Merge branch 'master' of 2019.Nov/cloudflare-tor into master

This commit is contained in:
themusicgod1 2019-11-20 20:36:14 +01:00 committed by Gitea
commit 24de68e364
9 changed files with 102 additions and 48 deletions

View File

@ -366,6 +366,16 @@ Table of contents
> Too many to list here. It is IMPOSSIBLE to list them all! [See for yourself](https://twitter.com/search?q=Cloudflare).
"Do you know if this info is on any other sites? Sadly patreon has been taken in on the foolishness that is CloudFlare & blocks tor nodes." by @[DeborahPeasley](https://twitter.com/DeborahPeasley/status/1196465140243320832)
"hey, I'm using a VPN exiting in the DigitalOcean network. Cannot access this site." by @[AliveDevil95](https://twitter.com/AliveDevil95/status/1196409774323224576)
"umm this cloudflare anti DOS shit blocked me from your site. LOL i know shit all about DDOSing or anything, the closest thing to that for me is going on Tor " by @[Undyingtmlg](https://twitter.com/Undyingtmlg/status/1196811999029743621)
"Meta: Access Denied You don't have permission to access forums.tesla.com on this server. heh cloudflare" by @[charlieXwallace](https://twitter.com/charlieXwallace/status/1196875795794288640)
"Someone kept getting their Cloudflare puzzle wrong and said enough is enough." by @[D_Downs](https://twitter.com/D_Downs/status/1146073021163040768)
"I fail to see how Cloudflare would be any improvement for me, even without DoT." by @[jornbaer](https://twitter.com/jornbaer/status/1184895606373961734)
"don't send my traffic via Cloudflare, where the NSA can definitly read it." by @[jornbaer](https://twitter.com/jornbaer/status/1184896773086744576)
@ -424,6 +434,12 @@ Table of contents
"Don't install Cloudflare's WARP "VPN". This is NOT A VPN by their own admission, and is a privacy MINEFIELD. This is a jaw dropping TOS, and I'm only a few paragraphs in." by @[notdan](https://twitter.com/notdan/status/1178339685795598336)
"Did you know a foreign-owned cloud provider has access to online votes on their way to the digital ballot box? When electors in Canadas Northwest Territories vote online, their ballots pass through Cloudflare servers and are briefly decrypted while in transit." by @[aleksessex](https://twitter.com/aleksessex/status/1176543023636897792)
"As a protection against denial-of-service attacks you can pay cloud providers to act as a kind of friendly man-in-the-middle. But protection comes in exchange for a high degree of trust: they need access to application-layer data to do things like inject fingerprinting JavaScript" by @[aleksessex](https://twitter.com/aleksessex/status/1176543026853941248)
"That means they have privileged access to see and change your vote. The legitimacy of the election relies on the assumption they wont. They say the wont, and so far weve seen nothing to contradict that. But how would you find out if they did? How do you know your counted?" by @[aleksessex](https://twitter.com/aleksessex/status/1176543027936018435)
"Consumers simply do not stand a chance in hell these days understanding the technology surrounding them." by @[notdan](https://twitter.com/notdan/status/1178384818352066563)
"cant checkout online, tried cards from three different banks and always get a cloudflare error after card verification. Any idea?" by @[rossburton](https://twitter.com/rossburton/status/1192808969250717696)

View File

@ -8,7 +8,7 @@
Table of contents
- [No Cloudflare](README.md#no-cloudflare)
- [Next: Cloudflare Ethics](README.md#next-cloudflare-ethics)
- [Next: Cloudflare Ethics](README.md#next-cloudflare-ethics-readme-ethics-md)
- [Data & More Information](README.md#data-more-information)
- [What can you do?](README.md#what-can-you-do)
@ -177,7 +177,8 @@ This repository is a list of websites that are behind "_The Great Cloudwall_", a
**More Information**
* [Short version of README](README_short.md)
* [Short version of README](README_short.md) `DRAFT`
* [Myth Catalog](myth_catalog.md) `DRAFT`
* [Padlock icon indicates a secure SSL connection established w MITM-ed](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831835) by Anonymous
* [Block Global Active Adversary Cloudflare](https://trac.torproject.org/projects/tor/ticket/24351) by nym-zone
* [Problem with Cloudflare](https://github.com/privacytoolsIO/privacytools.io/issues/374#issuecomment-460077544) by libBletchley

