[HN Gopher] Cloudflare CEO: Football piracy blocks will claim lives
___________________________________________________________________
Cloudflare CEO: Football piracy blocks will claim lives
Author : reynaldi
Score : 205 points
Date : 2025-05-26 15:15 UTC (7 hours ago)
(HTM) web link (torrentfreak.com)
(TXT) w3m dump (torrentfreak.com)
| andrepd wrote:
| Very telling how the article ends with a snippet about how the
| previous season had record-breaking revenues and how La Liga is
| one of the most profitable sports competitions in the world. It
| is never enough.
| refulgentis wrote:
| It's bad to steal things and we should try to prevent it.
|
| (I'm generally pro-piracy and don't know the details here, but
| am also old enough for "the people like MONEY" to not be a
| particularly noteworthy quality. The things that jump out to me
| here are A) is Cloudflare's attempted implication that they
| just need a better injunction true? B) The sophomoric argument
| that "people will die due to this" is my "people like MONEY"
| smell)
| budududuroiu wrote:
| I'm gonna argue that piracy is the only thing keeping
| platforms somewhat in check to not get completely
| enshittified.
|
| I stopped pirating stuff when content platforms gave a
| compelling easy to use product, I'm back to pirating because
| it's genuinely a better product compared to the endless hoops
| you have to jump through to use streaming services
| madars wrote:
| This comic is evergreen https://i.redd.it/d3423w2g5ur21.jpg
| (source: https://old.reddit.com/r/comics/comments/bcdlbf/he
| llo_old_fr...)
| refulgentis wrote:
| Enshittification is when there's multiple choices?
|
| Isn't it, quite literally, the opposite?
| hakfoo wrote:
| You don't have multiple choices.
|
| The appeal of Peak Netflix was that it had everything in
| one place with reasonably working discovery mechanisms.
| You could pay $10 or so per month and be satisfied. The
| current streaming era is "if you want to see all your
| favourite shows, it will cost $60 per month and you'll
| have to bounce around among 12 apps to find what you
| want."
|
| If we had a mandatory-licensing regime, I'd expect
| multiple choices would work great. Services couldn't
| survive on "Only we have The Office/Game of
| Thrones/Bluey" alone and would have to differentiate
| based on other factors like "best discovery tools" or
| "built to better suit your specific devices"
| refulgentis wrote:
| > You don't have multiple choices.
|
| The comic depicts "Netflix" -> "Netflix Amazon Apple
| Disney+ Hulu YouTube", and you later implicitly say there
| are multiple choices, but, you don't think it works well.
| "If we had a mandatory-licensing regime, I'd expect
| multiple choices would work great."
|
| > Services couldn't survive on "Only we have The
| Office/Game of Thrones/Bluey" alone and would have to
| differentiate based on other factors like "best discovery
| tools" or "built to better suit your specific devices"
|
| I'm not sure how either of those are differentiators for
| _people selling content_ , rather than _people coding
| apps_.
|
| Let's avoid that simple argument.
|
| Let us instead assume mandatory licensing exists, which I
| presume means that as soon as content is released, it is
| a _right_ to be able to license it, i.e. pay the content
| creator to have it on your service.
|
| I have a hard time understanding how that would lead to
| _all_ content being on _all_ services - surely, this adds
| up to some finite sum, but is that finite sum enough to
| mean its trivial to license everything, so there 's no
| differentiator anymore?
|
| And that's before we bring in that, presumably, we have
| some shared understanding that it's more expensive to
| license, say, Bluey Game of Thrones Edition, than, idk,
| hmmm...Karate Kid.
|
| Let's set _all_ those little things aside.
|
| A screen is a piece of glass with pixels behind. A video
| takes up the pixels.
|
| Is there room to "build to better suit your specific
| devices"?
|
| Can we avoid an example that ends up creating exclusive
| content in the process?
|
| Let's set that aside: what are discovery tools?
|
| Are they differentiable? Or does it boil down to "a way
| of presenting N choices I might like"?
| kylecazar wrote:
| What hoops? Payment?
|
| I pay to stream La Liga and it's about as easy as hitting
| 'Watch Live'
| beeflet wrote:
| yeah, payment is too inconvenient for me. I am not going
| to give my CC info to every website that asks.
|
| Maybe if we lived in a "HTTP 402" secure micro-
| transaction world, it would be a different story.
| Vicarium wrote:
| Yeah, split payments across multiple streaming services
| can get tedious. Though I agree with you for the most
| part, piracy comes with more hurdles even with a fancy
| automatic setup.
|
| But really the most important benefit of piracy is the
| one you're already taking advantage of. The cost would be
| significantly higher if they had a true content monopoly,
| instead they have to price with the idea that should the
| cost be too high, the inconvenience of piracy becomes
| increasingly worthwhile.
| jen20 wrote:
| Shitty non-platform-integrated UI 8: my particular bug
| bear. I want a native Apple TV app using native controls
| if I'm to pay money for a streaming service. That said, I
| just don't bother watching if that isn't available.
| 6510 wrote:
| Say I want to watch some specific movie right now.
|
| How would you go about accomplishing this?
| 6510 wrote:
| it's a serious question. I've tried hoarding
| subscriptions. It doesn't work.
| refulgentis wrote:
| Canistream.it, if not, rent and or buy from Google Play
| kylecazar wrote:
| I have the subscriptions and it works for me. I do resent
| on principle needing so many different services, but once
| set up, I haven't hit a film that wasn't covered.
