mirror of
https://codeberg.org/crimeflare/cloudflare-tor
synced 2024-11-07 09:52:40 +00:00
Merge branch 'master' of 2019.Nov/cloudflare-tor into master
This commit is contained in:
commit
24de68e364
16
PEOPLE.md
16
PEOPLE.md
@ -366,6 +366,16 @@ Table of contents
|
||||
> Too many to list here. It is IMPOSSIBLE to list them all! [See for yourself](https://twitter.com/search?q=Cloudflare).
|
||||
|
||||
|
||||
"Do you know if this info is on any other sites? Sadly patreon has been taken in on the foolishness that is CloudFlare & blocks tor nodes." by @[DeborahPeasley](https://twitter.com/DeborahPeasley/status/1196465140243320832)
|
||||
|
||||
"hey, I'm using a VPN exiting in the DigitalOcean network. Cannot access this site." by @[AliveDevil95](https://twitter.com/AliveDevil95/status/1196409774323224576)
|
||||
|
||||
"umm this cloudflare anti DOS shit blocked me from your site. LOL i know shit all about DDOSing or anything, the closest thing to that for me is going on Tor " by @[Undyingtmlg](https://twitter.com/Undyingtmlg/status/1196811999029743621)
|
||||
|
||||
"Meta: Access Denied You don't have permission to access forums.tesla.com on this server. heh cloudflare" by @[charlieXwallace](https://twitter.com/charlieXwallace/status/1196875795794288640)
|
||||
|
||||
"Someone kept getting their Cloudflare puzzle wrong and said enough is enough." by @[D_Downs](https://twitter.com/D_Downs/status/1146073021163040768)
|
||||
|
||||
"I fail to see how Cloudflare would be any improvement for me, even without DoT." by @[jornbaer](https://twitter.com/jornbaer/status/1184895606373961734)
|
||||
|
||||
"don't send my traffic via Cloudflare, where the NSA can definitly read it." by @[jornbaer](https://twitter.com/jornbaer/status/1184896773086744576)
|
||||
@ -424,6 +434,12 @@ Table of contents
|
||||
|
||||
"Don't install Cloudflare's WARP "VPN". This is NOT A VPN by their own admission, and is a privacy MINEFIELD. This is a jaw dropping TOS, and I'm only a few paragraphs in." by @[notdan](https://twitter.com/notdan/status/1178339685795598336)
|
||||
|
||||
"Did you know a foreign-owned cloud provider has access to online votes on their way to the digital ballot box? When electors in Canada’s Northwest Territories vote online, their ballots pass through Cloudflare servers and are briefly decrypted while in transit." by @[aleksessex](https://twitter.com/aleksessex/status/1176543023636897792)
|
||||
|
||||
"As a protection against denial-of-service attacks you can pay cloud providers to act as a kind of friendly man-in-the-middle. But protection comes in exchange for a high degree of trust: they need access to application-layer data to do things like inject fingerprinting JavaScript" by @[aleksessex](https://twitter.com/aleksessex/status/1176543026853941248)
|
||||
|
||||
"That means they have privileged access to see and change your vote. The legitimacy of the election relies on the assumption they won’t. They say the won’t, and so far we’ve seen nothing to contradict that. But how would you find out if they did? How do you know your counted?" by @[aleksessex](https://twitter.com/aleksessex/status/1176543027936018435)
|
||||
|
||||
"Consumers simply do not stand a chance in hell these days understanding the technology surrounding them." by @[notdan](https://twitter.com/notdan/status/1178384818352066563)
|
||||
|
||||
"can’t checkout online, tried cards from three different banks and always get a cloudflare error after card verification. Any idea?" by @[rossburton](https://twitter.com/rossburton/status/1192808969250717696)
|
||||
|
@ -8,7 +8,7 @@
|
||||
Table of contents
|
||||
|
||||
- [No Cloudflare](README.md#no-cloudflare)
|
||||
- [Next: Cloudflare Ethics](README.md#next-cloudflare-ethics)
|
||||
- [Next: Cloudflare Ethics](README.md#next-cloudflare-ethics-readme-ethics-md)
|
||||
- [Data & More Information](README.md#data-more-information)
|
||||
- [What can you do?](README.md#what-can-you-do)
|
||||
|
||||
@ -177,7 +177,8 @@ This repository is a list of websites that are behind "_The Great Cloudwall_", a
|
||||
|
||||
|
||||
**More Information**
|
||||
* [Short version of README](README_short.md)
|
||||
* [Short version of README](README_short.md) `DRAFT`
|
||||
* [Myth Catalog](myth_catalog.md) `DRAFT`
|
||||
* [Padlock icon indicates a secure SSL connection established w MITM-ed](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831835) by Anonymous
|
||||
* [Block Global Active Adversary Cloudflare](https://trac.torproject.org/projects/tor/ticket/24351) by nym-zone
|
||||
* [Problem with Cloudflare](https://github.com/privacytoolsIO/privacytools.io/issues/374#issuecomment-460077544) by libBletchley
|
||||
|
@ -87,42 +87,53 @@ What will you do if your site goes down _suddenly_? There are reports that Cloud
|
||||
|
||||
### Browser vendor discrimination
|
||||
|
||||
CloudFlare gives preferential treatment to those using Firefox while
|
||||
giving hostile treatment to users of non-Mozilla-based browsers over
|
||||
Tor. Tor users of who (rightfully) refuse to execute non-free
|
||||
javascript also receive hostile treatment. This access inequality is
|
||||
a network neutrality abuse and an abuse of power.
