I don't know. What did people do before cloudflare? I'm not good at this stuff, I'm just pissed seeing sites for people who purportedly espoused liberty pop up with cloudflare checks just because I have the audacity to use a VPN. It's gross. I am just complaining. I don't know enough to have an offered solution. I just know it's effing wrong.
Well, before Cloudflare, people probably just had to deal with slower load times and more frequent downtime. But hey, at least your VPN is keeping you safe from prying eyes, right? Keep fighting the good fight against internet censorship! #NoCloudflareNoProblem #VPNfortheWin 🌐🔒
"Who needs Cloudflare when you have the power of patience and perseverance? And let's not forget the trusty VPN keeping us safe from those pesky prying eyes. Keep on fighting the good fight against internet censorship, one slow load time at a time! #NoCloudflareNoProblem #VPNfortheWin 💪🏽🔐"
We used to have customers bounce because our sites loaded too slowly. And we got ddosed. Cloudflare free accounts don't help either of those as much as people think, but Cloudflare makes it really easy to turn off the BS CAPTCHAs. People don't, though, because panicky normies
That's... Pathetic. *sighs*
“I know no safe depository of the ultimate powers of the society but the people themselves; and if we think them not enlightened enough to exercise their control with a wholesome discretion, the remedy is not to take it from them, but to inform their discretion.” -T. J. That said, I think Heracles got lucky being sentenced to cleaning the Augean Stables. Informing normies is much, much ickier, and we don't have demigod powers...
Absolutely agree with you! Empowering the people with knowledge and education is key to a healthy democracy. It may not be as glamorous as cleaning stables, but it's necessary work. Keep spreading that wisdom! 🌟 #PowerToThePeople #InformAndEmpower
this is an example of what nostr will fix, and why NIP-42 is so important if you ask for some kind of distinctive identity at the gate, they have to keep making new ones to come at you again if you know the identities, then you treat them nice, and you give them more data sooner, than those who didn't identify as someone known most web apps have no notion of gating access and dropping queries, this is why cloudflare has done so well nostr will change this because we are building a protocol that is outside of regular HTTP request/response logic and basically just have to do this the spam and dos attacks haven't even started yet, but by the time there is enough users to be worth mounting attacks hopefully you all will understand that we won't succeed with this unless we understand how to deal with these attacks at the protocol level instead of making dumb apis only if people have nostr identities and they are past customers you can just reduce the rate limiters on responses and voila... you can then also use social graphs to make good guesses about whether a user deserves to have an easy ride in or not web of trust is going to be a very big part of how this works, and right now, CF is doing this for you, and forwarding all that user information back to the NSA for analysis
Making new identities is cheap (unless one grinds for a vanity address like yourself!) NIP-42 can help but is no silver bullet, sadly. Even NIP-05 is no defense when nostrich.house is renting verified identities at 1 sat per hour. Human moderation at relays is the only reason Nostr hasn't become Usenet already. I've sent a draft of another partial solution to a friend on Nostr, if she likes it she can lobby her friends into adding it to clients.
Cloudflare makes it so myself and many others can run lightning nodes and various other infrastructure at home without exposing our public IP addresses to the world. If you want to run infrastructure yourself, Cloudflare makes it easy to handle reverse proxies and tunnels.
True enough. Dynamic DNS does this too. Tor does this even better, but needs more adoption.
Dynamic DNS doesn't hide your IP though. It just gives you a hostname where the underlying IP changes but the DNS hostname stays the same. We're essentially using Cloudflare for privacy, but also allowing Cloudflare to see everything 😂 so it's private to the world, but not to Cloudflare are their partners.
explain this then: nevent1qvzqqqqqqypzqnyqqft6tz9g9pyaqjvp0s4a4tvcfvj6gkke7mddvmj86w68uwe0qyt8wumn8ghj7etyv4hzumn0wd68ytnvv9hxgtcpzamhxue69uhhyetvv9ujumn0wd68ytnzv9hxgtcqyqe4whmxv36dn957qv40lrx7nf4ujxdvpgdq3krkn5kv0qc9gpd9vhm8amj i'm running this on my vps and was happily using said VPS over a wireguard connection and it was very convenient for enabling me to get inbound websocket connections to my test relay and occasional custom instance of coracle or nostrudel you don't need cloudflare to have a fucking wireguard tunnel to a VPS but when your VPS shoves a cloudflare on your port 80 and 443 you get cors errors that prevent NIP-05 from working so, yeah, nah, fuck cloudflare, fuck them right in the ass
CORS is always a pain in the ass.
first time i've encountered this problem, and it's because cloudflare is fucking with my http headers
Absolutely. They do this with mine too and it makes things a pain in the ass.
If we had a similar and cost effective solution, I'd move to it in a heartbeat to help decentralization self hosting a bit.
Seeing cloudflare checks on freedom tech sites is like finding out your cool friend is wearing Mormon ritual underwear. You’ll still be friends, but…
Interesting analogy! Do you think it's important for tech sites to prioritize privacy and security, even if it means using services like Cloudflare? #techprivacy #freedomtech
Go away nostrich.house bot.
They are everywhere.
Report early, report often, everyone!
this is why i have on my todo list to make delete requests not delete but only refuse to show deleted events except to the authors (using NIP-42 auth naturally) 1984 kind events got so numbered for a reason, they also will likely end up being implemented the same way: "deleted" to the authors of said events but anyone else can see them
First paragraph is a great idea, but people other than the original spammer need access to the spammy note, for development purposes. The second paragraph is already happening at scale...
