undefined | Better HN

0 pointsdns_snek2y ago0 comments

You're being needlessly pedantic. It might not be an attack in the usual sense, but it's a MITM "access point" and agencies like CIA/NSA/FBI would definitely have that kind of access. This access transforms Cloudflare's role into a de facto MITM "attack" on their customers and end users who didn't intend to share unencrypted data with 3-letter agencies.

0 comments

powersnail2y ago

I don’t think I’m being pedantic. In practical, the parent comment’s description is not that of MITM attack, but how a proxy works. Proxy is everywhere, useful, and voluntary.

I just don’t understand how a voluntary use of proxy can be called MITM attack.

I’m not saying I like the fact that CF is part of so much of the Internet, or that CF isn’t on some level a security risk. But that has nothing to do with being an MITM attack.

j / k navigate · click thread line to collapse

0 pointsdns_snek2y ago0 comments

0 comments

powersnail2y ago

I don’t think I’m being pedantic. In practical, the parent comment’s description is not that of MITM attack, but how a proxy works. Proxy is everywhere, useful, and voluntary.

I just don’t understand how a voluntary use of proxy can be called MITM attack.

I’m not saying I like the fact that CF is part of so much of the Internet, or that CF isn’t on some level a security risk. But that has nothing to do with being an MITM attack.

j / k navigate · click thread line to collapse