|
||||
CloudFlare gives preferential treatment to those using Firefox while giving hostile treatment to users of non-Tor-Browser over Tor.
|
||||
Tor users of who rightfully refuse to execute non-free javascript also receive hostile treatment.
|
||||
This access inequality is a network neutrality abuse and an abuse of power.
|
||||
|
||||
| ***browser*** | ***access treatment*** |
|
||||
![](image/browserdiff.jpg)
|
||||
|
||||
- Left: `[Tor Browser] Javascript Disabled, Cookie Enabled`
|
||||
- Right: `[Chrome] Javascript Enabled, Cookie Disabled`
|
||||
|
||||
| ***Browser*** | ***Access treatment*** |
|
||||
| --- | --- |
|
||||
| Firefox (with non-free javascript enabled; incl. Tor Browser) | access permitted |
|
||||
| Chromium (with non-free javascript enabled) | access degraded (pushes Google reCAPTCHA) |
|
||||
| Chromium or Firefox (with non-free javascript disabled) | access denied (pushes *broken* Google reCAPTCHA) |
|
||||
| Tor Browser (Javascript enabled) | access permitted |
|
||||
| Firefox (Javascript enabled) | access degraded |
|
||||
| Chromium (Javascript enabled) | access degraded (pushes Google reCAPTCHA) |
|
||||
| Chromium or Firefox (Javascript disabled) | access denied (pushes *broken* Google reCAPTCHA) |
|
||||
| Chromium or Firefox (Cookie disabled) | access denied |
|
||||
| lynx | access denied |
|
||||
| w3m | access denied |
|
||||
| wget | access denied |
|
||||
|
||||
|
||||
"_Why not use Audio button to solve easy challenge?_"
|
||||
|
||||
Yes, there is an audio button, but it _always_ [doesn't work over Tor](https://trac.torproject.org/projects/tor/ticket/23840). You will get this message when you click it:
|
||||
|
||||
```
|
||||
Try again later
|
||||
Your computer or network may be sending automated queries.
|
||||
To protect our users, we can't process your request right now.
|
||||
For more details visit our help page
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
### Voter suppression
|
||||
|
||||
Voters in US states register to vote ultimately through the state
|
||||
secretary's website in the state of their residence.
|
||||
Republican-controlled state secretary offices engage in voter
|
||||
suppression by proxying the state secretary's website through
|
||||
CloudFlare. CloudFlare's hostile treatment of Tor users, its MitM
|
||||
position as a centralized global point of surveillance, and its
|
||||
detrimental role overall makes prospective voters reluctant to
|
||||
register. Liberals in particular tend to embrace privacy. Voter
|
||||
registration forms collect sensitive information about a voter's
|
||||
political leaning, personal physical address, social security number,
|
||||
and date of birth. Most states only make a subset of that information
|
||||
publicly available, but CloudFlare sees ***all*** that information
|
||||
when someone registers to vote.
|
||||
Voters in US states register to vote ultimately through the state secretary's website in the state of their residence.
|
||||
Republican-controlled state secretary offices engage in voter suppression by proxying the state secretary's website through Cloudflare.
|
||||
Cloudflare's hostile treatment of Tor users, its MITM position as a centralized global point of surveillance, and its detrimental role overall
|
||||
makes prospective voters reluctant to register. Liberals in particular tend to embrace privacy. Voter registration forms collect sensitive information about a voter's political leaning, personal physical address, social security number, and date of birth.
