Cloudflare Lives In An Interesting Niche On The 'net. When We Talk About The Internet, We Typically Think

Cloudflare lives in an interesting niche on the 'net. When we talk about the internet, we typically think of it as a bunch of "servers" (or "hosts", which "host" websites) and "clients" (like web browsers, which "receive" websites). In this model, a "client" (anyone with an internet connection) connects to a "server" and asks it for a website. The server will then give them that website. But, when we really get down to it, the server is just a computer, much like your laptop/desktop/phone/tablet, but instead of asking for (or "requesting") websites, it's configured to answer those requests.

Now, most people on the internet don't know the intimacies of configuring a computer to answer (or "serve") these request, and so if they want to make a website, they'll pay somebody to run the actual "server"/"host" computer for them. There's a whole industry of "hosting providers" that will give you a computer (or "host") to host your website on. Then, all you have to do is point your domain name at your hosting provider (using a system called DNS, which I've talked about in the past) and everything starts working!

This is not what cloudflare does (ok technically they have recently started doing this a little bit, but 99% of the things they are doing isn't this). Nobody actually uses cloudflare as their hosting provider because it's not really a service they even offer. Cloudflare solves a different problem which I think at this point literally everyone on the internet has heard of: DoS or DDoS attacks.

We've all heard the term thrown around in different contexts, but for our purposes we're going to need to get a little more specific. When a computer is "serving" a website (responding to requests for it), it's like running an application on your computer, let's use a text editor as an example. Answering a request is similar to opening a new document, adding a few words, then closing it. Under normal conditions, this does not break your computer [citation needed]. In fact, your computer can probably handle tens of documents opening and closing at the same time without a hitch. However, if you wrote a program that would open and close document this hundreds or even thousands of times every second, your entire computer would slow to a halt, CPU usage would go to 100%, and it would become totally unusable.

That is what a DoS (denial of service) attack is -- sending far more (phony) requests than the server/host can handle, causing it to no longer be able to answer any requests (legitimate or phony). DDoS is the same idea, but distributed (that's the first "D" in "DDoS"). In that case, the requests are coming from thousands of different client computers so it's much harder to block. The details of how these attacks are actually run isn't super relevant, they'll usually also leverage several very technical tricks to make things even worse and even harder to block but that's besides the point.

It used to be that anyone who could pay for a big enough network of computers could DDoS and successfully take down nearly any site on the internet. Because of this, a new type of service popped up: DDoS protection/mitigation (which is the 99.9% of cloudflares business that I mentioned earlier). There are different ways to do DDoS protection, but the way cloudflare does it is by sticking themselves between the "client" (browser) and "server" (website host). From that position, they're able to scan every request from a client before it reaches the server/host and potentially block it if they determine it to be part of an attack. So, if you're trying to connect to a Cloudflare secured website, instead of directly connecting to the host/server, you will actually be connecting to cloudflare, who will then examine your request and only pass it on to the actual ("origin") server if they deem it to be safe.

This, if you haven't already gathered, is an incredibly valuable and useful service to anyone who wants to run a website. And cloudflare provides it for free. no strings attached. zero dollars. to anyone on the internet. A good metaphor for cloudflare is a home security system, but if those companies just gave out free systems to anyone who asked.

So, now that we all understand what cloudflare is and where they sit in the web ecosystem, I'm going to talk a little about the recent news (the kiwifarms ban) and why it's a much more interesting case than a typical website takedown.

Typically, when trying to get a website taken down, the usual targets are either a) the person who owns and runs the website or b) the web hosting provider that the owner is using. These are obvious targets because they cut the website off instantly and directly. To make an analogy, let's think of a website like a brick and mortar business. The owner of the website is the owner of the business, the hosting provider is the landlord that rents their space to them, and, to bring cloudflare into the picture, cloudflare is their anti-theft system (it could also be the lock on their front door, the alarms when someone smashes a window, etc, it doesn't really matter for the analogy).

