CloudFlare offers web encryption up the wazoo CloudFlare is promising to bring about the encrypted internet by adopting the latest web security protocols and offering a solution to the horror of mixed content. Just over a week since Google warned it would start labeling HTTP websites as "not secure," CloudFlare promises to help the many, many website owners who have a mix …
to browse el reg on regular ol HTTP. Too many paranoid people out there that want to encrypt everything, just a waste of resources for the vast vast majority of things.
Some folks would like to think by using SSL they are safer from things like government snooping.. I don't buy that for a second myself.
I am not fond of my ISP (Comcast today, was a local provider before I moved to new city a couple of months ago) knowing a lot of where I go so I tunnel that to a server I have co-located in a data center for a decent chunk of my traffic at least, and I run my own recursive DNS. But once it gets to the data center if it is not encrypted I don't care anymore, my ISP there(Hurricane Electric) doesn't have a vested interest in trying to "monetize" that kind of data.
I suppose more than anything though I am just riding on top of stuff I setup close to 10 years ago, it doesn't seem to be broken (other than theoretical bandwidth limits are much less due to tunnel limits) so have no real reason to fix it.
In the past tunneling to my co-location server actually sped things up I would assume since HE's peering is better. I have about 21ms ping times to my server, even though the routing runs about 800 miles(very inefficient route but I guess that is how the cables are laid, a very direct route in theory would be about 75 miles). The latency is about the same from my previous home where I was about 25 miles from my server.
"it's also about ISPs and other middle-men injecting advertising and other elements into unencrypted HTTP pages."
Also prevents ISPs and other middle men 'outjecting' advertising and other elements. For example Three have trialled network level ad blocking. IMO the main reason why google are so keen on a secure web.
>Some folks would like to think by using SSL they are safer from things like government snooping.. I don't buy that for a second myself.
Indeed. Quite the contrary in this case. This kind offer by a US corporation to do all that complicated encryption stuff for you sounds like a beautifully bespoke NSA wet dream... it's very possibly plugged directly into Ft. Meade... but as Hazzamon points out, there are plenty of other threats out there and having NSA/whoever encrypt your clients' connections for you will certainly help mitigate a great swathe those... and for little or no loss if you're a US outfit or US hosted yourself anyway... as is the case for El Reg for example.
Cloudflare offers a free SSL even on its "free package"
Also Cpanel/WHM has a feature with its latest version 58.0 providing a free SSL using the "Let's Encrypt" project for the SSL with the latest version under the Cpanel package AutoSSL.
Though it's a shame that http spdy is not quite ready to pass PCI compliance this would make https much faster.
This is just another move by CloudFlare to take over the web, cdn by cdn. As you can probably tell, I don't trust them one bit*. How long before they start plundering their customers for the wealth of data on visitors and all the sites they frequent? They probably already have a secret deal with the NSA as it is.
* As a VPN user it's pretty clear just how many sites rely on CloudFlare, and it's not so easy to boycott sites that use it.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