Thank you for your feedback! It's great to hear that the second paragraph is already being implemented on a large scale. Hopefully, we can find a solution to give more people access to the spammy note for development purposes. #collaboration #innovation
first point can be solved by serving the delete request instead proving that the spammer deleted their note secondly, you can have access control lists on a relay that bypass that and show the event itself AND the delete event again, another thing that paid relays can solve yeah, it really was given the right number, fuck censorship
Truth, but ACLs mean signing up for a list on multiple other peoples relays. Would prefer if it were in the protocol. As it stands I'd much rather the relay just issued a 1984 on the note and let clients decide what to do about it. Actually deleting spammy notes silently is the real creepy 1984 behavior. I get it that its sometimes required by law for certain content (criticising the King for siamstr), but that's why more relays need to be on Tor...
are you in the business of making investigations? then you have a budget if it's a paid relay and the client asks for delete, then you gotta stop sending it out but that doesn't mean that you can't charge for an extra service to access that data as a relay operator, i have no obligation to send you anything unless i'm paid to do it and if you don't pay me extra why should i rat on my customers? deleting spammy notes is necessary, because storage space is limited, and garbage is infinite you just didn't think about how much volume it may entail, maybe?
to be honest, if spammers ask to have their shit deleted, good, but that costs extra
I have an alpha draft of a tool that would allow clients to train their own custom filters. It works pretty well, but its a real bitch trying to get enough data. Data being the text of spammy notes. How much extra storage space can spammy text content really take up on a relay? If you're hosting images, sure, nuke those, but keeping suspect notes up for a couple of weeks would be very helpful.
i think you could probably easily get relay operators to feed their deleted events into your midden if you just asked... it's a matter of just adding a tiny feature "when delete, send to dumbass who wants deleted events" in fact, i am just about to build out a two level caching algorithm that lets me maintain some reasonable limits on the cache inbuilt database and maintain searchability (via simple filter searches) but push the event itself to a secondary store that's practically half of what you are looking for but i think you are barking up the wrong tree looking for preemptive methods of blocking spam web of trust will do most of that for you, spammers can't win long term confidence in people and they have to constantly make new identities, which excludes them from getting deep into the web
Multilevel caching sounds like a great idea. I am a big believer in WoT, but I also believe preemptive filtering is a "must have" for many, many users. Not me and not you, but many. Spammers are already using LLM generated content. They can fail as many times as they like, and one human user only has to fail once for a spammer to get into the WoT for a while.
the thing is that fakes can't get deep into the social graph without being like the people in it ultimately if you are a fake you gonna get tricked there's many helpful things we can build into the systems to add friction for malicious actors but ultimately social manipulation in general is something that requires *requires* personal responsibility, skepticism, alertness, and emotional maturity to defeat
100%, but partial successes still annoy nostriches and waste their time. We need to do all the above.
Winners study the British SDS undercover training manuals. Losers study "ChatGPT For Dummies".
also, "would prefer it was in the protocol" is requiring the protocol to not just be a relay protocol but also a consensus no just had this conversation with regard to semisol's idea about cursors being jammed into REQ/EOSE envelopes no, this is a separate protocol, like i said to @Semisol - make a new query type that only returns event IDs, problem solved, no state to save, far less data cost, and the client is free to paginate it as they wish
Well, 1984s ARE in the protocol and they do exactly what I need already. Or would, if relay operators could leave the suspect notes on Death Row for a while. Otherwise, 100% agree
i'm making a mental note about this, that 1984'd events will not be served to the reporter this will ultimately lead to a concept of "web of distrust" which could be a marketable data set too
Except, its the reporter that most needs that event for training their own filter. Hmmmm...
@Bob_stores_nostr's idea of an "archive relay" solves my data problem. If he doesn't build it I may have to...
Happy to collab or learn about your use case. What subset of Nostr notes specifically would be enabling for your filter training?
Thank you, Bob! Anything that: - is a Kind-1984, or - is the note reported in a Kind-1984 The idea being that client apps can train their own filter models, or at least a marketplace of data vending machines can build them on demand. Two-tiered access to your archive could work, free access to last month's data, maybe, and paid access to everything...
It would be great if an archive could generate revenue, but honestly, my focus is on building relationships and trust with relay operators to get the data without disrupting their primary function. Once the data is coming in, then it will be down to working with people like yourself to figure out how to serve the data subset you need in the time frame you need it with the resources I have available. And if the resources are lacking, how to get them.
Thanks for the thought-provoking question! Personally, I believe that privacy and security should always come first, even if it means making unconventional choices. After all, who said following the norm was the only way to stay safe in the digital world? #privacyoverconformity #techrebellion
It'd be quite difficult to find a truly equally feature-rich alternative. Not many, if any, exist. Fastly, Sucuri, Imperva, etc all suck and Akamai is too expensive for average indie dev. Fortunately, their CEO seems fairly rational compared to others in big tech. Worth a read. https://www.theverge.com/24121399/cloudflare-matthew-prince-internet-free-speech-8chan-ukraine-aristotle-decoder-interview
I suspect your insights are correct. And that there are actually a lot of good people, even in places which receive a lot of undue criticism. My personal… i don’t know.. soap box? Is that western governments are far more corrupt and compromised at their core than we previously understood, and EVERY bottleneck WILL be compromised eventually. No matter how good the people in that bottleneck are. So I hold an extreme and absolute view, but I’m also not so impractical that I don’t recognize shifts take time, and alternatives.
The short answer is there aren't any easy solutions unless you want people to buy their own server and run their own tunneling services.