◆ [Date updated: 2023/12/12(Tue) 12:33:10]
■please unblock tor on heyuri, i can't even view posts using tor because heyuri uses cloudflare (;´Д`)
│(heyuri shouldn't be using cloudflare either, it's a MITM/backdoor..)
│screenshot: https://box.patchouli.moe/vsboUayK.PNG
│
├■User: Puchiko
│ I hate cloudfare as well, I hope it isn but temporary (;´Д`)
│
├■Why does it being a MITM/Backdoor (a kind of silly claim given the
││context of cloudflares purpose) even matter for heyuri? Theres no logins
││or anything here so theres really no attack vector that users need to
││worry about Σ(;゚Д゚)
││
│└■not the same anon, but doesn't that mean cloudflare views the
│ │unencrypted posts made by any IP? I trust kaguya to not sell my data,
│ │but I can't say the same of cloudflare (;`Д´)
│ │
│ └■Only if we use cloudflares SSL encryption. They have an option for the
│ │user to opt for their own encryption. In that case, they could see your
│ │IP (as can your ISP), but not your post data
│ │
│ ├■That's good, but there are other ways for cloudflare to de-anonymize posts if they REALLY want to.
│ │ For example, they can simply watch heyuri posts' timestamps, compare it to their POST data log, and look at the IP address.
│ │
│ └■I'm a n00b with this stuff, but I know they can automajickly maek HTTP-only servers become HTTPS cuz Heyuri★CGI is only set up for HTTP on teh server side (;^Д^)
│ │
│ │Net stuffz is too complicated...
│ │
│ └■Yes, by default they do all the SSL themselves. They may do that for
│ │kaguya too, unless he has it configured to use his own SSL certs.
│ │
│ │In any case, I highly doubt some balding middle aged corporate execs are
│ │viewing our post history ヽ(´ー`)ノ
│ │
│ └■I admit I get a bit too paranoid when it comes to my shota furry gangraep posts. (;;´Д`)
│ │
│ └■Man I should browse /b/ more often (´//ω//`)
│
└■Things liek Cloudflare are sadly a necessity on today's web, and a
│highly disproportionate amount of shenanigans has come from Tor exit
│nodes this year - especially recently (;´Д`)
│
│One or more Tor users has caused endless headaches for Heyuri staff-san,
│and apparently made it their mission to manipulate the site and create a
│worse/hostile atmosphere here. Obviously we'd rather not ban it, but
│it's been at the root of enough problems lately (without providing much
│good) that we are effectively forced to (;´Д`)
│
└■Do you guys believe in the theory that cloudflare DDoS's websites to
│force them to use their protection?
│
└■Most likely (;´Д`)
Someone once pointed it out on Lounge too
https://dis.heyuri.net/lounge/koko.php?res=2012#p4916
Return