wakoinc on Nostr: Reminder: Cloudflare is a man in the middle, and decrypts all traffic and re-encrypts ...
Reminder: Cloudflare is a man in the middle, and decrypts all traffic and re-encrypts it using it’s own certificate.
Sometimes this is ok, for example Nostr events are effectively public, and relays can prevent DDOS. However it’s important to understand that the green certificate saying valid cert and encrypted in browsers does not mean private or 100% secure or true end-to-end without ease dropping.
Their ‘malware detection’ capability is more likely there for dual purpose surveillance. If you mature and roll out systems that mass spy on your population, flipping the switch from passive to active is easy.
If I was the government, I’d pay for a few (secret) contracts.
Sometimes this is ok, for example Nostr events are effectively public, and relays can prevent DDOS. However it’s important to understand that the green certificate saying valid cert and encrypted in browsers does not mean private or 100% secure or true end-to-end without ease dropping.
Their ‘malware detection’ capability is more likely there for dual purpose surveillance. If you mature and roll out systems that mass spy on your population, flipping the switch from passive to active is easy.
If I was the government, I’d pay for a few (secret) contracts.