|
| My subscriptions: Hulu (with a bunch of premium
| channels), Prime Video (with MGM, Acorn and BritBox),
| Netflix, Max, Peacock, Apple TV, Criterion Collection,
| Fubo, ESPN+
|
| In the off chance something is not available on one of
| the above (again, really hasn't happened), it is usually
| on PPV via either Prime Video or Play for 4.99.
|
| To the point of piracy -- I feel the same way about it as
| I do stealing bread. If you're struggling to make ends
| meet and the above subscriptions are just unaffordable
| (which they are for many), I'm not going to think any
| less of anyone for perusing some torrents. The world is
| hard and entertainment can _really_ help people through
| the bullshit. I have witnessed the power of distraction.
|
| It's a little harder to justify not paying for any reason
| other than inability to pay.
| refulgentis wrote:
| "Endless hoops"?
| zoeysmithe wrote:
| My words and art are constantly being stolen and mined for
| AI.
|
| People being stolen from most likely aren't going to advocate
| for the class stealing from them. Capitalism has one rule to
| wit: an in-group that is not bound but protected by the law
| and an out-group that is bound by but not protected by the
| law.
|
| As a working class person if you 'pirate' materials you could
| be facing fines or even jail time.
|
| If the capital owning class wants your IP, they'll just take
| it.
| ryandrake wrote:
| The people running these companies don't know what "enough"
| even means. They have no concept of it.
| padraigfl wrote:
| Football leagues are in a bit of a weird position here where
| one league (English) being drastically stronger in pure
| monetary terms than the rest means the others can't really let
| up.
|
| Similarly there's quite a lot of push from the most powerful
| teams in some of these leagues to break off and form a European
| Super League; with Spain's two biggest teams being the biggest
| backers of the project.
|
| ETA: not agreeing with how aggressive they are exactly, but do
| think long term they're probably in a lot of trouble if/when
| money starts to properly force a European Super League into
| existence.
| Zealotux wrote:
| I live in Spain, while I find the whole "life-threatening"
| narrative a tad overblown: I agree these obnoxious blocks are
| unacceptable. Incredible how much power LaLiga is capable of
| wielding.
| qoez wrote:
| It reminds me of when they fear mongered about lives being at
| risk when twitter was down after elon took over because local
| governments used the site for emergency broadcast.
| 6510 wrote:
| They can still do emergency broadcasts, if elon approves.
| ethbr1 wrote:
| The fact that it's stupid doesn't make it untrue.
|
| Under-resourced public sector entities often reach for the
| easiest solutions: Facebook and Twitter.
|
| Consequently, those channels are a major portion of their
| disaster communication plans.
|
| If services don't want to assume the responsibilities of
| being critical utilities, then they shouldn't work so hard to
| establish monopolies.
| foobarchu wrote:
| In this case cloud flare is clearly willing to be the
| responsible party and has acknowledged that blocking them
| instead of requesting takedowns is the issue. Who are you
| chastising?
| lnxg33k1 wrote:
| Also Serie A, in Italy we had people losing everything this
| winter due to floods, and clubs were still trying to not
| postpone matches, it's so crap that there are so many people
| following football
| afarah1 wrote:
| In Brazil it is not uncommon for fans to organize protests,
| sometimes violent, when a club starts performing poorly due
| to perceived slack on the players. At the same time,
| seemingly more pressing political issues often go unnoticed.
| It's beyond me how some people get more riled up by the
| sport, not being a sports person myself.
| hirako2000 wrote:
| It's designed for this purpose. Rome was organizing those
| games to thrill the romans, it worked splendid. When
| political concerns gets on the rise, you pump the show.
|
| It works better than your typical propaganda as players
| become heroes, managers and clubs make great money.
| Distributors get their cut. The machine is well oiled with
| solid monetary incentives.
|
| Football (and other sports watching): cheap but deep rooted
| emotions, press here to get your dose.
| eej71 wrote:
| _Rollerball_ a movie from 1975 (not the 2002 remake) is
| an interesting take on this. A futuristic society that
| promotes an increasingly violent game to entertain and
| misdirect the masses.
| ethbr1 wrote:
| Look at it the other way -- absent sports fanaticism,
| people with these personality traits would be involved in
| politics.
|
| I'd categorically say that focusing that sort of person
| on sports is by _far_ the lesser of the two evils.
|
| Democracy only chooses as wisely as the average
| intelligence of its voters.
| dakiol wrote:
| Didn't one of the major ISPs in Spain go down like a weeek ago
| (movistar) and that caused some emergency numbers to not
| function properly for some time? I wouldn't be surprised if
| critical (digital) infrastructure would rely on Cloudflare. If
| Liga is banning blocks of IP addresses without distinction,
| then anyone is at the mercy of being shutted down in Spain.
| gmuslera wrote:
| In a globalized internet, your health institutions websites may
| run through, or depend on (i.e. 3rd party sites, js
| dependencies, etc) going through Cloudflare. Or emergency
| services, or whatever. With enough players you go from a side
| possibility to a certainty.
| hirako2000 wrote:
| Cloud flare even offers a CDN for npm libraries.
|
| it feels like incapable "experts" are placed in position or
| authority for something like this to happen.
