Hacker News new | past | comments | ask | show | jobs | submit login

Cloudflare's major business is hosting paid DDoS providers "booters" [1] . Scary to delegate such powers to a person who "literally, I woke up in a bad mood and decided someone shouldn’t be allowed on the Internet"

1. https://mailman.nanog.org/pipermail/nanog/2016-July/087295.h...




Cloudflare has also been crucial to malware vendors who are pushing out their exploit kits. When I worked at Malwarebytes we had the worst possible time working with the Cloudflare abuse team to take down active exploit kits.

They continuously hid behind "free speech" to justify hosting this stuff, even though we not talking about speech but literal malware exploit kits. Cloudflare is one of those companies that is actively making the world a worse place to live in.


I think that calling every decision unilaterally the same no matter the variables involved is pretty rash. Lots of discussions on HN devolve into this way of thinking and I really can't stand it.

An entity that puts child porn on the Internet isn't protected by freedom of speech. Soliciting hate, violence and prejudice is obviously not identical but it's a lot different from just having a different opinion than someone else.

Shitty people should be treated shitty by companies. I don't really see a democratic way of banning folks like this from Cloudflare besides Cloudflare deciding to do so.


>Cloudflare's major business is hosting paid DDoS providers "booters"

No it isn't, this is complete nonsense. There's not very many booters and besides a few exceptions they don't have paid CF plans.


"paid" as in you have to pay per DDoS to the booter. CF business is not in getting money directly from the booters, but in acquiring many paid CF subscriptions from the sites that the booters can attack. Some of these booters can generate 100+Gbps UDP attacks.


>acquiring many paid CF subscriptions from the sites that the booters can attack

Still doesn't make sense. CF alone doesn't effectively defend against DDoS attacks without somewhat complicated setup, CF is completely worthless when your backend is getting attacked.

I think you're seriously overestimating the amount of people pushed to use CF because of these booters.

Besides, do you feel that the situation would be any different if the booters weren't allowed on CF? CF is by no means important to their operations.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: