Linus told me to use it, should I?

>Linus told me to use it, should I?
which one, the gay one or the cuckold one?

are you retarded?

The canadian aka gay and cuckold

the youutber (gay one)? or the cuckold, diversity program forcing inventor of a kernel?

Doesn't actually matter, I won't use it if either of those recommends it...

eye opening read.
in the future i will try to avoid the cloudflare jew

But where does my own get their addresses from?

How come none of you use AdGuard's for blocking ads and adult content for everyone on your network?

Im guessing but i think they work by quereying your own and if you dont have that domain itll querey the external dns and then log the domain locally

>a known shill told me to use it
Of course you should.

>cloudflare makes it extremely difficult for Tor users and users who disable javascript.
>cloudflare arbitrarily bans whoever they want. Today, it is Tor users who disable javascript
It depends on settings chosen by CF user in its control panel. Change firewall settings to "Essentially Off" and nobody will encounter these "Checking your browser" pages. Opinion discarded.
>cloudflare in a Man-in-the-Middle (MitM) attack.
What a surprise! That's the whole point of its business.
>cloudflare centralizes the internet, creating a single point of failure
If that really was the case, probably they didn't have to support Tor and IPFS projects.
>cloudflare costs money
Free option is also available.

from here

internic.net/domain/named.root

>buttflare
No thanks

your vidya doesn't use dns servers.

>cloudflare's SSLmao fuarrrk not
>User -> cloudflare's key -> cloudflare -> website's key -> website
>User

Even if it did, it wouldn't matter

don't ask too many questions, goy.

>en.wikipedia.org/wiki/Domain_Name_System#Address_resolution_mechanism
Read it faggots. You unbound does it exactly like cloudflare or the ISP resolver would do it.

Attached: Screenshot from 2019-01-29 20-01-20.png (930x894, 184K)

Okay, but why is their DNS bad

I went back to google dns. They probably do the same but at least it's not as malevolent

Boomer Linus or Zoomer Linus?

Why would you use a proxy DNS?

>cloudflare is so bad I can't list an alternative
constructive book by that one user

>people dont just use their ISP's dns

still don't get this, swear you guys will find any useless minutiae to worry about instead of living productive lives

You're glowing

My isp's dns servers are constantly getting poisoned, so I had to change it.

kiwi farms is run by cloudlfare and was never terminated despite a shit ton of reports

Cloudflare has its own Certificate Authority and can create valid certificates for any domain.

My isp uses opendns...

What DNS to use, then?
I have jewgle DNS right now, I was considering changing to OpenDNS

>-cloudflare outright decrypts ALL CIPHERTEXT THAT PASSES THROUGH IT. cloudflare has COMPLETE ACCESS TO ALL PLAINTEXT. In other words, cloudflare in a Man-in-the-Middle (MitM) attack.
This, anyone that has basic knowledge about SSL knows this.

They block domains such as archive.is

why do you block JS?

Google DNS is faster and more reliable in my area.

This doesn't violate https. As far as cryptography is concerned, the authentication (and confidentiality) is guaranteed with respect to the private key holder. Cloudflare has the private key.

To make myself clear : this *is* a bad thing.
When the website owner gives his key to cloudflare , he gives them the ability to undetectably impersonate him.

if he told you to suck cock would you?

If their main business is this fucking evil, why do you think their DNS would be any better?

actually that's a good fucking point

My main inquiry is how can their DNS be harmful?

Domain isn't blocked, archive.is is misconfigured

>reddit spacing
ignored.

mmmm I like OpenNIC

If you don't always use the same dns you ought to be ok some of the time - enough to see something fishy. You can set up resolv.conf to round robin through a list of dns, works on Kali linux.

On ubuntu the best I can do is install bind and use it as my dns. This uses algo to pick fastest dns which favors the big guys. Would rather have caching dns round robin disregarding time for response - once it is cached it'll be fast.

Pi hole seems to favor some ( not round robin), and only lets you have 2 custom dns servers. I use some big ones but have a couple of foreign ones selected.to be probably uncooperative to the same censors as the others

>unironically referring to something as "reddit spacing"

ignored.

why would you unironically use cloudflare to reverse proxy your site, anyway?

>hey what if we centralized the internet?
what could possibly go wrong

opennic.org is the only correct answer. cloudflare/google censor shit.