| ipaddr wrote:
| Why would anyone use a cloudflare js cdn for anything but a
| toy site? Those are bad decisions by developers.
| Fokamul wrote:
| Who let laws, which allows IP blocking, to pass?
| TacticalCoder wrote:
| > I agree these obnoxious blocks are unacceptable. Incredible
| how much power LaLiga is capable of wielding.
|
| It's not even about the power. It's about how freaking dumb of
| a "solution" that is.
|
| It's not "you're too powerful" (la liga and the judges
| enforcing this) but really "you're too fucking dumb".
| quesera wrote:
| BTW, your account seems to have been shadowbanned for the
| last 4 months.
|
| You might want to reach out to the moderation team.
| Yeul wrote:
| Football clubs have a billion euro budget nowadays. Sport is
| business. Where does FC Barcelona get their money from? The
| tooth fairy?
| blibble wrote:
| sounds like centralising most of the the internet behind a single
| easy target (Cloudflare) is a bad idea
| 77pt77 wrote:
| All systems seem to converge to these monopolies.
|
| Google, X, Facebook, Cloudflare.
|
| All minor player are absorbed or eliminated.
| shermantanktop wrote:
| This is what happens when everyone is incented to trade low-
| probability risk for short-term profits. Because who would
| bet that a giant CDN would be blocked like this?
| okanat wrote:
| It is the result of lack of regulation. They are all allowed
| to buy their competition.
| yoyohello13 wrote:
| I think we are partially to blame for this too though. For
| the last 10-20 years the whole goal of a founder was to grow
| a business, get acquired then exit. If founders instead
| focused on building a sustainable business maybe we would
| have a more diverse tech landscape.
| j_maffe wrote:
| To be fair, even the ones that don't want to get acquired
| know the bitter road ahead from the opposition aggression.
| SoftTalker wrote:
| Nobody would fund a founder who wanted to build a
| sustainable business. It would have to be bootstrapped, and
| there are a lot of such businesses, but you never hear
| about them because they stay small.
| __loam wrote:
| X is a minor player. Replace it with AWS
| 77pt77 wrote:
| I meant for what it does.
|
| Is there anything even remotely comparable to twitter
| (outside of the PRC)?
| __loam wrote:
| Bluesky, Threads, mastodon, even reddit I guess even
| though it's more atomized into subreddits.
| 77pt77 wrote:
| Twitter has like 3 times the users of threads and bluesky
| has a tenth of threads.
|
| It's a geometric progression (power law) and it almost
| always devolves into that.
| __loam wrote:
| You asked if there was something remotely comparable and
| there is.
| brookst wrote:
| Classic economies of scale. It's a lot more efficient for one
| company to make one million services of lemonade than it is
| for one million people to make one serving each. Even if the
| homemade version is "better".
| afiori wrote:
| I agree that oligopolies are more stable than polyopolies,
| but a huge part of why the internet collapsed in a handful of
| companies is how stock markets and venture capital love
| monopolies.
| dakiol wrote:
| Yeah. I think this is the elephant in the room. I keep
| stumbling upon "We need to verify you are a human" by
| Cloudflare in many sites around the web. Crazy.
| jtbayly wrote:
| Sadly including on my site that kept getting overwhelmed by
| bots this year. I didn't know what else to do.
| 418tpot wrote:
| Have you tried anubis?
|
| https://github.com/TecharoHQ/anubis
| thayne wrote:
| Anubis is affective against certain kinds of bots and
| abuse, but wouldn't be that affective against large scale
| DDoS attacks. And it does have a negative impact on
| usability, as users have to wait for the browser to do
| the proof of work, which may or may not be worse than
| cloudflare's captchas.
| DoctorOW wrote:
| Anubis is a partial mitigant of DDOS attacks, since it's
| less resource intensive to serve the Anubis page than the
| origin[1].
|
| Cloudflare's captchas are only convenient for a subset of
| users, I'll bet there'd be decent money in one of the
| competing CDNs (Fastly maybe?) including an Anubis-like
| captcha.
|
| [1] : https://news.ycombinator.com/item?id=43864108
| jtbayly wrote:
| I tried to figure it out for about 5 minutes, and decided
| that it probably wasn't possible on my shared hosting.
| kevincox wrote:
| I agree that having so many sites behind one CDN (and related
| services) is a problem, but I don't think it is the elephant
| in this room. Even if there were 100 very popular CDNs having
| 1% of sites blocked because one user was streaming sports
| doesn't feel acceptable. Shared hosting has always been very
| popular and you have sites like Shopify, Squarespace,
| WordPress.com that are hosting thousands of sites.
|
| Maybe with IPv6 it will become normal to assign each customer
| their own IP? But I don't see it. This also reduces privacy
| because we are moving towards Encrypted Client Hello in TLS
| but we have made no progress to hide IPs.
| throaway920181 wrote:
| Also, if (when) their Captcha decides that you're a bad
| actor, there's literally no way around it. You can spend tons
| of time checking the box/trying again, but there's no way to
| "solve" it.
| bearjaws wrote:
| I have yet to find a platform that is as comprehensive as
| Cloudflare.
|
| Bot protection, waiting rooms, cheap static assets, WAF.
|
| Odds are if you are running a popular platform, you need all of
| these things.
| pier25 wrote:
| Unfortunately there aren't that many competing services.
|
| AFAIK BunnyCDN is the only service that comes close but their
| cloud offerings are kinda new and they charge egress.
