completely tomorrow, the largest noticeable impact would be the shutdown of a lot of criminal operations. There would be some temporary, secondary impacts on other operations but those would be quickly and easily dealt with.
Cloudflare likes to pretend that it’s a big, important operations, but it’s mostly just a front for criminals – and despite that, it’s still losing money because the people working there are idiots.
Re: Re:
I would like to hear your argument as to why DDoS mitigation is not an essential part of hosting a website in 2024.
Re: Re: Re:
i like how the ac thinks that cloud flare is only used by criminals
Re: Re: Re:
First: DDoS mitigation was a well-understood problem well before Cloudflare came along. Lots of network operators quietly dealt with it – rather effectively – and they’re still doing so. It’s not an esoteric skill, it’s something that one could and should expect every mid-level network engineer to handle under all but the most extreme circumstances.
Second: Of course DDoS attacks encompass not just web sites, but email servers, DNS servers, etc. Highly effective features for countering those already exist in the principal applications that provide these. But worth noting is that some operations have done such a poor job selecting software and configuring it that they exacerbate the effects of (D)DoS attacks on themselves. In other words, they’re (partially) a victim of their own bad design and implementation.
Third, Cloudflare (D)DoS mitigation techniques just aren’t very good. The technical discussion of why is lengthy, but the highly abbreviated and thus innacurate version is that they end up denying a lot of legitimate traffic.
Fourth, while Cloudflare isn’t exclusively the haven of criminals et.al. and while other operations (e.g. OVH) also host a lot of very bad people, Cloudflare is the operation of choice. But don’t take my word for that: here’s an exercise that you can do at home that will give a glimpse into how bad things are:
Read Krebs’ article about the .top registry being put on notice by ICANN because it’s completely overrun by phishers (and worse) here. Then go to ICANN’s web site and register for access to the DNS zone file for the .top TLD. Download it, then pull all the NS (nameserver) records for every .top domain. And notice that there are tens of millions of them which are using Cloudflare.
So yeah, there are legitimate sites (foolishly) using Cloudflare. But they’re a tiny minority.
Re: Re: Re:2
so does putin pay you to post that?
This comment has been flagged by the community. Click here to show it.
Re: Re:
ok sweetie it’s your bed time
Re: Re:
“it’s mostly just a front for criminals”
As someone who works for a perfectly legal EU company that’s approaching €1.5 billion in revenue, I’d love to see the study that shows this.
Or, are you just one of those people who only read headlines when they were asked to drop accounts for bad actors, so now you assume that anyone needing DDOS protection, caching and CDNs must be illegal?
I’d love specifics here. A quick check from my side indicates that they made a lot more revenue YoY in recent financials but they haven’t gone into the black yet on operating income based on that. What specifically do you think is preventing the extra revenue from creating a profit, since you’re so knowledgeable about their finances?
Re: Re:
You’re a fucking moron.
Ironically cloudflare is also a giant MiTM operation, giving a 3rd party (cloudflare, and anyone they share it with) access to unencrypted side of your TLS tunnel.
So things like end to end encryption become even less credible for a service operating behind cloudflare[0].
Not that I expected Musk to actually care about privacy, or secure communications, just I find it a bit ironic.
Of further note: cloudflare is also known for DoS-ing it’s own customers (that is in-fact how some, only some, not all, of it’s services work.). Cloudflare will also frequently and randomly block users(of a website) who do not submit to cloudflare having code execution on their machines[1]. Not that I think Elon would care about that either.
[0] Though “end to end encryption” of communication using only web apps is snake oil. There’s no way to implement it that would actually prevent the holder from decrypting the communication. Because they could always modify the webpage and no one would be the wiser.
[1] A thing which I will remind everyone is increasingly obviously a bad idea. I hope I don’t need to link to every vulnerability arising from having CE on a system.
Re:
That (the part about MiTM) is a good point. If someone’s (D)DoS mitigation technique requires decrypting traffic, then it’s not a very good (D)DoS mitigation technique.
