You realize your computer can have a backdoor put in place by the brand right? Pretty much same deal isn't it?
this post was submitted on 20 Nov 2023
2 points (100.0% liked)
Self-Hosted Main
504 readers
1 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
For Example
- Service: Dropbox - Alternative: Nextcloud
- Service: Google Reader - Alternative: Tiny Tiny RSS
- Service: Blogger - Alternative: WordPress
We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.
Useful Lists
- Awesome-Selfhosted List of Software
- Awesome-Sysadmin List of Software
founded 1 year ago
MODERATORS
Half of the people don't remotely understand the issue. The other half is aware that what's in behind isn't trustworthy anyways if it's "in da cloud" and just went all YOLO-mode.
Beyond what everyone else has said here about it being practically an industry standard now with insane levels of trust, it also foists a lot of the responsibility for security/uptime onto an external company with a good track record. That's great in the eyes of product management and likely the legal department too.
Don’t forget, for selfhosters, the value proposition of free is always pretty strong. I have tiers of data and not everything needs to be super private at all times.
OP, what you're describing is not the "big scary MITM" attack vector. It's how TLS/Reverse proxies work. Whether you are using Cloudflare or hosting your own reverse proxy somewhere with full control, it's still terminating TLS at the endpoint and passing back traffic in the clear to the backend.
Some people like Cloudflare for whatever reasons, and that's okay. I host my own reverse proxy out on a VPS and it works just fine.
You'll find that not all of the seflhosted community is super-focused on privacy as say r/privacy is.
load more comments
(1 replies)
Cloudflare is awesome and undervalued in my opinion. They provide dozens of services and charge extremely reasonable pricing.
Also...shouldn't we talking more about self-hosting rather than privacy and efficiency issues? I think the topic is a moot point - either you feel that Cloudflare is 'trustworthy'...or you don't.
IMHO, it's sorta like using Google's Gmail for business purposes. Read the fine print - they can do whatever they want with your data, despite their privacy statements. Same goes with Cloudflare. You're using *their* services on *their servers.
They have to lookout for themselves and the risks involved.
Yes by default traffic is only encrypted between cloudflare and users, but you can set it to “full (strict)” and have it end to end encrypted
That's not end to end encryption, it's two seprate ssl connections both terminated at cloudflare. One from client to cloudflare, one from cloudflare to your server. Cloudflare is still a MITM inspecting your traffic in that scenario.
They do however let you disable their proxy(WAF) service, acting as pure DNS so clients connect directly to your IP instead of theirs. But they can at any point toggle that back on and intercept your traffic, nothing really stopping them except morals and T&Cs, but that's not exactly bullet proof. T&Cs can be rewritten and corporations with Morals? Right.....
Yes. This means they can see your native encrypted self-signed traffic.
Which does not do much. Unless you expose unsecured content to the internet. Please don't.