If we allow a world where everything we see or hear is controlled then we no longer deserve a world with free will.
Cloudflare found itself underfire this month for seemingly allowing officially designated foreign terrorists to use its website protection services. Which, under US law, would be a big no-no. A HuffPo report claimed the US-based biz is being used by the likes of al-Shabab and the Taliban to evade attempts to shutdown their …
Wednesday 19th December 2018 09:18 GMT tiggity
There is too much scope creep in banned organisations, as the article implied its far too easy to squash freedom of speech by defining something as terrorist content / gradually extending what is proscribed speech.
Frankly the security services would be better letting cloudflare do its thing, and if there was *genuine evidence* of "proper" terrorist use then work with cloudflare to try and locate the terrorists - letting known terrorist content stay up can be useful in finding the posters / supporters of that content, sending everything underground just makes tracking the terrorists that much harder.
Wednesday 19th December 2018 09:40 GMT P. Lee
Wednesday 19th December 2018 20:17 GMT sisk
Re: Good article
Worse, HuffPo et al decides it doesn't like stuff and tries to pressure third parties into censoring perfectly legal content.
I've long since figured out that HuffPo "journalists" are all the type of SJWs that define hate speech as "anything I don't agree with". I give them the amount of attention that such a status warrants, which is none at all.
Wednesday 19th December 2018 10:52 GMT Anonymous Coward
Re: Good article
The other point is that if Cloudflare are co-operating with law enforcement agencies, do they in fact make it easier to act against these types of sites?
Given the many levels of potential contacts required to take down a site, and the varying levels of responsiveness involved, I would have imagined Cloudflare would simplify the process of getting content removed and beginning the process of tracing those responsible in an appropriate manner.
Who's the upset party here? Law enforcement, the vigilantes that can no longer take direct action or a HuffPost journalist looking to save the world?
Wednesday 19th December 2018 18:57 GMT Voland's right hand
Re: Good article
Cloudflare's general counsel Doug Kramer admitted to The Register this week that his company's relationship with customers, particularly terror groups that operate behind multiple fronts and aliases, can be difficult to police.
What is so difficult to police about a site which openly advocates murdering people including prominent European politicians while operating from a fixed well defined URL using a fixed well defined name. What is so difficult to police about a site which publishes the details of their wives, children including which school they attend to and calls for the metering out punishment to these family members.
This is the site I have in mind: https://myrotvorets.center/
Served proudly by Cloudflare. As it "serves" OUR means and is a part of OUR information campaigns, we pretend that it is an excellent example of free speech. Nothing wrong with advocating murdering the "enemy", their wives and their children you know.
Most recently it put a bounty on Gerhard Shroeder's head and published his full personal details including details of his family whereabouts. Not linking not because I do not know the page in question, but out of principle (same as I would not link to RT).
Wednesday 19th December 2018 09:50 GMT K
It's impossible for a service provider such as Cloudflare to investigate every domain that uses its service... Also they offer a very easy to find form for reporting abuse:
likewise they are not the only service provider who a reverse-proxy service, so I find individually picking them out is nothing but somebody holding a grudge.
Wednesday 19th December 2018 10:17 GMT mark l 2
Even if Cloudflare were to start to check websites before they were allowed to use its services, it would be trivial for these terrorist groups to upload an innocuous website template while the site was moderated and checked. Then ones the service was activated change it to host terrorism related content.
Cloudflare is not like Facebook or Youtube who host the content so should have some responsibility to take it down, the content is hosted on the clients services and Cloudflare are mealy acting as a proxy to get to it. The servers that the terrorist site is hosted on could even be hosted with US web hosts, as web hosting providers pretty much let you upload whatever you want. Website will often stay up until there is either a report of abuse or the sysadmins spot illegal content while investigating another issue such as excessive resource usage on the server and then suspend the account.
Wednesday 19th December 2018 12:39 GMT Anonymous Coward
Wednesday 19th December 2018 17:21 GMT Sapient Fridge
Cloudflare are also a spam support company
I'm an anti-spammer and have been for over 20 years. I send abuse reports to the source ISP and feed/hosts of advertised web sites (and redirects) for every single spam E-mail I get. This averaged (until recently) about 3 a day, so around 1000 reports a year. I'm mentioned in "Spam Kings" and was active in NANAE for years (obscure reference for anti-spammers).
Most ISPs take down obvious spammer sites rapidly but Cloudflare "mirrored" web sites are always a pain because Cloudflare refuses to act on abuse reports (no matter how much evidence they get) and they hide the IP address of the mirrored host which makes it hard to make the real host aware of the problem.
Fortunately Cloudflare's system isn't infallible and occasionally and, if you ping enough, you sometimes get the original web site IP. The last time this happened the real host ISP (xglobe.com in this case) investigated immediately after I contacted them. Their customer's rogue binary trading "affiliate" was kicked off and the customer donated £1000 to Children in Need as compensation for the amount of effort I had put in (67 abuse reports, one for each spam I received). I can prove all of this on request.
