• threelonmusketeers@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    8 months ago

    As a user of sh.itjust.works, I was unaware of the Cloudflare issue, and I still do not fully understand it. What does Cloudflare do, and what problems does it pose to my instance and the Fediverse as a whole? Should I be petitioning my admins to move to an alternative?

    As for the disproportionate size, I think that is somewhat inevitable, even with a Federated platform. There will always be a small number of large instances and a large number of small instances. I’m not sure if size alone is a reason to migrate a community, though if a more active equivalent exists on a smaller instance, that should obviously be celebrated.

    It might be interesting to replicate their content here in such a way that it doesn’t link back to them.

    That is an interesting idea, but I’m not sure if it would work in this case. Many posts are in a Q&A format, and if a bot were to crosspost all the content here, any answers here wouldn’t necessarily make it back to the OP. Had you considered this? In general, I think that we ought to be strengthening ties between instances rather than weakening them.

    • activistPnk@slrpnk.netOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      8 months ago

      You could fill a book on the harm Cloudflare does. To describe the walled garden, they have designed Cloudflare without a login so that people in the included group don’t even know they are participating in digital exclusion and supporting a walled garden by a tech giant. The gate is invisible. Those of us in the excluded group see a deceptive block screen that says it’s doing a security check but in reality it’s doing nothing but showing a non-stop spinner. Some people get a CAPTCHA which is often broken (always broken for me).

      By default, Cloudflare blocks access to the following groups of people:

      • users whose ISP uses CGNAT to distribute a limited range of IPv4 addresses (this generally impacts poor people in impoverished regions)
      • the Tor community
      • VPN users
      • users of public libraries, and generally networks where IP addresses are shared
      • blind people who disable images in their browsers (which triggers false positives for robots, as scripts are generally not interested in images either)
      • the permacomputing community and people on limited internet connections, who also disable browser images to reduce bandwidth which makes them appear as bots
      • people who actually run bots – Cloudflare is outspokenly anti-robot and treats beneficial bots the same as malicious bots

      If you are in the included group and get access to a Cloudflare site, CF is a man in the middle who sees all the traffic. The padlock you see only means that your traffic is secure from you to Cloudflare (not to the host you think you are visiting). Cloudflare sees your userid and password, your DMs, everything. CF has grown to take ~20—30% of the web. So probably around roughly ¼ of your web activity is all seen by that one corporation which operates in a country without privacy safegards. So in addition to the above list of groups of people who Cloudflare blocks from web access, there is a group of privacy enthusiasts who block CF as they refuse to disclose ~25% of their web traffic to CF.

      As for the disproportionate size, I think that is somewhat inevitable, even with a Federated platform.

      It’s only inevitable to the extent that it’s inevitable that you will have admins who don’t grasp the philosophy. Admins who embrace the principles of decentralization close registration before their user count gets excessive (lemmy.ml demonstrated some restraint in this regard though some would say they should have closed reg sooner). Others will carry on, and bring in Cloudflare to supercharge the capacity which brings the problem that Cloudflare itself is centralized. They have effectively joined the centralized walled garden and brought a disproportionately large number of unwitting users into that exclusive venue. I say “unwitting” because sh.itjust.works and lemmy.world does not disclose to the users the fact that they are in a walled garden and that they share all the traffic with a US tech giant. Their greed is why there are disproportionately small nodes. It is sh.itjust.works and lemmy.world who decided to exploit all the individuals who individually decide they want to be in the same place where everyone else is, which ruins the balance and keeps small nodes overly small.

      Many posts are in a Q&A format, and if a bot were to crosspost all the content here, any answers here wouldn’t necessarily make it back to the OP. Had you considered this?

      I didn’t necessarily mean to imply that a bot would do the job, but indeed a bot would make sense. The purpose of copying traffic out of the centralized walled garden into a free world instance would be to feed info to those who have chosen the ethical venue. The purpose would not be to feed the giants in any way. So if it’s a personal question post that does not enrich the commons with information then the post could be removed by the bot operator. Or if the question likely provokes an interesting chat then it could be left alone. Responders who want the OP to see the response could simply mention them in the response and the OP would get a notification.