@ -3,18 +3,20 @@
Codeberg hosted the Cloudflare-Tor project. In 2021, Codeberg took
down the project alleging libel.
## what the Cloudflare
-Tor (CFT) project is
## what the
deCloudflare project is
The Cloudflare-Tor (CFT) project is a non-profit charitable effort to
deCloudflare project]( https://gitee.com/decloudflare/cloudflare-tor)
("dCF", formerly Cloudflare-Tor) is a non-profit charitable effort to
promote decentralization, network neutrality, and privacy with
Cloudflare (a top adversary of that cause) as the core focus. CFT
Cloudflare (a top adversary of that cause) as the core focus.
project provides a variety of free software tools to help protect the
general public from Cloudflare. An important component of protecting
the community from Cloudflare is documenting websites that subject
people to the harms of Cloudflare by maintaining a massive list of
websites to avoid.
Unlike other tech giant adversaries to the CF
T cause such as GAFAM
Unlike other tech giant adversaries to the
dCF cause such as GAFAM
(Google Amazon Facebook Apple Microsoft), Cloudflare operates
surreptitiously and largely unknown to the general public, despite
having access to ~20-30%+ of the world's web traffic and 80%+ of CDN
@ -28,7 +30,7 @@ Some privacy and ethics advice sites like
Cloudflare sites to those who entrust them to give advice pursuant to
their own stated purpose.
The problem is so rampant that it became important for the CF
The problem is so rampant that it became important for the
project's tracking of the Cloudflare problem to start keeping track of
organizations and the pseudo-anonymous aliases of representatives who
were spotted publicly promoting Cloudflare.
@ -37,7 +39,7 @@ were spotted publicly promoting Cloudflare.
on Codeberg's staff]( https://codeberg.org/shadow/SpywareWatchdog/issues/77#issuecomment-188105)
was added to the Cloudflare supporter list, Codeberg shut down the CF
was added to the Cloudflare supporter list, Codeberg shut down the
project and issued
this statement]( https://codeberg.org/Codeberg/Community/issues/423#issuecomment-187783)
to contributors, and posted
@ -50,11 +52,11 @@ allegedly in response to complaints.
> social media identities,
Calling it a "target list" entails a presumption of how the list is
used. For example, if a threat actor wants to join the CF
T project to
gain access to our internal operations, it is not CF
T targeting them
but rather CF
T avoiding being targeted by their adversary. CF T has
used. For example, if a threat actor wants to join the
dCF project to
gain access to our internal operations, it is not
dCF targeting them
dCF avoiding being targeted by their adversary. dCF has
been attacked several times and sometimes at the hands of insiders who
gained trust by posing as those who support the CF
gained trust by posing as those who support the
Transparency is essential in exposing the corporate bias behind the
information and advice you are getting. For example, a forum for talk
@ -70,8 +72,8 @@ Are forums hosted in Germany really forced to operate
non-transparently and conceal such conflicts of interest from the
For Codeberg to allege CF
T tracks "personal data" with social media
identities is perversely deceptive. CF
T did not track personal data
For Codeberg to allege
dCF tracks "personal data" with social media
identities is perversely deceptive.
dCF did not track personal data
or dox any social media identities. The social media identities were
listed and only
*public* data was shared -- data that is already
public on platforms like Twitter. Personally identifiable information
@ -113,15 +115,15 @@ temporary and non-destructive of the artifacts.
> privacy violation and leaking proprietary information.
This is just a statement of Codeberg's interpretation of law. Note
that Codeberg does not accuse CF
T of this, as doing so would be libel
T. So it's unclear what purpose this statement serves other
that Codeberg does not accuse
dCF of this, as doing so would be libel
dCF. So it's unclear what purpose this statement serves other
than to imply an accusation without stating it. Such weasel wording
is designed to deceive the public while dodging legal accountability.
> - Considering reports we received, a significant number of claims and
> statements were factually false.
T has received only one complaint. It involved one social media
dCF has received only one complaint. It involved one social media
alias that was listed and it turned out to be a misunderstanding
surrounding the word "*support*". The listed party claimed to not
personally condone Cloudflare and thus claimed to not be a Cloudflare
@ -172,18 +174,18 @@ Privacy is like virginity: once you lose it, you can't have it back.
> their social media accounts and allegedly blamed as Cloudflare
> supporters without an evidence
T was never asked for evidence. Only one complaint was received.
dCF was never asked for evidence. Only one complaint was received.
It was investigated and evidence was provided to the subject.
> We started a discussion with the maintainers of this repository and
> asked to remove these sensitive information, that are apparently for
> shaming people (defamation),
T did not "shame" or "defame" anyone, and no evidence was given to
dCF did not "shame" or "defame" anyone, and no evidence was given to
that effect. Codeberg admitted earlier that their assumption is that
a list of Cloudflare supporters inherently shames people. Yet the
list is objective. It's for the reader to decide if the list is of
shame or of pride. No value judgment was expressed by the CF
shame or of pride. No value judgment was expressed by the
> According to GDPR, we are obligued to remove sensitive user
@ -202,16 +204,16 @@ identifiable. This Regulation does not therefore concern the
processing of such anonymous information, including for statistical or
T's Cloudflare supporter list did not contain real names; only
dCF's Cloudflare supporter list did not contain real names; only
The listed alias of the subject who complained did not use an alias
formed like "firstname_lastname", or any form that could reasonably
identify a natural individual person.
The sole complaint CF
T received lead to an investigation that found
The sole complaint
dCF received lead to an investigation that found
the data accurate. Even though the GDPR right to be forgotten does
not have force in that case, it was removed anyway and therefore CF
not have force in that case, it was removed anyway and therefore
was (and remains) in compliance with the GDPR right to be forgotten.
Yet Codeberg still removed the project despite immediate compliance.
@ -228,20 +230,20 @@ their employees, so it's already public information.
> Cloudflare-supporters, but critical opponents of this company, and
> thus could not even imagine a reason for being listed there.
T only received one complaint regarding one individual. CF T has
dCF only received one complaint regarding one individual. dCF has
continously been in GDPR compliance at all times. Codeberg destroyed
the repository anyway.
"*Support*" comes in many forms. You can support Cloudflare by
praising it, or you can support Cloudflare through actions (which may
even be unwitting to the supporter). In the one case that CF
even be unwitting to the supporter). In the one case that
investigated, the subject's understanding narrowly assumed "support"
was limited to philosophical praise.
> We can not accept anyone attacking and threatening us and our users
> (or anyone for that matter), or inciting others to do so.
This is weasel wording, as directly accusing CF
T of attacking or
This is weasel wording, as directly accusing
dCF of attacking or
threatening Cloudflare supporters would constitute libel on the part
of Codeberg. So they try to imply it. These claims can only be
ignored in the absence of evidence.