| stego-tech wrote:
| My sarcasm well is tapped, but this is why I was sus of CDNs
| like Cloudflare and Akamai at the outset. Yes, they're highly
| convenient and enable more sites and services to weather large
| attacks or traffic spikes, but we willingly sunk a huge swath
| of the net behind a handful of for-profit entities and yet
| somehow expected nothing but sunshine and roses forever.
|
| Stop. Trusting. Companies. To. Do. The. Right. Thing.
|
| Cloudflare could've prevented this if they'd taken a stand on
| anything but profit motives, but they've repeatedly chosen not
| to. Piracy sites pay the bills just like Porn or Government
| sites, after all, and companies won't turn down money unless
| forced to through regulation.
| DoctorOW wrote:
| You seen to be implying that Cloudflare has been abusing this
| position of power, but then listing things it allows? Porn,
| of consenting adults, is actually a great example of business
| Cloudflare's right to take on. You may not care for it, but
| legal/ethical pornography is a matter only of taste. We'd be
| far worse off if Cloudflare was blocking content based off of
| personal preference.
| ipaddr wrote:
| Didn't they kick off far right websites like stormfront?
| They still block from personal preference it's just
| preferences you agree with.
| DoctorOW wrote:
| (in)famously they refused to do that until ordered to by
| law enforcement.
| thayne wrote:
| I don't entirely disagree, but at the same time, La Liga
| shouldn't have this much power to shut down large swaths of the
| internet because of a handful of piracy sites, that probably
| only have a minimal impact on their income anyway.
|
| Also, CDNs have inherent economies of scale and network
| effects, so it is natural that there would be just a few at the
| top.
| phoronixrly wrote:
| Only it's not La Liga censoring, it's a court order as far as
| I can understand from the TF article. Should the judicial
| system of a country have the power to shut down large swaths
| of the Internet after presumably due process and in
| accordance with the law? IMO yes.
|
| Now, the question really turns out to be "Is a law stating
| that large swaths of the Internet must be censored to stop a
| handful of piracy sites just?"
|
| No. It isn't.
| otterley wrote:
| Why does CloudFlare have these problems and other CDNs like
| CloudFront and Akamai don't?
| jsheard wrote:
| CloudFlare is free/cheap, has (AFAIK) no KYC policy, and is
| generally unresponsive to abuse reports unless the courts get
| involved, so it's the default choice for nearly all piracy
| sites, phishing sites, DDoS providers, etc. The few which do
| get kicked out of CF generally have to resort to dubious
| Russian CDNs because none of the other mainstream CDNs will
| have them.
| dankebitte wrote:
| > dubious Russian CDNs
|
| Are there multiple? I thought DDoS-Guard [1] had a near-
| monopoly on CDN services for international piracy.
|
| [1] https://krebsonsecurity.com/2021/01/hamas-may-be-threat-
| to-8...
| otterley wrote:
| No, CloudFlare is implicated as well. If you watch videos
| from any of the major pirate TVoD sites and inspect the
| traffic, you can see they're frequently using CloudFlare as
| their global CDN with a Chinese origin site.
| AtNightWeCode wrote:
| Entire Amazon AS-numbers are sometimes blocked so CloudFront
| consumers have the same issue. The thing with CF is the scale.
| They are really big and that is why it gets noticed. When it
| comes to Akamai they don't have shady customers in general and
| the risk of a problem is less. They also have a better
| infrastructure.
| stackedinserter wrote:
| I never watched sports but my kids want to, so tried to buy them
| subscription to some sport broadcaster.
|
| Bundesliga, F1, NHL and FIFA world cup, that's all I (they)
| needed.
|
| It turned to total mess. Service A shows F1 but not NHL. Service
| B shows NHL but not all NHL, only games where my city team plays.
| Some show LaLiga but not Bundesliga. All cost $30/mo but still
| show ads. Periodically they show ads instead of the event. If
| they can't, they split screen show the event in a little
| rectangle that's 25% of screen space. Dazn, TSN, ESPN are all
| total scam. You can see a lot of bull riding though.
|
| We cancelled all this nonsense and just moved to pirate sites.
| Screw this bs.
| omnee wrote:
| I have done something similar too, as I wanted to watch a
| specific football game - Barcelona v Real Madrid - and it was
| available on a different streamer to the THREE that I already
| have. So I simply took the easier route.
| latchkey wrote:
| He's been complaining a lot about Portugal on Twitter too.
|
| https://x.com/eastdakota
| bantunes wrote:
| It's really weird to vent on socials like this without specific
| asks. Makes him look whiny (ie
| https://x.com/eastdakota/status/1926750112757273065)
| renewiltord wrote:
| These countries all have the same problem: older generation
| has sufficient power to say "we don't need immigration or
| jobs or anything; we're fine" while Americans who visit say
| "wow this place is great; such good food for so cheap!" and
| young people are desperate to emigrate for jobs.
| 77pt77 wrote:
| Your/Our masters need newer, bigger and better handouts!
| dpkirchner wrote:
| I don't see anything about Portugal there, just hundreds of
| tweets sorted randomly.
| jsheard wrote:
| X now shows logged out visitors a "greatest hits" timeline
| instead of a users actual timeline. You can use a proxy like
| xcancel to get around that without an account.