>hey what if we centralized the internet?
Cloudflare is terrible in a bunch of ways, but I don't see how offering a DNS server is one of them.

OpenNIC is great, but do you have a source on Cloudflare or Google censoring DNS results?

>he doesn't know
the real linus is dead, user. they replaced him with a double. why else would he all-of-a-sudden let the coc take over linux?

Adguard is slow

Because their DNS is literally tracking every domain requested by your connected devices. Not even DNS is benign.

My ISP's DNS goes down often and when it's up it's slow as fuck.

is 9.9.9.9 decent? it was fastest on my connection.

this, at least your isp wouldnt do any dodgy shit too obvious at risk of losing customers, what has cloudflare got to lose?

>Give strangers a list of all the websites I visit no question about it
idiots

User these

ipv4
84.200.69.80 84.200.70.40 51.255.48.78 192.71.245.208

ipv6
2001:1608:10:25::1c04:b12f 2001:1608:10:25::9249:d69b 2a00:dcc0:eda:88:245:71:858e:a15

Fuck nigga, use the fucking pastebin brainlet

I have my website set up to block all cloudflare IPs, is this autistic? should I be doing more?

>I have my website set up to block all cloudflare IPs
Why? What does that even accomplish?

>blocks archive sites
Yeah no thanks

I don't fucking know, that's just it.
I've been on an "escape the botnet" kick recently, I've been deleting social media accounts, google accounts, moved all my shit from onedrive into syncthing, etc. Something about blocking cloudflare felt right.

>I don't fucking know, that's just it.
Then don't do it.

Does anyone else use dnscrypt-proxy? It's simpler than ever to install and use on linux/windows

Use Quad9 instead. It's less glow in the dark

>complains about Cloudflare
>while using it through 4chinz

>botnetflare
you deserve anything that happens to you

So my safest bet, while losing some speed, is my local ISP's DNS? They at least don't have the same tech or reach as google or cloudflare.

ISP DNS has more downtime, they filter shit depending on the country, slower, no privacy. its the shittiest out of all the options.

>slower
how can some external DNS be faster when your ISP is literally the closest you can get network-wise?

Because ISPs are run by greedy shitters

ah yes, a problem exclusive to amerimutts

ping + compute time = total latency.
you dont know what kind of servers/caching they use.
basically this

You do realize you break most sites by doing this? And it's not as easy as unchecking their domain in UBlock Origin on a particular website.

run your own recursive dns resolver.

Is there any alternative to Cloudflare?

Why would I care if I break other sites? It's my VPS, not my personal machine.

any alternative service would have the same capabilities as cloudflare. an actual alternative would be to setup your own load balancer, ssl.

But when I go to a website, shouldn't the handshake use THAT WEBSITE'S key? Why the fuck using someone (cloudflare) else's key is allowed?

>at least your isp wouldnt do any dodgy shit too obvious at risk of losing customers
like blocking gambling and torrent sites? at least that's the case recently in my country, but no one gives a shit, a baby can pass through this kind of protection

CF DNS is one of the few that explicitly state that they don't collect your info past processing the request.
Also, the archive.is debacle is happening because archive.is DNS requires passing a part of the user's IP address, which 1.1.1.1 doesn't do in interest of privacy.

you setup your site to connect to cloudflare at a dns level and cloudflare's key is used for https. then cloudflare redirects the traffic to your webserver using the key that is on your webserver.

Is cloudflare under a government jurisdiction?

>explicitly state that they don't collect your info
it's okay goy, trust me

There's a DNS benchmarking tool out there. I found out Google is by far the fastest for me.

They inject ads, return a search page instead of NXDOMAIN, use their resolvers to impose soft quarantines if I pirate more than the media mogols would like, and on top of all that their servers are pathetically slow. (Probably because it's doing all this shit instead of, you know, resolving domain names.) They haven't lost me as a customer because the only other options are some WISP (high latency) and a VDSL service (4x slower).

Of course and dont forget to enjoy your botnet

OpenNIC is the only way

>google is the fastest in harvesting your data
not surprised in the least

Yes, better use ones that explicitly state that they do collect it or where they're vague or don't even mention it.

Cloudflare doesn't use its own key, it uses the website's key. The website owner give the website key to cloudflare, and cloudflare use it as if it was the legitimate website. Technically nothing is broken, the same way that if you give the password of your email account to somebody, they can send and receive emails from your address.