[tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri May 8 01:18:41 UTC 2020
#24351: Block Global Active Adversary Cloudflare
-------------------------------------------------+-------------------------
Reporter: nullius | Owner:
| cypherpunks
Type: enhancement | Status:
| assigned
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Major | Resolution:
Keywords: security, privacy, anonymity, mitm, | Actual Points:
cloudflare, TorBrowserTeamTriaged |
Parent ID: #18361 | Points: 1000
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by ptaff):
No matter how hard you work at protecting your privacy, trying to avoid
tracking by Facebook and Google, installing adblockers and everything,
those Cloudflare servers effectively MITM 10-15% of the world websites in
the name of Denial-of-Service protection.
Many, many of those websites "protected" by Cloudflare have their HTTPS
certificate owned by Cloudflare; Cloudflare hence sees the communication
in the clear. Credit card numbers and all.
Thus they can build an impressive tracking system for users, with very
high quality personal data.
They now offer DNS resolution, trying to enrich their user tracking by
adding data about traffic to servers not "protected" by Cloudflare.
They disgust me.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24351#comment:177>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list