Conversation

Notices

1. Embed this notice
   pixelfed (pixelfed@mastodon.social)'s status on Friday, 18-Aug-2023 06:22:28 JST pixelfed

   We need your support!

   We need to grow our donations or consider cutting costs (like sunsetting non-essential services) to remain sustainable.

   Besides Pixelfed, we also run https://fedidb.org, https://fediverse.info and https://activitypub.network

   Donations can be made via:
   Liberapay - https://liberapay.com/pixelfed
   Open Collective - https://opencollective.com/pixelfed
   Patreon - https://patreon.com/dansup

   Spread the word! #pixelfed

   • Embed this notice
     Activist (aktivismoestasmialuo@activism.openworlds.info)'s status on Friday, 18-Aug-2023 16:39:53 JST Activist

     in reply to

     • McSpadden
     • dev_m
     • Océane
     • E. Murphy, the name you know

     @emurphy @oceane @pixelfed @dev_m @mcspadden So when someone logs into #Pixelfed, #Cloudflare sees their username, password & all traffic on that site. CF holds the keys so that’s where the tunnel ends. CF users (e.g. Pixelfed) do not warn users of this. So suppose a user is sloppy & reuses the same pw on many websites. CF sees the pw & from that would even be able to compromise that user on non-CF sites.

   • Embed this notice
     McSpadden (mcspadden@mastodon.social)'s status on Friday, 18-Aug-2023 16:40:03 JST McSpadden

     in reply to

     • Activist
     • dev_m
     • Océane
     • E. Murphy, the name you know

     @emurphy @oceane @pixelfed @aktivismoEstasMiaLuo @dev_m what does CF take? I thought they were privacy oriented? 1.1.1.1 and Apple’s support?

   • Embed this notice
     Activist (aktivismoestasmialuo@activism.openworlds.info)'s status on Friday, 18-Aug-2023 16:40:03 JST Activist

     in reply to

     • McSpadden
     • dev_m
     • Océane
     • E. Murphy, the name you know

     @mcspadden @dev_m @pixelfed @oceane @emurphy #Cloudflare falsely markets itself as privacy-respecting on the basis of hiding the identity of their customers. So say you want to setup a website that peddles Proud Boys bigotry/propaganda. CF will ensure that no one knows who runs that website. That’s the only privacy that CF gives & it comes at the cost of everyone else’s privacy because CF sees all your traffic despite SSL.

   • Embed this notice
     E. Murphy, the name you know (emurphy@c.im)'s status on Friday, 18-Aug-2023 16:40:04 JST E. Murphy, the name you know

     in reply to

     • Activist
     • dev_m
     • Océane

     @oceane @pixelfed @aktivismoEstasMiaLuo @dev_m I don't know enough about CF to have a strong opinion either way on it, but I figure the sites should at least be transparent about "this site uses CF" and letting users make up their mind from there.

   • Embed this notice
     Océane (oceane@peculiar.florist)'s status on Friday, 18-Aug-2023 16:40:13 JST Océane

     in reply to

     • Activist
     • dev_m

     @aktivismoEstasMiaLuo@activism.openworlds.info @dev_m@mastodon.social @pixelfed@mastodon.social You are producing 3 of 4 centralized privacy-abusing #Cloudflare sites that you market as “#Privacy & safety built-in” while claiming to hold decentralization in high-esteem. You conceal from your users the fact that you’ve allowed Cloudflare see the traffic of your users surreptitiously.. and then you ask for donations? The only thing needed here is a bounty to be CF-free.

   • Embed this notice
     Activist (aktivismoestasmialuo@activism.openworlds.info)'s status on Friday, 18-Aug-2023 16:40:19 JST Activist

     in reply to

     @pixelfed You are producing 3 of 4 centralized privacy-abusing #Cloudflare sites that you market as “#Privacy & safety built-in” while claiming to hold decentralization in high-esteem. You conceal from your users the fact that you’ve allowed Cloudflare see the traffic of your users surreptitiously.. and then you ask for donations? The only thing needed here is a bounty to be CF-free.