The Hacker‘s ChoiceSep 26, 2023
CF is amassing a lot of power. With 30% of all Internet Traffic going through CF and them decrypting all HTTPS traffic at the Edge...and able to change any or all of it transparently. This extract from CF's blog reads like a Government/Thread Actor's dream come true....
Show threadBenAvelingSep 28, 2023
@thc not true from a technical pov and very misleading. CF isn’t decrypting https in order to do this. They’re handling the initial http to https encryption so of course they have access to the http.
Excessive power, maybe, but not implemented the manner implied here
Show threadThe Hacker‘s ChoiceOct 4, 2023
@BenAveling CF decrypts all HTTPS at the edge and then forwards it via http to the origin server. That’s the most common setup. This is still true if only HTTPS is used (even with HSTS is policy enforcement).
Show threadBenAveling
@thc well yes. But that’s not a bug, it’s a feature. So to speak
Oct 4, 2023 at 1:59pmWeb