|
||||
Most states only make a subset of that information publicly available, but Cloudflare sees ***all*** that information when someone registers to vote.
|
||||
|
||||
Note that paper registration does not circumvent CloudFlare because
|
||||
the secretary of state data entry staff workers will likely use the
|
||||
CloudFlare website to enter the data.
|
||||
Note that paper registration does not circumvent Cloudflare because the secretary of state data entry staff workers will likely use the
|
||||
Cloudflare website to enter the data.
|
||||
|
||||
![](image/cfvotm_01.jpg)
|
||||
![](image/cfvotm_02.jpg)
|
||||
|
||||
---
|
||||
|
||||
|
BIN
image/browserdiff.jpg
Normal file
BIN
image/browserdiff.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 58 KiB |
BIN
image/cfvotm_01.jpg
Normal file
BIN
image/cfvotm_01.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 116 KiB |
BIN
image/cfvotm_02.jpg
Normal file
BIN
image/cfvotm_02.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 273 KiB |
BIN
image/imnotarobot.gif
Normal file
BIN
image/imnotarobot.gif
Normal file
Binary file not shown.
After Width: | Height: | Size: 58 KiB |
@ -1,9 +1,21 @@
|
||||
# Instructions
|
||||
--------------
|
||||
# List Instructions
|
||||
|
||||
![](image/imnotarobot.gif)
|
||||
|
||||
---
|
||||
|
||||
Table of contents
|
||||
|
||||
- [Website is using Cloudflare](instructions.md#website-is-using-cloudflare)
|
||||
- [Website is NOT using Cloudflare](instructions.md#website-is-not-using-cloudflare)
|
||||
- [How to setup git](instructions.md#how-to-setup-git)
|
||||
- [About Cloudflare base domain list](instructions.md#about-cloudflare-base-domain-list)
|
||||
|
||||
---
|
||||
|
||||
## Website is using Cloudflare
|
||||
|
||||
**Cloudflare users** | [**List Directory**](cloudflare_users/)
|
||||
- **Cloudflare users** | [**List Directory**](cloudflare_users/)
|
||||
|
||||
| List name | Description |
|
||||
| -------- | -------- |
|
||||
@ -12,7 +24,7 @@
|
||||
| cloudflare_supporter.txt | who is using Cloudflare or endorsing Cloudflare. (URL only) |
|
||||
|
||||
|
||||
**Cloudflare Corporation** | [**List Directory**](cloudflare_inc/)
|
||||
- **Cloudflare Corporation** | [**List Directory**](cloudflare_inc/)
|
||||
|
||||
| List name | Description |
|
||||
| -------- | -------- |
|
||||
@ -26,7 +38,7 @@
|
||||
| cloudflare_members.txt | Cloudflare employer & employee |
|
||||
|
||||
|
||||
1) How to detect Cloudflare
|
||||
**1) How to detect Cloudflare**
|
||||
|
||||
There are many ways to detect it:
|
||||
|
||||
@ -51,9 +63,9 @@ Route 104.18.224.0/20
|
||||
```
|
||||
|
||||
|
||||
2) How to add your data (A or B)
|
||||
**2) How to add your data (A or B)**
|
||||
|
||||
Type A: Push to Codeberg.org
|
||||
- Type A: Push to Codeberg.org
|
||||
|
||||
1. Log in to *Codeberg.org*.
|
||||
2. Click "*Fork*" button. (top-left corner)
|
||||
@ -61,7 +73,10 @@ Type A: Push to Codeberg.org
|
||||
4. Click *Double-arrow* button to create a *new pull request*.
|
||||
|
||||
|
||||
Type B: Just scan the FQDN on "[Is MITM?](https://searxes.eu.org/collab/sxes/tool_ismitm.php)" webpage.
|
||||
- Type B: Just scan the FQDN
|
||||
|
||||
1. Scan FQDN on "[Is MITM?](https://searxes.eu.org/collab/sxes/tool_ismitm.php)" webpage.
|
||||
2. It will be pushed to Codeberg automatically within a week.
|
||||
|
||||
|
||||
```
|
||||
@ -79,14 +94,14 @@ IMPORTANT: Please add only "Base Domain"
|
||||
... to /split/cloudflare_e.txt
|
||||
```
|
||||
|
||||
3) If the website *no longer using Cloudflare*, *remove* it from /split/ list and *add* to "[ex_cloudflare_users.txt](cloudflare_users/ex_cloudflare_users.txt)".
