(Sorry I'm just responding to all this now, 15 hours later)
> Malware and sites advertising so-called "booter" services are different discussions.
There's an important distinction here. You refer to "sites advertising so-called "booter" services." However, with the kind of sites I speak of, "sites providing so-called "booter" services" would be a better description. They aren't just advertising it; enter a valid username and password, enter an IP, click the "attack" button and an attack is launched, all from that single site.
Malware, phishing, and booters have two things in common: they have far-reaching effects (that is, they affect other, unrelated/unwilling people) and they are not in any way good for the target of the effort. Malware is only good for the operator who benefits from the keylogger, showing ads, or whatever; phishing is only good for the operator who benefits from the stolen information; booters are only good for the booter operator (who profits from selling it) and for the user who paid for it to attack a target. Based on that, it's difficult for me to see the difference between the harmfulness of any of these.
In your post, the standard you applied to malware and phishing was "harmfulness" (in your opinion). I agree with that standard, and I think you'll be hard-pressed to find a single person who agrees that any of these three issues are not harmful. So, in your opinion, what makes booters less harmful than malware and phishing sites, which you are willing to take offline?
Censorship is a slippery slope, indeed. But I think it is generally accepted that _some_ basic level of what is effectively censorship, is a necessary evil for the health of the Internet. For example, malware and phishing sites, as you mentioned; spam; DDoS attacks. That's why laws exist in so many jurisdictions to prohibit all of these, and why the AUP of every single reputable ISP in existence prohibits them. This isn't uncharted territory, this isn't something new CloudFlare is just getting into - the industry standard (and legal standard) is to prohibit all of these.
I find it interesting he never responded to this. He was on the site the next day, so he must have seen your comment.
His refusal to remove booter sites from CloudFlare is completely indefensible. Any attempt on his part to suggest otherwise can only be interpreted as evidence of guilt. There is no possible arrangement of words which can make it okay.
> Malware and sites advertising so-called "booter" services are different discussions.
There's an important distinction here. You refer to "sites advertising so-called "booter" services." However, with the kind of sites I speak of, "sites providing so-called "booter" services" would be a better description. They aren't just advertising it; enter a valid username and password, enter an IP, click the "attack" button and an attack is launched, all from that single site.
Malware, phishing, and booters have two things in common: they have far-reaching effects (that is, they affect other, unrelated/unwilling people) and they are not in any way good for the target of the effort. Malware is only good for the operator who benefits from the keylogger, showing ads, or whatever; phishing is only good for the operator who benefits from the stolen information; booters are only good for the booter operator (who profits from selling it) and for the user who paid for it to attack a target. Based on that, it's difficult for me to see the difference between the harmfulness of any of these.
In your post, the standard you applied to malware and phishing was "harmfulness" (in your opinion). I agree with that standard, and I think you'll be hard-pressed to find a single person who agrees that any of these three issues are not harmful. So, in your opinion, what makes booters less harmful than malware and phishing sites, which you are willing to take offline?
Censorship is a slippery slope, indeed. But I think it is generally accepted that _some_ basic level of what is effectively censorship, is a necessary evil for the health of the Internet. For example, malware and phishing sites, as you mentioned; spam; DDoS attacks. That's why laws exist in so many jurisdictions to prohibit all of these, and why the AUP of every single reputable ISP in existence prohibits them. This isn't uncharted territory, this isn't something new CloudFlare is just getting into - the industry standard (and legal standard) is to prohibit all of these.