Why Cloudfare makes my nostrils flare

eroding privacy in the name of security

 

Many of us are waking up to the huge erosion of our privacy in electronic communications.

We’re aware of the PRISM/Tempura story of 6 years ago, where CSA whistleblower Edward Snowden revealed the extent that our governments spy on their citizens and share that information…that our internet and phone use is watched and recorded… The film about him starring Joseph Gordon-Levitt and Shailene Woodley revealed that the CSA can watch us through our webcam, via fibre optic cables, even when the computer’s off.

Hence, he put something over the camera eye.

We’re increasingly aware of Facebook, Google and Microsoft being part of this surveillance, accumulating our browsing habits to not only send to advertisers, but to the secret agencies, using terrorism as an excuse and to make citizens compliant.

But terrorism isn’t appropriate to the vast majority of us, and yet we’re being watched anyway… and we’re aware that terrorism and dissent are becoming synonymous.

Hence more of us are taking steps against this and switching our browsers and search engines to ones which don’t track us across the internet and record any browsing history.

Private Browsing in most browsers only prevents other users of that computer in following your online sessions, not the browser or your internet service provider, who are also hoovering up and selling your details – and you’re paying them to do it!

There are some smaller browsers and search engines which take our privacy more seriously.

These include Epic (hard to download and use, curiously) and Brave and TOR – The Onion Router – for the former, and DuckDuckGo and Startpage for the latter. Reading their privacy tips and warnings are galling, for even the size of your screen can help give you away. There’s HTML5 canvas image data extraction, and this is part of ‘fingerprinting’ – websites being able to discover who and where you are, and what you do.

In Windows 10, the privacy settings – now split into two places to look – are defaulted to yes…use my camera, microphone, physical location… allow remote access…

Even some of these more private browsers have default settings to allow Facebook and Google – the very places to avoid – to set cookies and have other permissions.

I’m appalled that even blocking 3rd party cookies and device recognition, as well as hated JavaScript, is enough to make many websites break. To look up a train time, I get warning messages – even in a less private browser – that this information is being shared. I can’t get into my email account with the settings I’d like in place. I’ve even seen some spiritual websites – one with a prayer request form – make visitors be open to trackers to be able to submit that request!!

Hence my ire at Cloudflare, a widely used supposedly security enhancing tool and company. It’s meant to stop robots from spamming or sending malware, but I’m more suspicious that cybercrime is mostly a myth and there’s some ironic Sylvester Sneakly/Hooded Claw plot that the security programs and their manifold updates are the sinister part.

I’m not going to reveal my browsing habits, but I will say that many things I look up aren’t things I want to share with a third party. No – let me make clear – I never want anything I do anywhere shared with anyone that I don’t choose.

I utterly reject “If I’m not doing wrong, I don’t mind.” I mind very much, and so should you.

But the internet is a good resource for connecting and researching, perhaps things we wouldn’t readily tell those around us. Do you want every book you pick up off a shelf known to people who don’t even know you? Do you want every video and piece of music you play known? (by the way, it is unless you block it). Have you not ever tried to find resources about something that you wouldn’t want made generally public? Have you wanted to introduce yourself to staff in every shop you go in? Have you ever been worried by something that you wouldn’t want to tell other people about?

Hence, some of us will set our privacy high and use browsers that block the ridiculous amounts of adverts which slow down our browsing and waste our internet data allowance. We don’t want to see adverts about the legal services we looked up, or that health problem, or the sexuality related matter we sought succour about. We don’t want our moving or surprise holiday plans or new job revealed by adverts appearing the next time we use our device.

But Cloudflare blocks these browsers, and it’s used by places where i) sites can be personal and ii) the users thereof may well be questioners and people who uphold privacy rights.

I’m frustrated – and so are others – by the amount of sites who won’t let you in, treating you as some kind of attack. Or they’ll make you try to perform a hated recaptcha check, which involves Google’s intrusion. Mostly with my preferred security settings, these stupid ‘click all the squares with…’ tasks don’t work. It’s very US focussed so some other users might not recongise what they’re being asked to so, and it’s not clear that you’re meant to choose squares with a tiny bit of something. So it’s easy to get wrong, even as a real sentient human…meanwhile, you’re automatically held into Google’s privacy…to prove you’re real. See the irony?

And I think they’re really trying to get private browsers to reveal themselves.

So I leave those sites, for I feel: if they’re using Cloudflare to bully me into giving my identity away, then I don’t need to read that article afterall.

I thus challenge users of Cloudflare and Cloudflare itself to rethink, along with all those who utilise recaptcha. Note the name – its real purpose is revealed.

And I won’t be netted by anyone.

(And WordPress, you’re still breaking Cookie Law with you assumed opt in)

Leave a comment

Filed under society

Comments are closed.