I, Asukadomo Type VIII, issue a fatwah on Matthew Prince, CEO of Cloudflare.
He pretends to be part of the infosec scene while he's actually just a lawyer.
He isn't even a real lawyer, just a dropout.
He conveniently invokes either identity when he needs to appeal to one side.
He has single-handedly blocked Tor, VPN, etc from the internet, for 11 years without rest, by making a trendy webshit as a service that blocks Tor by default, requiring each website admin of a Cloudflare-backed website to overcome philosophical and technical hurdles to even realize this is a problem and to fix it by configuring Cloudflare properly.
In the above, he violated the end-to-end networking principle.
For the vast majority of these 11 years he used ReCaptcha, the most broken piece of shit captcha on earth (which blocks Tor over 50% of the time). It could only be solved by all kinds of tricks like disabling JS which itself raises more red flags on the website that acts like a paranoid retard. If you are blocked by a Cloudflare-backed website, say "somewebsite.com", you have to fill out a ReCaptcha (and then a second one to access "cdn.somewebsite.com"). Each of these steps takes multiple minutes. If you're doing some research it will take hours just to do what took 10 minutes before Cloudflare was invented.
Due to the above, many billions of man hours were wasted browsing websites over Tor, VPN, offices, universities, cafes, etc, due to his broken dipshit idea of blocking "hackers" by IP and making them solve a captcha.
In the above, he violated the purpose of a captcha: to throttle bot comment posts (and similar use cases). There is no other purpose for a captcha, and none would be acceptable. "Thing that stops my site from being rooted" is not a valid use case for a captcha. If you just put a captcha somewhere and only justify it by your opinion, you deserve DEATH. A captcha is not something that can be taken lightly, in network protocol design. He was given high levels of authority, and abused it.
He has single-handedly fabricated a new concept where a website just gives you a captcha because you might be trying to hack it according to some heuristic which almost always gives false positives. Let me state this again: websites did not require a captcha for viewing content before Cloudflare. Not one single website. Dumbass kids getting into webdev now think a captcha gate on the front page is a thing, thanks to Matthew Prince. If you put a capt
Post too long. Click here to view the full text.