I have no problem with free speech, but I do have a problem with Cloudflare providing bulletproof services to spammers. Spam is illegal and is *not* free speech. I note that Cloudflare rules are not blanket rules as, for example, they (absolutely correctly) ban mirroring child porn, so they obviously have control over what they allow.
You will also note that Cloudflare's abuse report page has no "abuse type" category for spam, even though that is the most use I see of their services:
In my opinion they are a spam support company.
Wednesday 19th December 2018 18:01 GMT cd
Wednesday 19th December 2018 18:14 GMT Anonymous Coward
Re: Cloudflare are also a spam support company
If they embedded the original IP somehow or had a lookup page for same, they would be offering a rather pointless service. Their DDoS protection hides the actual ip of the server so that miscreants can't flood the server with bogus traffic taking it off the internet.
Wednesday 19th December 2018 19:30 GMT Sapient Fridge
Re: Cloudflare are also a spam support company
Most ISPs have AUP (Acceptible Use Policy) agreements with their customers which includes no hate speech, no terrorist glorification, no spamvertised pages, no child porn etc. When abuse reports come in they investigate to see if the complaint is likely to be true, and act if it is.
Yes this is more work, but almost every ISP on the planet manages it so why can't Cloudflare? Instead they do nothing about abuse reports and make it impossible to send reports to the real host.
Thursday 20th December 2018 16:46 GMT ItsMeDammit
Not just me then...
I am pleased to see that I am not the only one who generates spam complaints to Cloudlfare only to have them be ignored. I went through a spell where I was reporting the same half dozen sites over and over as a perverse hobby but gave up in favour of using those same sites as an extraordinarily easy and reliable spam filter rule. I had more luck getting the host of the actual spam email to do something about the problem, but that doesn't even scratch the surface if the target site is still up.
My issue with an overwhelming percentage of said spam it was that it was clearly fraudulent - pyramid schemes and bogus health plans aimed at the elderly, war verterans and so on. After that, almost every single spamvertised site had a malicious payload attached. I appreciate the sort of spam I get is trivial (thankfully I have never been spammed by a terrorist group), there is no way any decent person can claim such scams as being "free speech" yet taking down such sites should be chicken feed for a support guy somewhere. It is my opinion that Cloudflare simply don't care.
Wednesday 19th December 2018 18:46 GMT Spazturtle
Words do not magically make somebody blow themselves up, if they did then all our intelligence analysts who read these sites as part of their job would get up and join the jihad. These terrorists didn't suddenly because threats when they read these sites, they were threats before. You have to already have a significant level of disregard for human life to be susceptible to radicalisation.
Wednesday 19th December 2018 20:15 GMT sisk
Should there be limits on free speech? Absolutely not. If you're limiting it then you can't very well call it "free speech". And let's be perfectly honest here: it is only unpopular speech that needs that protection, so the situations where people mostly want to apply limits are the exact situations where it's so important that we don't. No matter how repulsive the thing being said is as long as it is just speech it should be protected.
Caveat, though. Recruiting terrorists is an action, not speech. As is instructing people to commit violence. That stuff can and should be axed without free speech even coming into it. But having and voicing an unpopular, even repulsive, opinion? That's a slippery slope we'd best just avoid.
Wednesday 19th December 2018 21:10 GMT Anonymous Coward
Under the latest, ever expanding definition of terrorism
Non-violent but disruptive protests are now included, see the Stansted 15.
How long before all "enemies of the government" are also classified as terrorists based on the "subverting the will of the people" argument?
Zero tolerance policing, the Holy Grail of all authoritarian democracies the world over. Thanks to the laws brought in by MPs, senators etc that you voted for. Even voting for the "least worst option" becomes less appealing each passing day and more people realise that "they don't work for you".
Thursday 27th December 2018 03:10 GMT Anonymous Coward
It seems pointless to assume how much regard for life someone who becomes radicalised might or might not have.
All sense and judgement in a potential recruit of what is good versus what is bad is bypassed by praising the absolute worst of depravity as righteous.
To both the psycopath and the simple fool, radicalisation offers a justification for sadism and murder by dressing them both in a fantastic coat of deranged fantasy, offering membership of a supposed elite and life eternal.
Yet for some reason, crazed philosophies for which there is no evidence whatsoever continue to be excused, aided, abetted and further promulgated.
There isn't much going in the way of easy answers to this.......
Tuesday 19th March 2019 23:33 GMT Anonymous Coward
Cloudflare don't care
Cloudflare only care about money and have no interest in dealing with the vile sites they protect.
As was the cast with the Terrorist attack in New Zealand where numerous sites protected by Cloudflare actively promoted the videos and celebrated their distribution.
When this was brought up with Cloudflare their response was "meh we don't care we just provide a safe harbour for terrorist supporting sites so go talk with these people instead"
They are scumbags of the highest order and the sooner people stop paying them money for their services the better.