|
| https://xcancel.com/eastdakota
| koakuma-chan wrote:
| Football company has authority to block IP addresses?
| bilekas wrote:
| In Spain LaLiga IS the government.
| ErneX wrote:
| They got a judge order that tells ISPs to block any IP they
| want during games.
| gosub100 wrote:
| NFL would absolutely do the same in the US if it were against a
| foreign ISP or network operator.
| TheCondor wrote:
| What's the domestic piracy rate for NFL games?
|
| They split the rights up in much more imaginative ways, like
| local channels can broadcast sold out local games and then
| the nfl itself or an rsn or major network can broadcast the
| remote half. I would guess that a lot of local games are over
| the air but if you follow a team somewhere else you might
| need a fairly inexpensive subscription
| tedunangst wrote:
| The NFL streaming services are truly bizarre. You can't
| stream local games, based on billing address, because
| you're supposed to watch TV. Which means if you go on
| vacation, you still can't watch, because they're not on TV
| and not streamable with your account.
| charcircuit wrote:
| It's a taste of his own medicine. Having your entire service
| blocked due to a portion of it being illegal is not much
| different to how he personally terminated service for 8chan due
| to a portion of it he claimed was illegal.
| 6stringmerc wrote:
| Actually, this is a Cloudflare problem - simply take extra steps
| to ensure your clients paying for your services aren't harmed by
| natural market forces.
|
| If you read between the lines, he's claiming people will die
| because Cloudflare doesn't want to take the time, effort, or
| money to fix the problem that they easily could by creating a
| separate system for critical services.
|
| This type of "tech hypochondria" should be absolutely dragged at
| every opportunity. This guy runs a business and whines that his
| clients don't deserve what his business agrees to provide? FOH
| with that ish mang I ain't buying it.
| vessenes wrote:
| I was unaware of this controversy so in brief:
|
| 1. La Liga (Spanish Football) finds pirates streaming their games
| objectionable
|
| 2. They notice that many of these streamers use Cloudflare for
| something, presumably CDN and load balancing.
|
| 3. They appear in court in Spain and get an ex-parte TRO blocking
| all Cloudflare IPs. (Ex parte TRO: restraining order granted
| without Cloudflare being summoned to court)
|
| 4. Based on this, they tell ISPs to block pretty much all of
| Cloudflare in Spain.
|
| 5. Cloudflare goes public in frustration, noting that they could
| just send take down requests for infringing content like every
| other rights holder in the world, and that many Spanish utilities
| and civil resources use Cloudflare.
|
| Interesting. My gut is that it's hard to beat La Liga on their
| home turf, as evidenced by not even being invited to the court
| hearings which shut you down across all of Spain.
|
| Long term, I'd guess CF wins this one? Probably they will have to
| escalate in some way to Eurozone courts, although I have no idea
| how this might work. No cloud business could meet the standard
| put forward by La Liga; but also there are only so many CDN
| companies. Meantime I guess illegal streamers can move to Google
| and see which legal group wins that battle.
| moffkalast wrote:
| The EU should be sanctioning Spain the same way we're
| sanctioning Hungary for this sort of authoritarian behaviour.
| What's next, they're banning Google cause pirates use it to
| search for streams?
|
| I don't know how this doesn't count as a net neutrality
| violation.
| arp242 wrote:
| Look, I don't like these blocks, but comparing it to the
| situation in Hungary is hysterical and ignorant. And the EU
| going around sanctioning every member state at the drop of a
| hat if it does something the other member states don't like
| would mean the end of the EU, as support for this kind of EU
| is extremely thin.
| candiddevmike wrote:
| Cloudflare becoming Too Big To Block. Sounds like it should
| become a utility.
| jfengel wrote:
| Usually, they call that "nationalizing". For a worldwide
| company, would it be "globalizing"?
| haiku2077 wrote:
| This situation also applies to any hosting provider which
| doesn't give every website a separate IP address. (The newest
| versions of TLS encrypt domain names, so the ISP only sees
| the IP.)
| moralestapia wrote:
| Why?
|
| There's no rationale behind that.
| mystified5016 wrote:
| When a thing or technology becomes so large and so relied
| upon that removal of that thing causes real physical harm
| to unrelated citizens or indeed the government itself, you
| should think about the risk and benefits of allowing that
| thing to be controlled entirely by a private entity with no
| oversight or responsibilities.
| hombre_fatal wrote:
| This is just barking up the wrong tree and it applies to
| everything that people use.
|
| The root issue here is that La Liga is able to get a
| court to shut down a web host. It's shouldn't be anyone's
| problem but La Liga's that people pirate their stream,
| but a court let them make it everyone's problem. And
| there are any number of dumb things the court could have
| let them do, and turning CF into a utility company that
| can get shut down by the court doesn't solve the issue.
|
| Finally, the main/original reason CF is useful is because
| the internet was created naively with no protections
| against bad actors. Weakening CF just empowers bad actors
| like LaLiga that much more at the expense of the rest of
| us. Being able to cloak my origin behind CF so that
| LaLiga or any other overpowered government or private
| entity doesn't know who I am is a feature. LaLiga having
| no option but to throw a tantrum that takes down half the
| internet is also a feature, and not one we should quickly
| hand away just because, idk, we can imagine some utopian
| vision where CF is unnecessary.
| danaris wrote:
| > This is just barking up the wrong tree and it applies
| to everything that people use.
