◆ [Date updated: 2023/12/12(Tue) 12:33:10]
■please unblock tor on heyuri, i can't even view posts using tor because heyuri uses cloudflare (;´Д`)
│(heyuri shouldn't be using cloudflare either, it's a MITM/backdoor..)
│screenshot: https://box.patchouli.moe/vsboUayK.PNG
│
├■Things liek Cloudflare are sadly a necessity on today's web, and a
││highly disproportionate amount of shenanigans has come from Tor exit
││nodes this year - especially recently (;´Д`)
││
││One or more Tor users has caused endless headaches for Heyuri staff-san,
││and apparently made it their mission to manipulate the site and create a
││worse/hostile atmosphere here. Obviously we'd rather not ban it, but
││it's been at the root of enough problems lately (without providing much
││good) that we are effectively forced to (;´Д`)
││
│└■Do you guys believe in the theory that cloudflare DDoS's websites to
│ │force them to use their protection?
│ │
│ └■Most likely (;´Д`)
│ Someone once pointed it out on Lounge too
│ https://dis.heyuri.net/lounge/koko.php?res=2012#p4916
│
├■Why does it being a MITM/Backdoor (a kind of silly claim given the
││context of cloudflares purpose) even matter for heyuri? Theres no logins
││or anything here so theres really no attack vector that users need to
││worry about Σ(;゚Д゚)
││
│└■not the same anon, but doesn't that mean cloudflare views the
│ │unencrypted posts made by any IP? I trust kaguya to not sell my data,
│ │but I can't say the same of cloudflare (;`Д´)
│ │
│ └■Only if we use cloudflares SSL encryption. They have an option for the
│ │user to opt for their own encryption. In that case, they could see your
│ │IP (as can your ISP), but not your post data
│ │
│ ├■I'm a n00b with this stuff, but I know they can automajickly maek HTTP-only servers become HTTPS cuz Heyuri★CGI is only set up for HTTP on teh server side (;^Д^)
│ ││
│ ││Net stuffz is too complicated...
│ ││
│ │└■Yes, by default they do all the SSL themselves. They may do that for
│ │ │kaguya too, unless he has it configured to use his own SSL certs.
│ │ │
│ │ │In any case, I highly doubt some balding middle aged corporate execs are
│ │ │viewing our post history ヽ(´ー`)ノ
│ │ │
│ │ └■I admit I get a bit too paranoid when it comes to my shota furry gangraep posts. (;;´Д`)
│ │ │
│ │ └■Man I should browse /b/ more often (´//ω//`)
│ │
│ └■That's good, but there are other ways for cloudflare to de-anonymize posts if they REALLY want to.
│ For example, they can simply watch heyuri posts' timestamps, compare it to their POST data log, and look at the IP address.
│
└■User: Puchiko
I hate cloudfare as well, I hope it isn but temporary (;´Д`)
Return