CloudFlare, who is owned by the same folks at Project Honey Pot, acts like a CDN plus security suite for websites.
CloudFlare protects and accelerates any website online. Once your website is a part of the CloudFlare community, its web traffic is routed through our intelligent global network. We automatically optimize the delivery of your web pages so your visitors get the fastest page load times and best performance. We also block threats and limit abusive bots and crawlers from wasting your bandwidth and server resources. The result: CloudFlare-powered websites see a significant improvement in performance and a decrease in spam and other attacks.
Actually, it is a very good service. I was an early beta tester and was quit impressed with the service. Back then, their attitude was “Don’t just track online bad guys, stop them“. But once the beta testing was over and they went live, that attitude took a drastic turn…. for the worse! Now they are tickled pink to provide a “Safe Haven” for the bad guys. And just how bad are these “bad guys”? Try lulzsecurity.com, a known hackers site! And what does CloudFlare have to say about that?
Soon after LulzSec rose in prominence, several other groups launched significant DDoS attacks to knock them offline. CloudFlare mitigated those attacks.
Given the choice, I may not have picked Public Enemy Number One as the poster child for CloudFlare’s service. It does, however, remind me of the old Range Rover commercial talking about the great London bank heist. “The robbers thought of everything,” the commercial concluded. “That’s why, for their getaway vehicle, they chose a Range Rover.”
Matthew Prince has found that providing a safe haven to the bad guys is where the money is at. Because of the publicity of the LulzSec incident, they managed to raise 20 Million dollars in funding. Which came from New Enterprise Associates, Venrock and Pelion Venture Partners.
The other interesting thing is, many of the domains using CF are also running xrumer, senuke and other spamming software from the same domains. Which means, while your website is being spammed to hell and back, CF is is providing a comfy security blanket for them. Now that folks, is one hell of a Business Plan!
Below is a growing list of known spammers/hackers websites that are using CloudFlare.
Note: will be adding more shortly. Still sorting through the thousands of spammers domains.
lulzsecurity.com — Hackers
may.ns.cloudflare.com
rob.ns.cloudflare.com
senukedeal.com — Spammers
hugh.ns.cloudflare.com
amy.ns.cloudflare.com
xrchat.info — Spammers
jake.ns.cloudflare.com
eva.ns.cloudflare.com
encyclopediadramatica.ch — Hackers
jeff.ns.cloudflare.com
yo-musik.info — Spammers
ed.ns.cloudflare.com
kara.ns.cloudflare.com
CloudFlare becomes more irresponsible with each passing day, so I started a new site about them. Background on why I did this is available from a 2012-07-08 post at http://cryptome.org/2012/07/cloudflare-watch.htm
I noted with interest in a June 10th Wall Street Journal technology article a comment by CloudFlare’s CEO, Matthew Prince: ““When someone signs up with us they provide an email address and an IP address, and we know where their content is hosted,” Prince said. “But my hunch is that we have less information about where and who these people are than their actual hosting provider.”
IP address 85.10.206.54, which is owned by Hetzner Online AG in Germany, and which CloudFlare has on file for Encyclopedia Dramatica, does not appear to be where the content is actually hosted.
In fact, in an email from ED dated 8/22/11, “there are still 3 stops in between us and them (Hetzner).” Hetzner as well confirms ED’s content is not hosted with them.
CloudFlare’s Terms of Use clearly states that customers may not “forge headers or otherwise manipulate identifiers in order to disguise the origin of any content transmitted through the Service;” – Section 11, Subsection 4.
It seems in this particular instance, CloudFlare does not have the correct origin IP on file for ED’s content. IP 85.10.206.54 is not the origin.
CloudFlare’s services are being used by ED to disguise the origin of offensive content in order to frustrate the legal process and avoid responsibility for offending material.
CloudFlare is NOT a hosting provider & there’s nothing we could do that would pull the sites from the internet. If you want to make a valid complaint against any sites using our service, we’re more than happy to release the IP address of the server so you can contact the hosting provider and/or appropriate authorities.
Our position on the internet is clearly outlined here: http:// blog.cloudflare. com/ 58611873
Cut the canned response crap!
NOWHERE does it say CloudFlare is hosting websites. CF is PROTECTING the scum of the internet.
Look at it this way,
Lets say a thief hired a bodyguard to protect him while he steels everything in your house, rapes your wife and murders your kids.
That is exactly what CloudFlare is doing. And then, you have the audacity to troll around the net replying to every negative post saying “We’re only the bodyguard! We don’t care what they do.”
The ethics of the CF owners and investors are right on par with a Pedophile.
Damon, can you even read King’s English? No one accused you of hosting them, or asked you to pull their sites from the internet.
We already know your defense, you copy and paste it everywhere your company’s hypocrisy is confronted.
Damon, read my keyboard:
Deny them CloudFlare’s reverse proxy service!
Deny them CloudFlare’s reverse proxy service!
Deny them CloudFlare’s reverse proxy service!
Deny them CloudFlare’s reverse proxy service!
Deny them CloudFlare’s reverse proxy service!
Deny them CloudFlare’s reverse proxy service!
Deny them CloudFlare’s reverse proxy service!
Is it starting to become clear to you now?
It seems a shame that such early lofty goals of protecting the International web community from spam and hacking activities were cast aside in the name of corporate profit.
Aiding and abetting criminal activities leaves such an organization looking no better than it’s clients. I see it akin to driving the getaway car in a bank heist.
A simple denial of service to such clients would go a long way toward salvaging CloudFlare’s professional reputation.
Encyclopedia Dramatica also uses CloudFlare. This is the rogue encyclopediadramatica.ch, started last April by Ryan Cleary. He was arrested on June 21 by Scotland Yard for DDoS activities. Now the site is run by Garrett E. Moore, a friend of Cleary’s who shares his Anonymous and Anonops connections.
People targeted by ED.ch are defamed and abused in the name of “lulz,” which is defined as “laughter at the expense of others.” The site has about 9,000 articles stolen from the original EncyclopediaDramatica.com, which after six years online had the good taste to shut down and transform itself into Ohinternet.com. The ED.ch domain was registered by Sven Slootweg in The Netherlands. He also owns the pro-Anonymous news site, anonnews.org.
CloudFlare reported on July 22 that the feed from ED.ch is coming from 85.10.206.54 in Germany. However, additional evidence suggests that this is merely a pass-through dedicated server, and the content is hosted elsewhere. Garrett E. Moore is in Michigan and the other major sysop, Brian R. Zaiger, is in Massachusetts. The feed has changed twice since Ryan Cleary was arrested.
ED.ch handles most abuse complaints by insulting those who complain, and then they point out that their content is hosted offshore. Therefore, they add with a smirk, U.S. laws are irrelevant.
Without CloudFlare’s caching, bandwidth expenses would be prohibitive and ED.ch would fade away. While CloudFlare claims to have an Acceptable Use Policy, as far as I know they ignore it entirely. Only legitimate DMCA complaints will cause them to reveal the direct-feed IP address of a particular domain.
This response is much too narrow. It may solve a technical legal problem, but a gaping problem involving social responsibility remains for CloudFlare. A massive amount of abuse goes through CloudFlare that has nothing to do with copyright issues.
Apparently that’s fine with CloudFlare. They like the publicity, which translates into big money from venture capitalists.