|
||||
|
||||
**3) If the website no longer using Cloudflare**,
|
||||
*remove* it from /split/ list and *add* to "[ex_cloudflare_users.txt](cloudflare_users/ex_cloudflare_users.txt)".
|
||||
|
||||
--------------
|
||||
|
||||
## Website is NOT using Cloudflare (& blocking you)
|
||||
## Website is NOT using Cloudflare
|
||||
|
||||
**Anti-Tor users** (formerly "*TorBlocker Hall of Shame Part I*") | [**List Directory**](not_cloudflare/)
|
||||
- **Anti-Tor users** (formerly "*TorBlocker Hall of Shame Part I*") | [**List Directory**](not_cloudflare/)
|
||||
|
||||
| List name | Description |
|
||||
| -------- | -------- |
|
||||
@ -134,7 +149,7 @@ This is a collection of websites that ban Tor exits, other than through Cloudfla
|
||||
|
||||
---
|
||||
|
||||
# How to setup git
|
||||
## How to setup git
|
||||
|
||||
This procedure will give you a cloudflare-tor fork with a
|
||||
privacy-respecting configuration to do pushes with SSH over Tor using
|
||||
@ -197,8 +212,9 @@ to codeberg are automatically over Tor with this configuration
|
||||
(because the `url` in `.git/config` references the virtual host
|
||||
`codeberg-snowden` in `~/.ssh/config`).
|
||||
|
||||
---
|
||||
|
||||
# About Cloudflare `base domain` list
|
||||
## About Cloudflare `base domain` list
|
||||
|
||||
Our mission is clear - `stay away from Cloudflare`.
|
||||
|
||||
|
@ -8,9 +8,20 @@
|
||||
|
||||
![](image/whoismp.jpg)
|
||||
|
||||
------------
|
||||
---
|
||||
|
||||
###### Website consumer
|
||||
Table of contents
|
||||
|
||||
- [Website consumer](what-to-do.md#website-consumer)
|
||||
- [Website owner / Web developer](what-to-do.md#website-owner-web-developer)
|
||||
- [Software user](what-to-do.md#software-user)
|
||||
- [“Mozilla Firefox” user](what-to-do.md#mozilla-firefox-user)
|
||||
- [Action](what-to-do.md#action)
|
||||
|
||||
---
|
||||
|
||||
|
||||
## Website consumer
|
||||
|
||||
- If the website you like is using Cloudflare, tell them not to use Cloudflare.
|
||||
|
||||
@ -85,7 +96,7 @@ If Cloudflare leak your information or won't let you to connect to our servers,
|
||||
|
||||
------------
|
||||
|
||||
###### Website owner / Web developer
|
||||
## Website owner / Web developer
|
||||
|
||||
![](image/word_cloudflarefree.jpg)
|
||||
|
||||
@ -201,7 +212,7 @@ die();
|
||||
|
||||
------------
|
||||
|
||||
###### Software user
|
||||
## Software user
|
||||
|
||||
- If you use Debian GNU/Linux, or any derivative, subscribe to [bug #831835](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831835). And if you can, help verify the patch, and help the maintainer come to the right conclusion on whether it should be accepted.
|
||||
|
||||
@ -263,7 +274,7 @@ Therefore we recommend above table only. Nothing else.
|
||||
|
||||
------------
|
||||
|
||||
###### "Mozilla Firefox" user
|
||||
## "Mozilla Firefox" user
|
||||
|
||||
- Don't use Firefox Nightly. It will send debug-level information to Mozilla servers without opt-out method. Mozilla servers are [behing Cloudflare](https://www.digwebinterface.com/?hostnames=www.mozilla.org%0D%0Amozilla.cloudflare-dns.com&type=&ns=resolver&useresolver=8.8.4.4&nameservers=).
|
||||
|
||||
@ -300,11 +311,10 @@ Therefore we recommend above table only. Nothing else.
|
||||
> 3. Restart Tor.
|
||||
> 4. Set your computer's DNS server to "127.0.0.1".
|
||||
|
||||
- Tell us if you see [this functionality](https://ungleich.ch/en-us/cms/blog/2018/08/04/mozillas-new-dns-resolution-is-dangerous/) start to creep up beyond Firefox Nightly into more stable versions of Firefox.
|
||||
|
||||
------------
|
||||
|
||||
###### Action
|
||||
## Action
|
||||
|
||||
- Tell others around you about the dangers of Cloudflare. But don't talk with NSA employee; you'll be _definitely_ marked... just kidding!
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user