And depending on what’s in that traffic, what legal jurisdiction(s) are involved, and who’s doing the decryption, it may be illegal and/or in violation of federal/state/province regulations and/or in violation of contractual provisions. Example: in the US, some medical data is protected by more than just HIPAA; it’s also protected by federal regulations specific to particular datasets and/or by contractual provisions stipulating its use, access, storage, etc. The latter two frequently require that no third party have access to it in transit or at rest, which means (among other things) it can’t pass through any unencrypted (external) connection and it can’t be stored in anybody’s cloud (unless encrypted before storage).
Fuck off
Its not only people who dislike musk who would like to see twitter banned.
twitter isn’t a normal social media company. They uniquely and specifically promote racism and bigotry at a scale no other service does.
There are many alternative social media networks. Blocking twitter is a sensible move and I wish the uk would follow suit. If that makes us “the kind of country” you don’t like I can deal.
The alternative is more racist riots.
Re:
Thanks for letting us know you think, at a national level, “racism” and “bigotry” should be banned.
Well, its funny how politicians can say what ever they want on TV about their opposition, but common people can’t on x. Elon is right, people only stand for Brazil jigde, because they hate Elon, lol. But, he’s right, if there’s unlawful posts, the goverment should take action toward the person not x.
Re: Operation Iraqi Freedom
I don’t know how historians there criticize internally, if we were to generalize… the USA doesn’t have a good reputation regarding knowledge of geography and global history. The English tradition in the Americas likes to make itself the patron saint of freedom, but in addition to its own contradictions, the land of “Uncle Sam” dresses up as a narrative by ignoring the legal processes of other countries. No, you are neither free nor democratic. There is a saying that says: the greater the power or freedom, the greater the responsibility. Therefore, how can we say that the USA advocates in favor of freedom — without being demagoguery — if this country has been involved in conflict in MORE THAN 120 COUNTRIES, GOVERNMENTS OR FOREIGN POLICIES since its War of Independence, how? The freedom you defend, part of it, was revealed by Snowden… this freedom does what it did to TIKTOK in your country. This disease, disguised as freedom, gives the State of Virginia or others the possibility of neo-Nazi marches in the streets. This freedom makes Elon, his bedroom pop star, say on Twitter: let’s hit whoever WE WANT — when referring to Bolivian ores. So, before defending this tycoon who is already being investigated by the European Union for almost the same reasons, go read a history book about the United States written by a European or someone from outside your country — just to open your mind in relation to that.
This comment has been flagged by the community. Click here to show it.
why is there several trolls that think cloud flare is evil or that America isn’t a democracy in here
This comment has been flagged by the community. Click here to show it.
Re:
Because Putin is paying them
This comment has been flagged by the community. Click here to show it.
Re: Re:
might have to mass flag then since there’s a troll infestation on this post
thats not whats happening
Its required that there be a local representative that has the putative power to control what goes on from the local office. He can be arrested because he directs and is responsible for the local operations. If he doesnt have that power then he should quit. And he did.
Re:
If only there was some way to communicate between countries in an instantaneous fashion, then there would be no reason to require a company to hire a local potential hostage for the government to use as leverage against said company if it isn’t doing what they want them to…
Re: Re: how would that help
Internet corps want to be above the law if they have no property or personnel in that country that law enforcement can touch. Making them have someone in the country directing and responsible for what is done in that country solves that loophole. If you think there is another solution to that problem lets hear it. Be specific.
Re: Re: Re:
So you also think that organizations that have their own websites need to capitulate to every legal demand from Brazil?
And why not those from Japan. Or Germany, or India, or Russia, or Chain.
Re: Re: Re:2 well, yea
If they want to operate in Brazil they do have to abide by the law. Otherwise they will be blocked.
Re: Re: Re:3
So are you saying Brazil is special?
