Both can be true?
Yup
Cloudflare is a business. Businesses protect their profits. Online casinos are scams subject to regular massive DDOS by their scumbag competitors and by people who want them shut down. Cloudflare wasn't going to eat that loss anymore so they kicked them to the curb to save money. Also the time frame wasn't 24 hours. More like a month. This makes me suspect the scamming casino's story more.
Cloudflare as a business provides DDOS protection. If they kick out those who get ddos's, what's their value? (Sure, WAF etc. but you get the point).
Also, as much as casinos are ethically questionable, they are also business. Very regulated businesses even (while tech is kind of a Wild West).
And insurances provide monetary compensation until you become a common liability, too high to be covered by any sort of fee. DDOS protection is just the same. It's only feasible if it happens rarely, like they usually happen. However if it's a common occurrence it will just eat up the profits made by the fees and then some, which just is stupid to do in any case.
Comparing Cloudflare to insurance companies is not how you'll convince me they're not acting like jerks lol
I think they are only “very regulated” if they are based in certain western countries?
I used to hear a bunch of stories about issues getting payouts.
It's not that they got DDoSed, it's that unregulated off-shore gambling is illegal in many countries, so their IP addresses were getting blocked in these countries. The way CDNs like CloudFlare work is that many customers share the IP addresses, so they were getting other CloudFlare customers blocked as well.
CF wanted them to move to a "bring your own IP" plan so that their IP blocks wouldn't affect other customers, and that came with the steep price tag.
That wasn't it, Cloudflare didn't like the way the casino was using Cloudflare's IPs, since they were getting banned in multiple countries.
Cloudflare only offers byoIP as part of a business package, and that comes with extortionate pricing.
I was reading the blog post by the casino's tech person and kept thinking to myself, "this is a casino; they may not be the most reliable narrator". That said, CF was also stupid slow on taking down kiwi and stormfront, so they're not great either.
Both of them suck and this whole thing is amusing to me. Hopefully this will serve to improve CF's behaviour.
What was kiwi?
KiwiFarms, a forum dedicated to doxxing and IRL harassing of LGBTQ people, women, and anyone else they didn't like. It ~~was~~ is a breeding ground for Nazis and other Conservative bigots and their ideologies, and they successfully harassed people into moving and hiding (or worse).
Edit: they're still around
A website similar to 4chan, but much much worse. They'd dox pretty much anyone they didn't like, often LGBTQ+ people and allies
It isn't clodflare's job to take down or in any way take a stance on what websites they are providing most likely only DDOS and DNS services for.
That's for example why privacy sites can use them.
It's the police or maybe hosting provider that should decide when/if to take down sites.
If cloudflare were hosting the site I think they have more responsibility.
Context?
cloudflare has a known habit of taking heavy users and forcibly converting companies from a $250/m plan to a $12,000/month plan.
some people would be happy for that to happen to bad entities like an online casino, but really, to cloudflare the business use is irrelevant and it could happen to any of us.
the lesson is to minimize your cloudflare dependencies. if you have to use it, use it in an agile method where you can move to something else quickly should you need to.
Thank you
12000 a month is probably chump change for a casino and money well spent at that for the features cloudflare provides
At my job, a reasonably sized it customer generates about 100-500k a month.
For 12k a month just the DDoS protection would be worth it for a site of that nature and size but they also get CDN access with full control over the caching, and a web application firewall.
The way I see it the casino was trying to plate share at a buffet and got caught so now they are complaining about having to pay the correct amount.
My feed has been all about posts like this one https://programming.dev/post/14669153
If yours hasn't you're missing some stupid flame wars and nothing of value.
reminder that cloudflare routinely works with white supremacist and other hate sites to protect them and have most recently refused to stop hosting kiwi farms, as they were doxxing and threatening trans people
They don't "work with white supremacists". They try to self-polish the tremendous power the have, seeking neutrality in most cases.
THIS MESSAGE (MATERIAL) CREATED AND (OR) DISTRIBUTED WITH PURPOSE OF HATE AND (OR) ENCOURAGING HATE.
You forgot to put it.
I heavilt dislike cloudflare, but this is not valid reason to hate them.
Por qué no los dos?
What's the problem with CloudFlare? They're trying to make a profit, and so in the long run are the same as anybody, but every interaction I've had with them recently has left me impressed.
Edit: The answer is that the way their thing works nullifies HTTPS.
Remember when google was beloved by everyone back then when they're still have "don't be evil" motto? Cloudflare right now is like google back then: super useful, provides a lot of free services that would be expensive on other providers. But unlike google, if cloudflare go full evil in the future, the impact will be much larger because they're an mitm proxy capable of seeing unencrypted traffics across all websites under their wing. Right now they're serving ~30% of top 10,000 websites and growing.
Oh, okay, so I'm not wrong that they're good right now.
I'm a little unclear on how it works. Do they strip off HTTPS somehow? Otherwise, there's not too much unencrypted traffic around anymore.
Do they strip off HTTPS somehow?
Well yes, how else they can provide their services such as page caching, image optimizing, email address obfuscation, js minifications, ddos mitigation, etc unless they can see all data flowing between your server and your visitors in the clear?
Cloudflare is basically an MITM proxy. This blog post might be helpful if you want to know how mitm proxy works in general: https://vinodpattanshetti49.medium.com/how-the-mitm-proxy-works-8a329cc53fb
One of the services they provide is free SSL certificates. As part of that, they have the private key to decrypt the traffic. They aren’t trying to hide that— this is true of any service that hosts the SSL cert for your site.
RIP your inbox. Enjoy a whole lot of self-righteous lectures in business ethics.
- They seem to hate my devices. Lots of captchas.
- They seem to hate when people bypass their country's censorship. Using sites behind cloudflare through tor is pain without end.
I get so many cloudflare captchas browsing on Firefox. They mostly go away when I change my user agent string to Chrome. Making the Internet more hostile for a particular group of users is pretty shitty behavior in my book.
They are the world's largest MITM as a service.
Both of course, but if I had to choose, Cloudflare. Definitely Cloudflare. That company must be purged by fire and magnets. Sure, casinos are evil, but they mostly stay in their lane doing their thing of preying on the vulnerable. When Cloudflare just straight up breaks half the internet for lunch and there's, by design, no way around it.
What exactly has Cloudflare done to those poor casino thugs, they were only trying to extract more money from gambling addicts?!?
🤘
I won five grand from an online casino in 2001, and they not only paid me my winnings, they also included an extra $262 in comps for having bet aggregately over a quarter of a million dollars. That money went a long way for my early-20s ass. Paid off a credit card and bought a new mattress for me and my new wife.
When Full Tilt Poker got shut down by the DOJ, though, I was sort of okay with it. There were waaaaay too many action flops for those hands to have been truly randomized.
Gambling ruines lifes. Just because people can get their win does not mean it should be defended in any case. These casinos intentionally make people addicted, causing so much suffering and death.
they also included an extra $262 in comps for having bet aggregately over a quarter of a million dollars.
Why do you have credit card debt that had to wait for a 5k gambling "windfall" if you can afford to slowly spunk 250k up the wall at the same gambling sites?
you have a problem... you are an addict...
I can't figure out if this is a joke post or not
I think what he means is that he bet some money, won, and then used that to bet again, repeat and eventually the aggregate bets made totalled to be 250k.
Programmer Humor
Post funny things about programming here! (Or just rant about your favourite programming language.)
Rules:
- Posts must be relevant to programming, programmers, or computer science.
- No NSFW content.
- Jokes must be in good taste. No hate speech, bigotry, etc.