this post was submitted on 20 Nov 2023
2 points (100.0% liked)

Self-Hosted Main

515 readers
1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

founded 1 year ago
MODERATORS
 

Regardless of whether or not you provide your own SSL certificates, cloudflare still uses their own between their servers and client browsers. So any SSL encrypted traffic is unencrypted at their end before being re-encrypted with your certificate. How can such an entity be trusted?

you are viewing a single comment's thread
view the rest of the comments
[–] TheQuantumPhysicist@alien.top 1 points 11 months ago

The concern isn't that CF is reading your data. It's that 3-letter agencies can read your data at will, since they always make these deals with large companies to have open-hose access to all the data. There was a scandal that Facebook had a special access page for those people.

You might think you're innocent, and you're a good person, so nothing to worry about. This is the old "I have nothing to hide", but this isn't how the world works. People who want to get you can pull strings to get anything they want from government institutions. After all, government is just people. It's not a benevolent being.

Now all this is unlikely, granted. But the task of a good security setup isn't to make it impossible to hack you, but it's to make it hard enough and costly. I'm quite sure there's a zero-day somewhere that can hack my bare-bones Linux servers, but good luck breaking the 10 layers of security I have before even reaching these servers to find something remotely valuable about me. I don't need to make concessions in that regard. You don't have to trust anyone.