|
| You're missing the part where it's _a single company_ ,
| not just "the entire anti-DDoS infrastructure", that's
| being talked about here.
|
| It would be perfectly possible (no idea how practical
| offhand) to have an entire ecosystem of competing CDNs
| all doing the same thing that Cloudflare does, rather
| than _just_ Cloudflare making those decisions all by
| itself.
| Spivak wrote:
| There is an ecosystem of competing CDNs. Blocking any one
| CDN necessarily impacts all the sites hosted on that CDN.
| This is a function of being a webhost with multiple
| customers not being Cloudflare specifically.
| fidotron wrote:
| > 2. They notice that many of these streamers use Cloudflare
| for something, presumably CDN and load balancing.
|
| And DDoS protection.
|
| Sports broadcast piracy has a history of serious organized
| crime involvement, and then some, such as
| https://www.theregister.com/2002/03/13/murdoch_company_crack...
| where the allegation was NDS did the hacking and leaked the
| keys of the rival tech to various mob groups for exploitation.
| Yeul wrote:
| Back in the 90s when most people didn't have broadband
| internet or CDROM burners piracy was very big business.
| im3w1l wrote:
| There is a new factor in the equation: Rising anti-american
| sentiments. This ties in with point 5 especially. Forcing
| Spanish websites off Cloudflare could seem like an additional
| benefit.
| briandear wrote:
| The "anti American sentiment" is overblown. Average person
| doesn't care. I live in Spain and I'm not seeing much anti-
| American anything. Anti-Israel has reached hysterical levels
| on the other hand -- at least in the media, though the
| average person really doesn't care about that much either.
|
| In my circles of high level Spanish/European motorcycle
| racing, we continue to have a very positive reception as
| Americans in the paddock. The (Spanish) TV announcers have
| been positive towards our riders, the teams and crew are
| positive and helpful. We have more people wanting to talk
| about Route 66 than trade policy. Most Spaniards I know tend
| to roll their eyes at their own government more than anything
| happening in the U.S. The only exceptions are hysterical US
| expats on Facebook groups acting like the sky is falling. But
| they do that reliably every time a Republican gets elected.
|
| Anecdotes aren't data of course, but vocal people online
| don't represent broader thought.
| sillyfluke wrote:
| >Spanish/European motorcycle racing
|
| Yeah, you're in a bubble and you're likely misreading their
| politeness. I don't know any Spainards who would want to
| get into pointless political arguments with Americans who
| they guessed to be right of center in the off chance they
| were supporters of the current US government. Unless of
| course they were Vox affiliated, but even then I'm not sure
| they would bother engaging. They'd probably prefer to stick
| to talking about common interest stuff (like motoracing).
| "Anti-American sentiment" in the European context usually
| means being Anti-American government, not being dicks to
| individual Americans. The few cases where it actually
| crosses into Anti-Americanism the way you describe it seems
| to happen when the US militarily attacks a country they
| consider to be "brothers" or very close to. One example
| would be Greeks during the NATO bombing of now Serbia.
| Definitely one of the worst times to visit the Acropolis
| for an American.
|
| I think your error is that you are gauging "Anti-American
| sentiment" by measuring how much you witness them bitching
| about Americans or Israelis. Whereas you should measure it
| by their actions. Tesla sales dropped signifcantly in Spain
| as it did in the rest of Europe. BYD sales are up 644%. See
| what they think about taking family vacations to the US.
|
| Spanish people often end up buying local alternatives when
| available anyway but don't mind buying whatever when there
| are no alternatives (iphones, sneakers etc)
|
| You ask the Spaniards if you want to send ammunitions to a
| country convicted of war crimes, the majority will most
| likely say no. And if your government is actually acting in
| accordance with that position and pushing the rest of
| Europe on that front, there's even less reason to bitch
| about Israelis to random foreigners.
|
| > Most Spaniards I know tend to roll their eyes at their
| own government more than anything happening in the U.S.
|
| This we can agree on. As it should be. Why bother with
| things out of your control?
| jaoane wrote:
| I live in Spain and there is no rising anti-American
| anything. The average person doesn't care beyond the Trump
| hate that is spewed by the mass media, but the mass media
| spews hate about many things, so much that the average person
| can't really invest much energy into hating every little
| thing.
|
| I know that people here would love to live in an alternate
| reality where everybody in the EU is fuming at the US having
| a right-wing government but that's not here at least yet. The
| US has done so many terrible things throughout history; they
| will survive this too.
| LoganDark wrote:
| > The US has done so many terrible things throughout
| history; they will survive this too.
|
| They may never recover from decades of top secret
| intelligence being compromised.
| spookie wrote:
| I've heard enough of this anti-american talk, and it sure
| smells like propaganda.
|
| The huge majority of europeans have nothing against the
| american people. Please, do not propagate these claims.
| KomoD wrote:
| > The huge majority of europeans have nothing against the
| american people.
|
| Source?
| sunaookami wrote:
| Do you really need a source that most people don't hate
| other people?
| Spivak wrote:
| America the land-mass and US citizens, of course people
| don't hate us.
|
| America the political entity represented on the world
| stage by our government, oh yeah people are pissed.
| AtNightWeCode wrote:
| I might be out of date but. I think the article is incorrect.
| It is the same corp that owns both the streaming rights and the
| ISPs. The court order allows those ISPs to block IP-addresses
| of sites that hosts illegal streaming. I find it hard to see
| how CF could have a case here.