View File

@ -87,42 +87,53 @@ What will you do if your site goes down _suddenly_? There are reports that Cloud
### Browser vendor discrimination
CloudFlare gives preferential treatment to those using Firefox while
giving hostile treatment to users of non-Mozilla-based browsers over
Tor. Tor users of who (rightfully) refuse to execute non-free
javascript also receive hostile treatment. This access inequality is
a network neutrality abuse and an abuse of power.
CloudFlare gives preferential treatment to those using Firefox while giving hostile treatment to users of non-Tor-Browser over Tor.
Tor users of who rightfully refuse to execute non-free javascript also receive hostile treatment.
This access inequality is a network neutrality abuse and an abuse of power.
| ***browser*** | ***access treatment*** |
![](image/browserdiff.jpg)
- Left: `[Tor Browser] Javascript Disabled, Cookie Enabled`
- Right: `[Chrome] Javascript Enabled, Cookie Disabled`
| ***Browser*** | ***Access treatment*** |
| --- | --- |
| Firefox (with non-free javascript enabled; incl. Tor Browser) | access permitted |
| Chromium (with non-free javascript enabled) | access degraded (pushes Google reCAPTCHA) |
| Chromium or Firefox (with non-free javascript disabled) | access denied (pushes *broken* Google reCAPTCHA) |
| Tor Browser (Javascript enabled) | access permitted |
| Firefox (Javascript enabled) | access degraded |
| Chromium (Javascript enabled) | access degraded (pushes Google reCAPTCHA) |
| Chromium or Firefox (Javascript disabled) | access denied (pushes *broken* Google reCAPTCHA) |
| Chromium or Firefox (Cookie disabled) | access denied |
| lynx | access denied |
| w3m | access denied |
| wget | access denied |
"_Why not use Audio button to solve easy challenge?_"
Yes, there is an audio button, but it _always_ [doesn't work over Tor](https://trac.torproject.org/projects/tor/ticket/23840). You will get this message when you click it:
```
Try again later
Your computer or network may be sending automated queries.
To protect our users, we can't process your request right now.
For more details visit our help page
```
---
### Voter suppression
Voters in US states register to vote ultimately through the state
secretary's website in the state of their residence.
Republican-controlled state secretary offices engage in voter
suppression by proxying the state secretary's website through
CloudFlare. CloudFlare's hostile treatment of Tor users, its MitM
position as a centralized global point of surveillance, and its
detrimental role overall makes prospective voters reluctant to
register. Liberals in particular tend to embrace privacy. Voter
registration forms collect sensitive information about a voter's
political leaning, personal physical address, social security number,
and date of birth. Most states only make a subset of that information
publicly available, but CloudFlare sees ***all*** that information
when someone registers to vote.
Voters in US states register to vote ultimately through the state secretary's website in the state of their residence.
Republican-controlled state secretary offices engage in voter suppression by proxying the state secretary's website through Cloudflare.
Cloudflare's hostile treatment of Tor users, its MITM position as a centralized global point of surveillance, and its detrimental role overall
makes prospective voters reluctant to register. Liberals in particular tend to embrace privacy. Voter registration forms collect sensitive information about a voter's political leaning, personal physical address, social security number, and date of birth.
Most states only make a subset of that information publicly available, but Cloudflare sees ***all*** that information when someone registers to vote.
Note that paper registration does not circumvent CloudFlare because
the secretary of state data entry staff workers will likely use the
CloudFlare website to enter the data.
Note that paper registration does not circumvent Cloudflare because the secretary of state data entry staff workers will likely use the
Cloudflare website to enter the data.
![](image/cfvotm_01.jpg)
![](image/cfvotm_02.jpg)
---

BIN
image/browserdiff.jpg Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 58 KiB

BIN
image/cfvotm_01.jpg Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 116 KiB

BIN
image/cfvotm_02.jpg Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 273 KiB

BIN
image/imnotarobot.gif Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 58 KiB

