Strange World@Heyuri.net Post search

please unblock tor on heyuri, i can't even view posts using tor because heyuri uses cloudflare (;´Д`) (heyuri shouldn't be using cloudflare either, it's a MITM/backdoor..) screenshot: https://box.patchouli.moe/vsboUayK.PNG

> please unblock tor on heyuri, i can't even view posts using tor because heyuri uses cloudflare (;´Д`) > (heyuri shouldn't be using cloudflare either, it's a MITM/backdoor..) > screenshot: https://box.patchouli.moe/vsboUayK.PNG Why does it being a MITM/Backdoor (a kind of silly claim given the context of cloudflares purpose) even matter for heyuri? Theres no logins or anything here so theres really no attack vector that users need to worry about Σ(;ﾟДﾟ) Reference: 2023/12/10(Sun) 08:19:12

> Why does it being a MITM/Backdoor (a kind of silly claim given the > context of cloudflares purpose) even matter for heyuri? Theres no logins > or anything here so theres really no attack vector that users need to > worry about Σ(;ﾟДﾟ) not the same anon, but doesn't that mean cloudflare views the unencrypted posts made by any IP? I trust kaguya to not sell my data, but I can't say the same of cloudflare (;`Д´) Reference: 2023/12/10(Sun) 13:14:47

> please unblock tor on heyuri, i can't even view posts using tor because heyuri uses cloudflare (;´Д`) > (heyuri shouldn't be using cloudflare either, it's a MITM/backdoor..) > screenshot: https://box.patchouli.moe/vsboUayK.PNG Things liek Cloudflare are sadly a necessity on today's web, and a highly disproportionate amount of shenanigans has come from Tor exit nodes this year - especially recently (;´Д`) One or more Tor users has caused endless headaches for Heyuri staff-san, and apparently made it their mission to manipulate the site and create a worse/hostile atmosphere here. Obviously we'd rather not ban it, but it's been at the root of enough problems lately (without providing much good) that we are effectively forced to (;´Д`) Reference: 2023/12/10(Sun) 08:19:12

> > Why does it being a MITM/Backdoor (a kind of silly claim given the > > context of cloudflares purpose) even matter for heyuri? Theres no logins > > or anything here so theres really no attack vector that users need to > > worry about Σ(;ﾟДﾟ) > not the same anon, but doesn't that mean cloudflare views the > unencrypted posts made by any IP? I trust kaguya to not sell my data, > but I can't say the same of cloudflare (;`Д´) Only if we use cloudflares SSL encryption. They have an option for the user to opt for their own encryption. In that case, they could see your IP (as can your ISP), but not your post data Reference: 2023/12/10(Sun) 15:08:42

10790. ＞Anonymous-san User: Anonymous Post date: 2023/12/10(Sun) 14:47:03 ■ ◆ 木

> > please unblock tor on heyuri, i can't even view posts using tor because heyuri uses cloudflare (;´Д`)
> > (heyuri shouldn't be using cloudflare either, it's a MITM/backdoor..)
> > screenshot: https://box.patchouli.moe/vsboUayK.PNG
> Things liek Cloudflare are sadly a necessity on today's web, and a 
> highly disproportionate amount of shenanigans has come from Tor exit 
> nodes this year - especially recently (;´Д`)
> One or more Tor users has caused endless headaches for Heyuri staff-san, 
> and apparently made it their mission to manipulate the site and create a 
> worse/hostile atmosphere here. Obviously we'd rather not ban it, but 
> it's been at the root of enough problems lately (without providing much 
> good) that we are effectively forced to (;´Д`)

Do you guys believe in the theory that cloudflare DDoS's websites to
force them to use their protection?

Reference: 2023/12/10(Sun) 15:32:30

> > Things liek Cloudflare are sadly a necessity on today's web, and a > > highly disproportionate amount of shenanigans has come from Tor exit > > nodes this year - especially recently (;´Д`) > > One or more Tor users has caused endless headaches for Heyuri staff-san, > > and apparently made it their mission to manipulate the site and create a > > worse/hostile atmosphere here. Obviously we'd rather not ban it, but > > it's been at the root of enough problems lately (without providing much > > good) that we are effectively forced to (;´Д`) > Do you guys believe in the theory that cloudflare DDoS's websites to > force them to use their protection? Most likely (;´Д`) Someone once pointed it out on Lounge too https://dis.heyuri.net/lounge/koko.php?res=2012#p4916 Reference: 2023/12/10(Sun) 15:47:03

> Only if we use cloudflares SSL encryption. They have an option for the > user to opt for their own encryption. In that case, they could see your > IP (as can your ISP), but not your post data That's good, but there are other ways for cloudflare to de-anonymize posts if they REALLY want to. For example, they can simply watch heyuri posts' timestamps, compare it to their POST data log, and look at the IP address. Reference: 2023/12/10(Sun) 15:42:11

> > not the same anon, but doesn't that mean cloudflare views the > > unencrypted posts made by any IP? I trust kaguya to not sell my data, > > but I can't say the same of cloudflare (;`Д´) > Only if we use cloudflares SSL encryption. They have an option for the > user to opt for their own encryption. In that case, they could see your > IP (as can your ISP), but not your post data I'm a n00b with this stuff, but I know they can automajickly maek HTTP-only servers become HTTPS cuz Heyuri★CGI is only set up for HTTP on teh server side (;^Д^) Net stuffz is too complicated... Reference: 2023/12/10(Sun) 15:42:11

> > Only if we use cloudflares SSL encryption. They have an option for the > > user to opt for their own encryption. In that case, they could see your > > IP (as can your ISP), but not your post data > I'm a n00b with this stuff, but I know they can automajickly maek HTTP-only servers become HTTPS cuz Heyuri★CGI is only set up for HTTP on teh server side (;^Д^) > Net stuffz is too complicated... Yes, by default they do all the SSL themselves. They may do that for kaguya too, unless he has it configured to use his own SSL certs. In any case, I highly doubt some balding middle aged corporate execs are viewing our post history ヽ(´ー｀)ノ Reference: 2023/12/10(Sun) 16:14:42

> In any case, I highly doubt some balding middle aged corporate execs are > viewing our post history ヽ(´ー｀)ノ I admit I get a bit too paranoid when it comes to my shota furry gangraep posts. (;;´Д`) Reference: 2023/12/10(Sun) 18:21:51