If the website is for LEA, why does it need to be protected from DDoS? If LEA dont get the message and they waste their time looking for a well hidden onion service, who cares? On 13 September 2016 19:14:19 GMT+01:00, Mirimir wrote: On 09/13/2016 08:13 AM, Razer wrote: On 09/13/2016 12:00 AM, Mirimir wrote: But the fact that CloudFlare is insecure, and may be an NSA honeypot, is no reason for them to avoid using it... Umn. I guess it depends on if your freedom or life depend on it. I'd tend to be.... Risk-adverse. But that's just me. They use CloudFlare only for the website to warn LEA etc that the real mailserver is a Tor onion service, and to forget about trying to find it. CloudFlare plays no role in email handling. You're just spreading ignorant bullshit and FUD. You're being as pigheaded as Juan! Rr "The contrail is gone entirely from the sky. Pirate’s sweat lies on his skin almost as cold as ice. He takes some time lighting a cigarette. He won’t hear the thing come in. It travels faster than the speed of sound. The first news you get of it is the blast. Then, if you’re still around, you hear the sound of it coming in. What if it should hit exactly—ahh, no—for a split second you’d have to feel the very point, with the terrible mass above, strike the top of the skull..." ~Thomas Pynchon, Gravity's Rainbow On 09/13/2016 12:33 AM, oshwm wrote: Well obviously all I've said about Cloudflare is well documented Yeah, but there's nothing there about Sigaint, is there? but in terms of sigaint, its your choice but with the documented issues with Cloudflare then I would expect any org who is trying to provide protection against 'dragnet surveillance' would be morally and ethically opposed to services such as Clouflare, wouldn't you? You're as bad as Juan with the "morally and ethically" bit ;) It's my impression that Sigaint is pretty neutral about moral and ethical issues. Yes, they provide protection against "dragnet surveillance". But the fact that CloudFlare is insecure, and may be an NSA honeypot, is no reason for them to avoid using it for posting a warning on their gateway IP. That warning is just for clueless mail admins and LEA. Their website is . On 13 September 2016 07:26:26 GMT+01:00, Mirimir wrote: On 09/13/2016 12:18 AM, oshwm wrote: The difference is you have the chinese knocking on your front door and are blocking them whereas you are willingly giving the secrets of your browsing across multiple sites to a single organisation whose CEO has links to the US DoD (arguably more damaging and interventionist than the chinese). You will then be profiled and your future actions predicted and even influenced in order to protect the interests of the US MIC. Nope, nothing to worry about from Cloudflare at all :D My advice is: if an organsation touches Cloudflare then you shouldn't touch that organisation. You're missing the fucking point! Using Sigaint for email has nothing to do with CloudFlare. You can't even hit Sigaint webmail, except as a Tor onion service. CloudFlare doesn't proxy mailserver connections. It's just their fucking website. Unless you have some actual evidence, you're just blowing smoke ;) On 13 September 2016 06:31:37 GMT+01:00, Mirimir wrote: On 09/12/2016 11:24 PM, juan wrote: On Mon, 12 Sep 2016 23:09:55 -0600 Mirimir wrote: Ddos attacks are exactly like terrorism. Carried by the same people...at the Department of False Flags. It muct be nice to have such simple answers to everything ;) You really got me Mirimir. We should thank the US military for cloudflare too. The internet really started to work a coupl of years ago, thanks of course, to cloudflare. Don't get me wrong. I hate CloudFlare. It's fucking stupid to break HTTPS security as MitM in order to protect clueless against DDoS. Clever adversaries can takeover sites if their interaction with CloudFlare isn't adequately secured. And I hate having to deal with their fucking CAPTCHAs when I'm using Tor. But as much as I hate US military, I don't delude myself that they're the only assholes out there. Maybe the most resourceful assholes. And the most arrogant assholes. But far from the only ones. It's the fucking Chinese that seem to beat at every SSH server that I run :( But then you'll say that it's just americunts pretending to be Chinsese ;) -- Sent from my Android device with K-9 Mail. Please excuse my brevity.