The normal response from privacy advocates to this bullcrap is to just complain about it and tell Cloudflare that they should do better. More and more I feel like we need to take a page from pirates and attackers and treat Cloudflare systems like Turnstile like what they are: malware that circumvents device control. And we should encourage people to break the systems and to come up with ways to fool the systems, we should encourage pooling information about clients in a way that makes it easier to lie to these checks and give them the responses to APIs that they expect to get.
We need to stop treating this like it's a civil conversation and put more energy into decompiling and breaking Captchas and other attestation methods, and normalize the idea that breaking these systems is good and should be accessible to normal people.
Because increasingly, breaking the systems is going to be the only way to run really privacy-focused software. It's like adblocking, you don't make progress by negotiating with advertisers, you block ads. We have no negotiating power with Cloudflare and no way to force companies to care about user privacy or freedom unless we have ways to circumvent these systems.
----
I'm tired of trying of entering into a relationship with Cloudflare where they break everything and we send them a bunch of bug reports begging to be let back in. Nah, we need to start decompiling their crap and circumventing it.
We need to stop treating this like it's a civil conversation and put more energy into decompiling and breaking Captchas and other attestation methods, and normalize the idea that breaking these systems is good and should be accessible to normal people.
Because increasingly, breaking the systems is going to be the only way to run really privacy-focused software. It's like adblocking, you don't make progress by negotiating with advertisers, you block ads. We have no negotiating power with Cloudflare and no way to force companies to care about user privacy or freedom unless we have ways to circumvent these systems.
----
I'm tired of trying of entering into a relationship with Cloudflare where they break everything and we send them a bunch of bug reports begging to be let back in. Nah, we need to start decompiling their crap and circumventing it.