| michaelt wrote:
| _> Cloudflare goes public in frustration, noting that they
| could just send take down requests for infringing content like
| every other rights holder in the world,_
|
| Live sports piracy has the unusual property that you _have_ to
| be able to get the block in place within the ~90 minutes of a
| football match, even at weekends and across time zones.
| Otherwise there's no point.
|
| If the courts let Cloudflare slow roll this, at the legal
| system's normal snail-like pace, the law would be effectively
| useless.
| AlotOfReading wrote:
| How are streaming sites registering new domains and getting
| the site info out to the audience in that time frame? I
| suspect they're not and there's actually a period there's a
| window of weeks or longer for enforcement actions to be
| taken.
| haiku2077 wrote:
| Preregister domain names, distribute then via chat apps
| like signal or whatsapp or telegram.
| AlotOfReading wrote:
| Whatsapp has mechanisms to prevent this kind of thing by
| blocking the messages from being sent, but I guess I'm
| confused about how this works financially. Sports
| streaming (especially something like La Liga) is the
| textbook example of a mass market product. The vast
| majority of the audience isn't technically sophisticated,
| and live streaming infrastructure is expensive. Pirate
| sites need a reasonably large audience to make money. I
| find it hard to believe that there's enough reach for
| people waiting to click on random links in private signal
| chats to make pirate streaming a viable business when
| people can just go to a bar or a friend's house. Is that
| really happening at any meaningful scale?
| alwa wrote:
| > _Is that really happening at any meaningful scale?_
|
| Anecdotally: _oh_ yes. I don't know anybody who pays,
| although that may say more about the populations I work
| with and hang out with.
|
| I hear there's plenty of headroom for the direct
| economics to work, if you're reselling for less than the
| ~EUR100/month range the commercial providers charge [1].
| Gross median income in Spain is on the order of EUR27000
| annually, for reference [2]--so I'm not sure how many of
| the pirate viewers would be able to afford the legit
| product if the pirate channels dried up.
|
| I also hear [0] there's a robust side trade in exploiting
| pirate viewers' machines though malware-style techniques
| while they're there and feeling enticed to click yes to
| things...
|
| [0] https://www.webroot.com/blog/2021/05/12/we-explored-
| the-dang...
|
| [1] https://www.reddit.com/r/LaLiga/comments/1fksf3i/how_
| much_do...
|
| [2] https://www.ine.es/dyngs/INEbase/en/operacion.htm?c=E
| stadist...
| haiku2077 wrote:
| I personally don't know _anyone_ my age who pays to
| stream sports.
| yunohn wrote:
| > Whatsapp has mechanisms to prevent this kind of thing
| by blocking the messages from being sent
|
| Sorry, you mean WhatsApp detects and prevents the sharing
| of piracy links? I wasn't aware of this, good to know. Is
| there a source of the various checks they have like this?
| aerostable_slug wrote:
| I've seen these sites run ads, so I assume that means
| that they do have significant reach and further the ad
| providers get some return on their investment.
|
| Note that the ads were for things like VPN providers and
| pirate IPTV feed services, which people are willing to
| pay for.
| giantrobot wrote:
| You don't even need to distribute the URLs. An aggregator
| can use a DGA[0] in and automagically find the correct
| stream URLs. Unless the seed and specific DGA leak it
| would be difficult to get ahead of the pirate streams.
|
| [0] https://en.m.wikipedia.org/wiki/Domain_generation_alg
| orithm
| michaelt wrote:
| Users visit aggregator sites which don't host the streams,
| they just link to them.
|
| Then the streams are on sites with names like fins38gy2m.ws
| a new URL for every game.
|
| The hosts of the streams can set up an URL days in advance,
| and post it to the aggregators at the start of the game.
| impulser_ wrote:
| A lot of them will share a link to a page of all the
| domains they operate. So you just bookmark the page and if
| the site goes down just busy that page for the new links.
| m3drano wrote:
| one extra thing to mention is he role of Telefonica here. they
| are both an ISP that needs to apply the blocks, but also its
| subsidiary "Telefonica Audiovisual", who holds rights for the
| football, is a plaintiff.
|
| one of the claims were that this is somewhat a procedural fraud
| since the plaintiff (Telefonica Audiovisual) and the defendant
| (Telefonica Spain) is technically the same thing. the order was
| granted after the defendants admitted, and therefore there
| wasn't any hearing with CF.
| globie wrote:
| Of course it could claim lives. Hopefully Prince has considered
| people have also likely died as a result of Cloudflare's
| repeating captcha which holds the next page in front of you like
| a carrot on a stick, never letting you know that you will be
| clicking that box forever.
|
| I'm sure while someone's in the process of keeling over is the
| perfect time to arbitrarily scrutinize their connecting details.
| You need to contact your doctor ASAP. Okay, but did you neighbor
| have a virus last week? Is your neighborhood in your city more
| "problematic" than average? You may have forgot to check these
| details before you fell ill.
|
| Cloudflare sites should come with a big banner warning all users
| their connection will be arbitrarily approved by an algorithm
| with chilling effects built in as dark patterns.
