> Heck, if the DDoS for hire services protect themselves against DDoS attacks by using CloudFlare then CloudFlare must be damn good!

So they protect their customers from DDoS attacks. All of them. I see nothing bad in this. Saying they shouldn't is like saying a government should put all criminals together in a village and then have them perform criminal activity on each other.

The link to Kreb's is basically the same: people protecting themselves. Should CloudFlare play for judge and ban people that do not violate their terms? Because I'm sure they boot people that perform illegal activities on their network or otherwise harm their network from within, but I can see why they don't proactively take down any website mentioning "we offer DDoS attacks". Like I said before, that person A kills another person doesn't mean that another person may kill person A, at least not within our current laws. Even if it did, is CloudFlare the one who should be calling the shots?

Finally your first link is someone complaining to CloudFlare about LOIC (or related perl scripts launched from VPSes) and cloudflare responds that they see no harmful traffic and that logs or other details should be attached. Merely saying "hey I'm having trouble" has never gotten anyone further in resolving issues. That's why we have logs so that CloudFlare can check their own logs to see what happened. Perfectly reasonable.

So yeah elaboration is necessary. I do not see why CloudFlare is harmful.