The Hacker‘s ChoiceSep 26, 2023
CF is amassing a lot of power. With 30% of all Internet Traffic going through CF and them decrypting all HTTPS traffic at the Edge...and able to change any or all of it transparently. This extract from CF's blog reads like a Government/Thread Actor's dream come true....
Show threadJavier

@thc

It surprises people that CF can see (and modify) the plain HTML even under https, but if you think about it, any CDN has to do that to be able to cache content.

Same as with a VPN, using a CDN requires some amount of trust. Unfortunately, it only requires trust from one side (the backend service) and not the other (the end user), which doesn't have any say in the outcome.

Sep 26, 2023 at 12:53pmWeb
Show threadRiley S. FaelanSep 26, 2023

@javierg That's not entirely true. CDN can provide an extremely valuable service by only serving static things.

@thc

Show threadJavierSep 27, 2023

@riley @thc

Do you mean to serve the HTML and any response from the front-end directly to the user and only let the CDN cache images, CSS and scripts? Yes, you can do that, even in the current offering of CDNs.

It does reduce the ability of the CDN to spy you, at the cost of a more complex setup.

Still the choice of the backend service provider, not the end user.