View File

@ -1,9 +1,21 @@
# Instructions
--------------
# List Instructions
![](image/imnotarobot.gif)
---
Table of contents
- [Website is using Cloudflare](instructions.md#website-is-using-cloudflare)
- [Website is NOT using Cloudflare](instructions.md#website-is-not-using-cloudflare)
- [How to setup git](instructions.md#how-to-setup-git)
- [About Cloudflare base domain list](instructions.md#about-cloudflare-base-domain-list)
---
## Website is using Cloudflare
**Cloudflare users** | [**List Directory**](cloudflare_users/)
- **Cloudflare users** | [**List Directory**](cloudflare_users/)
| List name | Description |
| -------- | -------- |
@ -12,7 +24,7 @@
| cloudflare_supporter.txt | who is using Cloudflare or endorsing Cloudflare. (URL only) |
**Cloudflare Corporation** | [**List Directory**](cloudflare_inc/)
- **Cloudflare Corporation** | [**List Directory**](cloudflare_inc/)
| List name | Description |
| -------- | -------- |
@ -26,7 +38,7 @@
| cloudflare_members.txt | Cloudflare employer & employee |
1) How to detect Cloudflare
**1) How to detect Cloudflare**
There are many ways to detect it:
@ -51,9 +63,9 @@ Route 104.18.224.0/20
```
2) How to add your data (A or B)
**2) How to add your data (A or B)**
Type A: Push to Codeberg.org
- Type A: Push to Codeberg.org
1. Log in to *Codeberg.org*.
2. Click "*Fork*" button. (top-left corner)
@ -61,7 +73,10 @@ Type A: Push to Codeberg.org
4. Click *Double-arrow* button to create a *new pull request*.
Type B: Just scan the FQDN on "[Is MITM?](https://searxes.eu.org/collab/sxes/tool_ismitm.php)" webpage.
- Type B: Just scan the FQDN
1. Scan FQDN on "[Is MITM?](https://searxes.eu.org/collab/sxes/tool_ismitm.php)" webpage.
2. It will be pushed to Codeberg automatically within a week.
```
@ -79,14 +94,14 @@ IMPORTANT: Please add only "Base Domain"
... to /split/cloudflare_e.txt
```
3) If the website *no longer using Cloudflare*, *remove* it from /split/ list and *add* to "[ex_cloudflare_users.txt](cloudflare_users/ex_cloudflare_users.txt)".
**3) If the website no longer using Cloudflare**,
*remove* it from /split/ list and *add* to "[ex_cloudflare_users.txt](cloudflare_users/ex_cloudflare_users.txt)".
--------------
## Website is NOT using Cloudflare (& blocking you)
## Website is NOT using Cloudflare
**Anti-Tor users** (formerly "*TorBlocker Hall of Shame Part I*") | [**List Directory**](not_cloudflare/)
- **Anti-Tor users** (formerly "*TorBlocker Hall of Shame Part I*") | [**List Directory**](not_cloudflare/)
| List name | Description |
| -------- | -------- |
@ -134,7 +149,7 @@ This is a collection of websites that ban Tor exits, other than through Cloudfla
---
# How to setup git
## How to setup git
This procedure will give you a cloudflare-tor fork with a
privacy-respecting configuration to do pushes with SSH over Tor using
@ -197,8 +212,9 @@ to codeberg are automatically over Tor with this configuration
(because the `url` in `.git/config` references the virtual host
`codeberg-snowden` in `~/.ssh/config`).
---
# About Cloudflare `base domain` list
## About Cloudflare `base domain` list
Our mission is clear - `stay away from Cloudflare`.

View File

@ -8,9 +8,20 @@
![](image/whoismp.jpg)
------------
---
###### Website consumer
Table of contents
- [Website consumer](what-to-do.md#website-consumer)
- [Website owner / Web developer](what-to-do.md#website-owner-web-developer)
- [Software user](what-to-do.md#software-user)
- [“Mozilla Firefox” user](what-to-do.md#mozilla-firefox-user)
- [Action](what-to-do.md#action)
---
## Website consumer
- If the website you like is using Cloudflare, tell them not to use Cloudflare.
@ -85,7 +96,7 @@ If Cloudflare leak your information or won't let you to connect to our servers,
------------
###### Website owner / Web developer
## Website owner / Web developer
![](image/word_cloudflarefree.jpg)
@ -201,7 +212,7 @@ die();
------------
###### Software user
## Software user
- If you use Debian GNU/Linux, or any derivative, subscribe to [bug #831835](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831835). And if you can, help verify the patch, and help the maintainer come to the right conclusion on whether it should be accepted.
@ -263,7 +274,7 @@ Therefore we recommend above table only. Nothing else.
------------
###### "Mozilla Firefox" user
## "Mozilla Firefox" user
- Don't use Firefox Nightly. It will send debug-level information to Mozilla servers without opt-out method. Mozilla servers are [behing Cloudflare](https://www.digwebinterface.com/?hostnames=www.mozilla.org%0D%0Amozilla.cloudflare-dns.com&type=&ns=resolver&useresolver=8.8.4.4&nameservers=).
@ -300,11 +311,10 @@ Therefore we recommend above table only. Nothing else.
> 3. Restart Tor.
> 4. Set your computer's DNS server to "127.0.0.1".
- Tell us if you see [this functionality](https://ungleich.ch/en-us/cms/blog/2018/08/04/mozillas-new-dns-resolution-is-dangerous/) start to creep up beyond Firefox Nightly into more stable versions of Firefox.
------------
###### Action
## Action
- Tell others around you about the dangers of Cloudflare. But don't talk with NSA employee; you'll be _definitely_ marked... just kidding!