Felicitas Pojtinger 🌅Whenever you see someone recommend Cloudflare or something else that decrypts and re-encrypts TLS for something, esp. for something related to open social media or media storage etc., reply with this picture from the Snowden leaks
Sashin@pojntfx what does it mean?
John Deters@sashin @pojntfx The padlock in your browser promising your data is securely protected ends at Google's servers, and is only restored on the other side, exposing your data to Google. The slide Snowden posted is from an NSA presentation where the author drew a smiley face at that point, because it gave the NSA full access to the data flowing through Google's servers.
Cloudflare has the same vulnerability. And the NSA's capabilities have only improved since the slide was released 12 years ago.
@targetdrone @pojntfx thanks for the explanation! I wonder if it's just CloudFlare or other things too
Magnus Ahltorp@sashin @pojntfx That Cloudflare (and everyone that manages to snoop on them) can read, store, and modify any requests and content that is transmitted.
Basically, the promise of TLS is that everything you do on a website is unreadable by anyone except the web browser and the provider of the website. Cloudflare inserts itself into the transaction and breaks that promise.