From c5e32cbad6c49b872f23447b39b375c57d45e254 Mon Sep 17 00:00:00 2001 From: humanacollaborator Date: Tue, 13 Apr 2021 12:01:07 -0400 Subject: [PATCH] Cloudflare-Tor ==> deCloudflare --- codeberg.md | 50 ++++++++++++++++++++++--------------------- forge_comparison.md | 2 +- input_data/forges.sql | 2 +- 3 files changed, 28 insertions(+), 26 deletions(-) diff --git a/codeberg.md b/codeberg.md index 5fd4b77..00400e7 100644 --- a/codeberg.md +++ b/codeberg.md @@ -3,18 +3,20 @@ Codeberg hosted the Cloudflare-Tor project. In 2021, Codeberg took down the project alleging libel. -## what the Cloudflare-Tor (CFT) project is +## what the deCloudflare project is -The Cloudflare-Tor (CFT) project is a non-profit charitable effort to +The +[deCloudflare project](https://gitee.com/decloudflare/cloudflare-tor) +("dCF", formerly Cloudflare-Tor) is a non-profit charitable effort to promote decentralization, network neutrality, and privacy with -Cloudflare (a top adversary of that cause) as the core focus. CFT +Cloudflare (a top adversary of that cause) as the core focus. The dCF project provides a variety of free software tools to help protect the general public from Cloudflare. An important component of protecting the community from Cloudflare is documenting websites that subject people to the harms of Cloudflare by maintaining a massive list of websites to avoid. -Unlike other tech giant adversaries to the CFT cause such as GAFAM +Unlike other tech giant adversaries to the dCF cause such as GAFAM (Google Amazon Facebook Apple Microsoft), Cloudflare operates surreptitiously and largely unknown to the general public, despite having access to ~20-30%+ of the world's web traffic and 80%+ of CDN @@ -28,7 +30,7 @@ Some privacy and ethics advice sites like Cloudflare sites to those who entrust them to give advice pursuant to their own stated purpose. -The problem is so rampant that it became important for the CFT +The problem is so rampant that it became important for the dCF project's tracking of the Cloudflare problem to start keeping track of organizations and the pseudo-anonymous aliases of representatives who were spotted publicly promoting Cloudflare. @@ -37,7 +39,7 @@ were spotted publicly promoting Cloudflare. After someone [on Codeberg's staff](https://codeberg.org/shadow/SpywareWatchdog/issues/77#issuecomment-188105) -was added to the Cloudflare supporter list, Codeberg shut down the CFT +was added to the Cloudflare supporter list, Codeberg shut down the dCF project and issued [this statement](https://codeberg.org/Codeberg/Community/issues/423#issuecomment-187783) to contributors, and posted @@ -50,11 +52,11 @@ allegedly in response to complaints. > social media identities, Calling it a "target list" entails a presumption of how the list is -used. For example, if a threat actor wants to join the CFT project to -gain access to our internal operations, it is not CFT targeting them -but rather CFT avoiding being targeted by their adversary. CFT has +used. For example, if a threat actor wants to join the dCF project to +gain access to our internal operations, it is not dCF targeting them +but rather dCF avoiding being targeted by their adversary. dCF has been attacked several times and sometimes at the hands of insiders who -gained trust by posing as those who support the CFT cause. +gained trust by posing as those who support the dCF cause. Transparency is essential in exposing the corporate bias behind the information and advice you are getting. For example, a forum for talk @@ -70,8 +72,8 @@ Are forums hosted in Germany really forced to operate non-transparently and conceal such conflicts of interest from the public? Unlikely. -For Codeberg to allege CFT tracks "personal data" with social media -identities is perversely deceptive. CFT did not track personal data +For Codeberg to allege dCF tracks "personal data" with social media +identities is perversely deceptive. dCF did not track personal data or dox any social media identities. The social media identities were listed and only *public* data was shared -- data that is already public on platforms like Twitter. Personally identifiable information @@ -113,15 +115,15 @@ temporary and non-destructive of the artifacts. > privacy violation and leaking proprietary information. This is just a statement of Codeberg's interpretation of law. Note -that Codeberg does not accuse CFT of this, as doing so would be libel -against CFT. So it's unclear what purpose this statement serves other +that Codeberg does not accuse dCF of this, as doing so would be libel +against dCF. So it's unclear what purpose this statement serves other than to imply an accusation without stating it. Such weasel wording is designed to deceive the public while dodging legal accountability. > - Considering reports we received, a significant number of claims and > statements were factually false. -CFT has received only one complaint. It involved one social media +dCF has received only one complaint. It involved one social media alias that was listed and it turned out to be a misunderstanding surrounding the word "*support*". The listed party claimed to not personally condone Cloudflare and thus claimed to not be a Cloudflare @@ -172,18 +174,18 @@ Privacy is like virginity: once you lose it, you can't have it back. > their social media accounts and allegedly blamed as Cloudflare > supporters without an evidence -CFT was never asked for evidence. Only one complaint was received. +dCF was never asked for evidence. Only one complaint was received. It was investigated and evidence was provided to the subject. > We started a discussion with the maintainers of this repository and > asked to remove these sensitive information, that are apparently for > shaming people (defamation), -CFT did not "shame" or "defame" anyone, and no evidence was given to +dCF did not "shame" or "defame" anyone, and no evidence was given to that effect. Codeberg admitted earlier that their assumption is that a list of Cloudflare supporters inherently shames people. Yet the list is objective. It's for the reader to decide if the list is of -shame or of pride. No value judgment was expressed by the CFT +shame or of pride. No value judgment was expressed by the dCF project. > According to GDPR, we are obligued to remove sensitive user @@ -202,16 +204,16 @@ identifiable. This Regulation does not therefore concern the processing of such anonymous information, including for statistical or research purposes." ``` -CFT's Cloudflare supporter list did not contain real names; only +dCF's Cloudflare supporter list did not contain real names; only pseudoanonymous aliases. The listed alias of the subject who complained did not use an alias formed like "firstname_lastname", or any form that could reasonably identify a natural individual person. -The sole complaint CFT received lead to an investigation that found +The sole complaint dCF received lead to an investigation that found the data accurate. Even though the GDPR right to be forgotten does -not have force in that case, it was removed anyway and therefore CFT +not have force in that case, it was removed anyway and therefore dCF was (and remains) in compliance with the GDPR right to be forgotten. Yet Codeberg still removed the project despite immediate compliance. @@ -228,20 +230,20 @@ their employees, so it's already public information. > Cloudflare-supporters, but critical opponents of this company, and > thus could not even imagine a reason for being listed there. -CFT only received one complaint regarding one individual. CFT has +dCF only received one complaint regarding one individual. dCF has continously been in GDPR compliance at all times. Codeberg destroyed the repository anyway. "*Support*" comes in many forms. You can support Cloudflare by praising it, or you can support Cloudflare through actions (which may -even be unwitting to the supporter). In the one case that CFT +even be unwitting to the supporter). In the one case that dCF investigated, the subject's understanding narrowly assumed "support" was limited to philosophical praise. > We can not accept anyone attacking and threatening us and our users > (or anyone for that matter), or inciting others to do so. -This is weasel wording, as directly accusing CFT of attacking or +This is weasel wording, as directly accusing dCF of attacking or threatening Cloudflare supporters would constitute libel on the part of Codeberg. So they try to imply it. These claims can only be ignored in the absence of evidence. diff --git a/forge_comparison.md b/forge_comparison.md index 283a6da..4f725b1 100644 --- a/forge_comparison.md +++ b/forge_comparison.md @@ -7,7 +7,7 @@ The following forges have no significant ethical issues: | *forge* | *registration publicly open* | *software* | *Tor-hostile* | *Cloudflare MitM* | *forced re/hCAPTCHA* | *forced execution of non-free software* | *notes* | |---|---|---|---|---|---|---|---| -[git.fuwafuwa.moe](https://git.fuwafuwa.moe)([🧅](http://git.fuwafuwaqtlkkxwc.onion))|🟢|Gitea|n|n|n|n|SSH over Tor broken; HTTPS over Tor works| +[git.fuwafuwa.moe](https://git.fuwafuwa.moe)([🧅](http://git.fuwafuwaqtlkkxwc.onion))|🟢|Gitea|n|n|n|n|SSH over Tor [broken](http://git.fuwafuwaqtlkkxwc.onion/levena/fuwafuwa/issues/1); HTTPS over Tor works| [git.nixnet.services](https://git.nixnet.services)|🔴|Gitea 1.13.1|n|n|n|n|formerly git.nixnet.xyz| [git.sdf.org](https://git.sdf.org)|🟢|Gitea 1.13.1|n|n|n|n|SSH over Tor broken but HTTPS over Tor works| [git.disroot.org](https://git.disroot.org)|🟢|Gitea 1.13.6|n|n|n|n|SSH over Tor works; based in NL| diff --git a/input_data/forges.sql b/input_data/forges.sql index 75adbc6..335b7a5 100644 --- a/input_data/forges.sql +++ b/input_data/forges.sql @@ -36,7 +36,7 @@ insert into forgesTbl (url_onion, dead) values ('http://githidep2hynhdmutuv7n2te insert into forgesTbl (url_clrnet, software, notes) values ('https://codeberg.org','Gitea', 'Based in Germany; [censored an anti-Cloudflare project](codeberg.md) in a reckless and destructive manner; functions without any JavaScript and the JavaScript that exists is all 1st-party ([ref](https://github.com/privacytoolsIO/privacytools.io/issues/843#issuecomment-483830547))'); insert into forgesTbl (url_clrnet, software, openpubreg, notes) values ('https://git.nixnet.services','Gitea 1.13.1', 0, 'formerly git.nixnet.xyz'); insert into forgesTbl (url_clrnet, software, openpubreg, cfns) values ('https://git.teknik.io','Gitea 1.9.0',0,1); -insert into forgesTbl (url_clrnet, url_onion, software, notes) values ('https://git.fuwafuwa.moe','http://git.fuwafuwaqtlkkxwc.onion','Gitea','SSH over Tor broken; HTTPS over Tor works'); +insert into forgesTbl (url_clrnet, url_onion, software, notes) values ('https://git.fuwafuwa.moe','http://git.fuwafuwaqtlkkxwc.onion','Gitea','SSH over Tor [broken](http://git.fuwafuwaqtlkkxwc.onion/levena/fuwafuwa/issues/1); HTTPS over Tor works'); insert into forgesTbl (url_clrnet, software, notes) values ('https://git.slashdev.space','Gitea 1.13.6','SSH over Tor broken (try HTTPS over Tor)'); insert into forgesTbl (url_clrnet, software, notes) values ('https://git.disroot.org','Gitea 1.13.6','SSH over Tor works; based in NL'); insert into forgesTbl (url_clrnet, software, openpubreg, cflogin, notes) values ('https://libregit.org','Gitea',0,1,'reg by invite only');