If a business is shitty, the only ways to make them shut down would be to target either the owner or the landlord that they rent their physical "platform" from. In this case however, the target was Cloudflare, aka their anti-theft system. This is uncommon mostly because taking down the anti-theft system doesn't actually shut down the business. It just makes it possible for anyone else to break in and destroy things much more easily, which, in the case of kiwifarms, is a large enough group of people that without the anti-theft system, it would likely immediately succumb to attack. I, like most people, would not mind seeing kiwifarms succumbing to these attacks :P

However, what makes this much more interesting is looking at it through the lens of one of the core ideals of the internet: Net Neutrality. "Net Neutrality," in the sense most people are familiar with it, means that an ISP must be "neutral" in how they manage the internet traffic they provide. They're not allowed to treat the traffic differently based on it's source or destination. This means that a company like Hulu couldn't pay your ISP to start throttling all traffic going to Netflix so that Hulu looks better, the ISP is required to be neutral.

This is similar to the posture cloudflare has been trying to build, in that cloudflare have tried to position themselves as a similarly "neutral" operation. They treat all traffic from all of their customers (the websites they protect) the exact same way, similar to how your ISP treats data from all of the websites you visit in the exact same way. If cloudflare kicks a site off its service and forces them to use a different service, it's much like your ISP deciding to start blocking netflix and now instead you can only watch netflix on cellular data (which is usually provided by a different company).

Now, I don't want this to be misconstrued so I'm going to make myself 100% clear: I am so fucking glad kiwifarms is gone. What they did is beyond awful and I want to see them gone through any means possible. I also think that this is a very interesting test of cloudflares posture around neutrality, which is something that has not really been tested before, and I'm curious to see where this goes in the future.

Anyways, hopefully this has revealed a bit more of the nuance around what cloudflare is and why we haven't heard about them banning websites before, despite them serving something like 10% of all internet traffic (that 10% number is from 2016, it's likely much more these days). I just wanted to put together a little explainer because this is a really unprecedented case and I've been watching it with a lot of interest. If you'd like to see cloudflares official positions, those are up on their blog (1, 2) (which, by the way, I would highly recommend, their blog is great, especially for a technical audience).

ok i. love haskell

It makes me so happy when websites have URL structures that are like. actually usable. Very underrated yet essential part of my internet experience.

Also what makes this even better is a Firefox feature that lets you make sane URLs 10 times more powerful: Bookmark keywords. Of course we're all familiar with bookmarks, y'know, save link then click button to get it back. But did you know you can also assign a "keyword" to a bookmark [1]?

That lets you go to the bookmark by typing the "keyword" into the address bar. Which like, ok, yes, it's just clicking on a bookmark but with extra steps, fine, yes, I hear you. BUT there's a magic two character pattern that changed my life: "%s". If you put a "%s" into the URL, that gives you immense power. That means that if you type words after the keyword, they'll get put in the URL in the same place as the "%s".

So, for example, I have a bookmark for "https://tumblr.com/tagged/%s?sort=recent" with the keyword "ttag" so that I can type "ttag spop" and hit enter to go directly to the tag page for She Ra. Or "ttag toh" and go directly to The Owl House. Or, I've got "tb" for "https://tumblr.com/blog/view/%s" (which I guess I'll have to update now) for seeing previews of peoples blogs. The possibilities are endless! Happy navigating :D

1: ((You actually have to make the bookmark then edit it by right clicking it and selecting "edit bookmark" -- you can't do it from the normal bookmark creation menu))

ok so something i think that tumblr did really well is now if you go to tumblr.com/[BLOG URL] it will show a really nice interactive preview of the blog where before it was tumblr.com/blog/view/[BLOG URL] . anyway that’s it i like it

JS has a special place in my heart. It's got some really cool stuff goin on. But it also produces,,, some uhhhhhh,,,,, interesting stuff

I don't want to hear shit about javascript from python developers

I did a little looking into this because I love a good edit war and I found this patently insane event. The "City Hall Riot" in 1992 in which the cops held a literal RIOT in front of City Hall, sponsored by the police union. Here's a contemporaneous New York Times article, but tl;dr the cops smashed cars, attacked journalists, and chanted racist slurs about the (black) mayor. What prompted this? Must've been something terrible like... a mere proposal to create the CCRB (Civilian Complaint Review Board), a body to provide some external oversight into the police department.

So... yeah. fuck cops. NYPD in particular.

Just learned that the NYPD apparently edited their own fucking Wikipedia page to make themselves look better 😀

ACAB 🐷🖕🥰

i'm in the timeout corner for being too angry at the microwave :(((((