2 comments

[ 3.2 ms ] story [ 20.1 ms ] thread
@dang: I feel like the big information here is less the content of the post (which is interesting nonetheless) than that Cloudflare seems to be looking at (and storing for analysis*) the traffic they serve as an intermediate —while users may think they're using an HTTPS secured connection from their end to the website they are visiting and authenticating into—, that's why I editorialized the title to focus on this disturbing meta-information. Feel free to switch it back to the original post title if you think that's not okay.

* Passwords are hashed before being stored. But being able to hash the passwords means they can access it in clear at first.

This has a lot of implications if only because Cloudflare does cooperate with law enforcement as required by most countries, and thus maybe does so in some countries that are not democratic, or on the verge of not being so anymore…

(comment deleted)