Oddbean new post about | logout
 The modern internet is totally corrupt. Let’s dive in to why…

Content Delivery Networks (CDN)

Content delivery networks are global servers spread out around the world that keep a copy of a website closer to you, to serve it to you. By being physically closer to the end user, it speeds up the website’s delivery. However, the negative of this is that it has a tendency to centralize power for the entire internet to a few large players and that has big privacy effects. Rather than have these separate sites and blogs around the world just see their site only, instead the big CDNs see all traffic on the entire internet. This enables the “tyranny of the modern web”, in which website owners have just a tiny 1 core VPS, and then all their real files are externally hosted. The heavy use of CDNs allows the website owner to save on money, while sacrificing their free speech, independence, and the end user’s privacy.

With larger files, such as a video, a CDN is likely required. But the heavy use of CDNs for literally everything on the website should be associated with poverty. The website owner is saying “I’m too poor to host files”. Additionally, website owners enable Big Tech third party JavaScript such as a “Facebook like widget” which does surveillance that then slows down the load speed. So then they need an even more centralized CDN to serve up this bullshit bloat. This creates a vicious cycle of more and more Big Tech surveillance, which then needs an ever larger CDN.

Because surveillance is so profitable, the firms doing it can hire the best creative talent, which then shapes the entire tech industry. Young web developers use the same toolkits and learn from these corrupt organizations where an erosion of end user liberty is the norm. The end result is that web developers don’t even realize that they are over-using JavaScript when it’s not required. This slows down the web and feeds into the vicious CDN cycle. The largest player in the game is Cloudflare.

Cloudflare sees ALL passwords

One type of CDN literally points the domain name to the CDN company, so:

User -> Cloudflare -> real website VPS (1 tiny core)

This is how Cloudflare works. Since this is literally directing all traffic to the CDN company, they can see all passwords and ALL data. The SSL connection or httpS encryption is stripped away by Cloudflare. Unfortunately, a VAST majority of the internet uses Cloudflare. You will be shocked at how many “privacy” websites use it, including Skiff.com email, KYCnot.me, Michael Bazzell’s OSINT, and even Monero’s official site at GetMonero.org. Finding out that Monero’s core team used Cloudflare to distribute binaries, was for me like finding out there is no Santa Clause. Even Handshake.org literally complained about Cloudflare while using it.

Supposedly Cloudflare helps to stop “distributed denial of service” DDoS attacks, which is the bullshit justification that websites owners will give, instead of just admitting that they are poor and willing to sacrifice their freedom of speech because they have nothing of value to say.

A DDoS is when lots of bots or bullshit traffic hits up a website to overload it and take it down. But Cloudflare isn’t doing anything unique to stop this and there are many other choices one could pick from. All Cloudflare is doing is having a ton of money and servers to absorb the traffic. Then because Cloudflare has scaled through business deals, they can deliver the CDN at a much lower cost than other providers.

There are many other CDNs, but unfortunately most website owners simply do not care about their (or your) privacy and freedom, and they are only mostly concerned with getting the absolute rock bottom lowest cost, which is typically bundled into “shared hosting” plans.

Then MORE CDNs?!

Many website owners don’t just use Cloudflare. Then on top of that, their website calls upon 3rd party images from even more CDNs via JavaScript. For example website-files.com is a popular “JavaScript CDN” of this type.

User -> Cloudflare -> real website VPS (1 tiny core) -> Website-Files.com

So everyone and their mother sees your data, and the website owner lost their autonomy of speech, by complying with more and more terms of service restrictions. This is why website owners don’t care about abusing unnecessary JavaScript, because they outsource the economic cost of being an idiot, at at the expense of both their and your liberty.

Conclusion

In conclusion, change does not come from politics, but comes from you. Your actions dictate how much freedom the world has. If you accept a world of surveillance, then let the entire internet be overseen by two or three companies. But I do not accept things for the way they are. It is only through your actions to pressure website owners will it ever matter. Seek out alternatives, they do exist.

PS, check out Ombello, it’s a Tor Browser Onion search engine that crosses out Cloudflare:

ombrelo.im5wixghmfmt7gf7wb4xrgdm6byx2gj26zn47da6nwo7xvybgxnqryid.onion