this post was submitted on 20 Nov 2023
2 points (100.0% liked)

Self-Hosted Main

515 readers
1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

founded 1 year ago
MODERATORS
 

Regardless of whether or not you provide your own SSL certificates, cloudflare still uses their own between their servers and client browsers. So any SSL encrypted traffic is unencrypted at their end before being re-encrypted with your certificate. How can such an entity be trusted?

you are viewing a single comment's thread
view the rest of the comments
[–] amunak@alien.top 1 points 11 months ago (10 children)

Because it's "everyone's MITM" it would make it a perfect spot for state actors to tap into in order to surveil pretty much everything without anyone being able to notice.

Hell, just the server logs (timestamps, IP addresses and exact URLs) would be unbelievably valuable.

I'd be really surprised if someone wasn't taking advantage of that.

Which is to say if you selfhost because you want more control and privacy, you probably want to avoid services like that.

[–] malastare-@alien.top 1 points 11 months ago (2 children)

Hell, just the server logs (timestamps, IP addresses and exact URLs) would be unbelievably valuable.

People say that, but the actual data would be so vast and with so little actual usability, that the dilution of it still results in largely garbage data. Its only when you have a particular focus and have the ability to filter to that focus that the data becomes very valuable.

Even banks and card processors, who have direct, legal, and completely open access to data as critical as where every one of their customers spends money struggle to do more than harvest aggregated usage patterns. The idea that data volumes, at a couple more orders of magnitude and notably more generalized will be easily processed and harvested ends up being pretty silly.

[–] amunak@alien.top 1 points 11 months ago (1 children)

Well yeah, it's not easy. Which is why they limit what they do to the aggregated data or to targeted discovery.

But that's only a small technical hurdle and the speed with which you can analyze the data grows much faster than the volume (especially if you are smart about what data you analyze and how you do it) so it won't last forever.

[–] malastare-@alien.top 1 points 11 months ago

But that's only a small technical hurdle and the speed with which you can analyze the data grows much faster than the volume (especially if you are smart about what data you analyze and how you do it) so it won't last forever.

In 10 years, we've made such slow progress on conquering that "small technical hurdle" that it's hard to take the argument seriously.

Generative AI data ingestion techniques are the first round of technology that come close to being able to target the data volume/complexity we'd see in it, and those ingestion techniques are still:

  • Very expensive
  • Time consuming
  • Produce datastores with largely unusable data for the general purpose

And the techniques that pull data from them don't end up saying more than what you could have gotten from a directed observation. You need to know what you're looking for to get it, or you'd need to code particular ingestion techniques to be able to extract the patterns you wanted to scan for.

So, the end result is still the same: Your concern is over a directed attempt to wiretap you, and if that is your concern, then there are a bunch of other places you need to be concerned with.

Also, if your primary concern is the number of people/agencies that might be trying to wiretap you, then I'd probably agree that Cloudflare is not for you. Maybe some sort of Tor connection via an array of cellular antennae?

load more comments (7 replies)