[cryptography] Github Pages now supports SSL

Scott Blaydes scott at sbce.org
Sun Apr 6 13:42:52 PDT 2014 

On Apr 6, 2014, at 2:20 PM, tpb-crypto at laposte.net wrote:

>> Message du 06/04/14 17:41
>> De : "staticsafe" 
>> On 4/6/2014 10:40, tpb-crypto at laposte.net wrote:
>>>> Message du 04/04/14 20:09
>>>> De : "Eric Mill" 
>>>> Along with Cloudflare's 2014 plan to offer SSL termination for free, and
>>>> their stated plan to double SSL on the Internet by end of year, the barrier
>>>> to HTTPS everywhere is dropping rapidly.
>>>> 
>>> 
>>> I agree that putting https everywhere is great, but Cloudflare's founders are tightly linked with the US-intelligence community. That fact alone kind of kills any claims they make about data security within their service.
>> 
>> Source for this please?
>> 
> 
> Is it so painful to do your own homework?
> 
> "Matthew Prince, Lee Holloway, and Michelle Zatlyn created CloudFlare in 2009.[1][2] They previously worked on Project Honey Pot." - http://en.wikipedia.org/wiki/CloudFlare
> 
> "[...] the project organizers also help various law enforcement agencies combat private and commercial unsolicited bulk mailing offenses and overall work to help reduce the amount of spam being sent [...]" - http://en.wikipedia.org/wiki/Project_Honey_Pot
> 
> That's just for starters, you can dig more and find more. It is interesting that the history of the founders themselves is no longer exhibited in cloudflare.com website as it was years ago.
> 
> 
> As an American company, there is nothing preventing Cloudflare from receiving NSLs and having to shut up about them. What use is a system that you can't trust like this?
> 
> You can say "oh, but they go after the bad guys, spammers". But that doesn't limit it to spammers neither do we know who are the so called bad guys, since that is decided by American secret laws, made by secret courts, that issue secret orders.
> 
> No trust to American companies, less even trust to American companies that promise any kind of data security. Better no security than a false sense of it.
> 
> Sorry.

I have noticed CloudFlare CAPTCHA screens before I can access some sites via Tor. This begs the question of how much data is CloudFlare gathering from Tor exit nodes and who are they selling it to? Due to links with the US Intelligence community and possibly receiving NSLs, they are in a great position to provide information about what people use Tor for. Perhaps thwarting spammers is a great cover for keeping track of traffic to and from alleged terrorist IPs/Net blocks. Since they also help mitigate DDoS attacks, they can also keep track of alleged Anonymous pwned hosts used for originating DDoS campaigns. 

They are a great “in the trenches” company that can be very versatile for keeping track of the Bad Guys(tm).

Thank you,
Scott

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20140406/fcd6e928/attachment-0001.sig>

More information about the cypherpunks mailing list