It also sounds like it would be easier to make some sort of “huge fire wall” and only allow access to/from Brazil to external parties that have been vetted as complying with the law. Because I can basically guarantee most websites aren’t and couldn’t give a rip. And blocking everyone would take far longer than writing up a allow list.
Re: Re: Re:4
I dont think Brazil cares about most websites. The law does not require all websites to have a local division with a local division head. Just certain businesses.
And this is not about the division head being a hostage. In any business the division head is responsible for what his division does. And if the ceo orders you to break the law its your job to tell the ceo NO.
Re: Re: Re:5
Do you not see how this is literally talking in circles? “If the operate here, they must operate here so we can have a hold over them”.
Re: Re: Re:6 again...
Do you think a company that operates on the internet should be considered above the law? Untouchable, so to speak?
Re: Re: Re:6 No
No its not talking in circles. If you want to operate in Brazil you must have a physical presence and a local director that is able to direct operations and is responsible for making sure the division operates according to the law.
The local director was ordered to break the law so he quit.
Re: Re: Re:2 back at ya
Do you think a company that is entirely on the internet should be considered above the law?
Re: Re: Re:3
Do you think I’m going to answer your question when you’ve ignored my own?
Re: Re: Re:4 ok
I answered your question now answer mine. Do you think internet corps should be considered above the law?
Re: Re: Re:5
Not the AC you were talking to here. I’ll just point out that laws that can’t be enforced are useless regardless how much gavel-pounding a court does.
In reality every company operating on the internet is subject to laws in their home country but not necessarily by the laws of another country just because they have users there.
The norm is that a company becomes subject to laws in a country if they have substantial presence/business there (subject to international law/treaties etc) and whether exTwitter presence in Brazil passed that threshold is something I leave to people better versed in international law etc, but if a company shutters their operation in a country there’s nothing that country can do about it – even if people in that country intentionally ignore any laws and keep doing business with that company.
And the latter is what happened with exTwitter and Brazil, and the only remedies Brazil has here is to use international law/diplomacy to get exTwitter to comply and/or go after all the intermediaries they can reach in Brazil.
Whatever you think what exTwitter did is legal or not, they are still subject to US law; just like how any other company is also subject to laws in their home country.
That is why your question about “being above the law” is a strawman since you now have taken a set of circumstances pertaining to a specific company in a specific country and elevated it to all internet companies everywhere but the answer you want is for the specific set of circumstances already established.
TL;DR: No one is really above the law but a court can be SOL when trying to enforce laws on foreign entities they can’t reach.
Remember those servers Musk ripped out?
This is simply Elon making sure that eXTwitter no longer needs the servers that he impetuously ripped out.
Cloudflare should tell the Brazilian goverment to go to hell
Cloudflare is in San Francisco, which is still in the United States.
That means they only have to comply with American laws.
Just like foreign sites do not to comply with US laws, American sites do not have to comply with foreign laws.
Brazilian law DOES NOT APPLY in the United States, and Cloudflare needs to tell the Brazilian government to flag off.
There is nothing the Brazilian government could do about that is Cloudflare took that tack
And they should let it be known they, as an American company, only obey American laws.
Re: cloudflare does operate in Brazil
I think the point is that cloudflare has facilities in Brazil that are subject to closing and/or taking. They ARE subject to the law.
Re:
It’s sort of difficult to operate a CDN if you’re going to offend the governments in the countries you run your servers from. You can’t grow infrastructure if you’re saying you will be operating criminally.
https://blog.cloudflare.com/expanding-to-25-plus-cities-in-brazil/
If they choose to only follow US laws, they restrict themselves to 3% of the world population, and also remove most of the reasons why people use them to begin with (yes, DDOS protection and caching among other things are important but at heart the CDN is why they grew).
Put Brazil out of Internet. We don't care
Clouflare only answer to Brazil should be : you want to ban and censor stuff ? Go F yourself. Then, ban all Brazilian IP and see how long they like it without Internet.
Why should we suffer to have those morons have access to Internet ?