cross-posted from: https://links.hackliberty.org/post/609883

This BBC interview has a #Cloudflare rep David Bellson who describes CF’s observations on internet traffic. CF tracks for example the popularity of Facebook vs. Tiktok. Neither of those services are Cloudflared, so how is CF tracking this? Apparently they are snooping on traffic that traverses their servers to record what people are talking about. Or is there a more legit way Cloudflare could be monitoring this activity?

  • MotoAsh@lemmy.world
    link
    fedilink
    arrow-up
    9
    ·
    11 months ago

    They run a lot of servers that handle traffic and DNS, as well. If someone looks up FB.com, they almost certainly aren’t just going to stare at the IP address, but go to the site.

    Basically… They’re just reading addresses on the envelopes, not opening them up.

    • soloActivist@links.hackliberty.orgOP
      link
      fedilink
      arrow-up
      4
      ·
      11 months ago

      Sorry I do not know if BBC interviews are transcribed.

      But FWIW it will air again on BBC World Service at 02:32 GMT tomorrow and the next day (which could be useful for those on limited internet connections)

  • BrikoX@lemmy.zip
    link
    fedilink
    English
    arrow-up
    2
    ·
    11 months ago

    They are basically MITM (man-in-the-middle) attack all the traffic that passes through their servers. Most Cloudflare defenders will tell you it’s not technically MITM as the site operators gives them permission to do that, but the end result is the same.

    Even though sites are encrypted, they hold the decryption key, so they can see all traffic in plain text.

    • soloActivist@links.hackliberty.orgOP
      link
      fedilink
      arrow-up
      2
      ·
      11 months ago

      I agree.

      One of the reasons no one gives a shit is there is never news about CF making use of that MitM position. But I know they hire data scientists and what corp can resist the urge to monetize data they have access to? So I think it’s just a matter of time before they get caught abusing the vast amount of valuable data they have visibility on.