|
| Last I checked, Cloudflare does basically no educating of
| customers how badly their website will be broken for users
| arbitrarily when they don't use the ISP or browser Cloudflare
| likes. No explanation for how many customers you will lose when
| your website can't be visited by someone who doesn't know how to
| change their IP, no explanation that if you're offering a
| critical service then Cloudflare will give that service thousands
| of tiny downtimes left unknown, the screams too quiet to carry
| the weight of a tech CEO worried about something similar.
| spacebanana7 wrote:
| What's the alternative solution? We also don't want to have
| critical services DDoS'd or spammed.
| globie wrote:
| Simple: Connect larger NICs and do "dumb" DDoS filtering at
| your fattest point.
|
| Consider an HTTP daemon serving static content on a physical
| server. If that physical server has a 10Gig NIC it will
| withstand 90%[0] of the real-world DDoS attacks which would
| affect the same server with a 1Gig NIC.
|
| "Dumb" DDoS filtering means blocking UDP and SYN floods, and
| other simple attacks. Your goal is essentially to block
| traffic which could be spoofed, making your downstream
| traffic somewhat attributable. Many ISPs provide functions
| like this, and is not nearly as complicated or invasive as
| letting Cloudflare MITM every bit of your traffic.
|
| Any effort past that point should just be made in caching
| static assets, and optimizing dynamic pages. If your website
| uses sessions, you can implement basic rate controls very
| easily. No WAF required!
|
| [0]: I made it up
| fwipsy wrote:
| > I made it up
|
| I appreciate the honesty, at least
| globie wrote:
| This conclusion stems from that it is much easier to
| launch a DDoS from a single server w/ spoofed traffic
| than to use a botnet. If you have a single 10Gig server,
| you will likely not be able to take down another 10Gig
| server unless the target is already doing near 1gbps[0].
| I believe most "noise" DDoS which effects random website
| operators is considerably less than 10Gbps, and pretty
| much every giant attack uses spoofed traffic which can be
| blocked upstream without a WAF. So long as your upstream
| is big enough.
|
| [0]: I made it up, again.
| wmf wrote:
| DDoS is _distributed_ denial of service. It isn 't coming
| from one server. It's now trivial to buy 100 Gbps or more
| of DDoS so sites would need 400G or more to simply eat
| it.
| globie wrote:
| If you have a single server flooding spoofed traffic, it
| appears as a DDoS to the victim. It's at this point that
| the distinction between DoS/DDoS breaks down slightly.
|
| It is very much not "trivial" to buy 100Gbps+ of DDoS.
| I'm highly confident the majority of D/DoS attacks are
| from single servers, because it works. If you have a
| 10Gbit server and your target has 1Gbit (or you 1Gbit and
| them 100Mbit, it still happens), it's not a question of
| _if_ you can take the target down, but how long you can
| sustain that traffic level before your upstream notices.
|
| Painting every D/DoS as the most bandwidth ever is a play
| out of Cloudflare's marketing. If every website operator
| knew that 1, you don't need _that_ much bigger of a pipe,
| and 2, you shouldn 't buy pipes that charge you $20+/TB
| like AWS anyway, then Cloudflare would have a much harder
| time selling you a downgrade in quality, and we would
| have faster and cheaper networks to boot.
| stego-tech wrote:
| Then maybe don't put critical services on the open internet.
| I know most tech people would balk at such a possibility, but
| the status quo isn't really compatible with either long-term
| goal:
|
| * If we want the internet to be a place of anonymity and free
| speech, then we shouldn't be putting critical services on the
| public internet - or we need to stop using intermediaries
| like Cloudflare where a single court order could disrupt
| legal services
|
| OR
|
| * If we want critical services online and widely available,
| then verifiable identity is a must from the outset, such that
| these sorts of blocks can be highly targeted when enforced.
|
| Piracy exists between those two forces: an anonymous internet
| would be rife with piracy, while an authenticated internet
| would see minimal amounts of it because it's so easily
| eradicated. Coexistence of both worked because the internet
| was optional, which is no longer the case.
|
| But nobody wants to talk about that, I find. Everyone wants
| the status quo to continue unabated forever, because it's
| familiar. Familiarity does not mean permanent, though.
| brookst wrote:
| What if there's no singular "we" and different people /
| companies have different needs?
| stego-tech wrote:
| That's basically what I was getting at, albeit in
| (deliberately) far more inflammatory terms. There's this
| misconception at a very fundamental level that the
| internet is a "place" that can be regulated, or
| obstructed, as human needs change and evolve.
|
| It is little more than a multitude of computers talking
| to each other in a similar "language". It is not a
| singular place or entity, and attempting to regulate the
| entirety of it as such is fundamentally impossible.
|
| And the sooner people and governments understand that,
| the sooner we can resume difficult discussions on its
| use.
| jfengel wrote:
| I think the status quo exists as a more-or-less stable
| equilibrium between those forces. (Plus another equilibrium
| of people wanting to get paid for content and the people
| who don't want to give cash but will sell their attention
| and privacy.)
|
| It's more than just familiarity. It's what works.
|
| If someone had a significantly better alternative I think
| the world would jump on it. But many have tried to disrupt
| this equilibrium and failed.
| brookst wrote:
| As someone who implemented cloudflare because of a massive DDOS
| and bot problem, sorry, but I will cheerfully allow 1% of my
| visitors to find the site unusable rather than 100%.
|
| It sucks, but no sane business would be so invested in equality
| of experience that they'd allow it to be completely broken for
| everyone.
| globie wrote:
| What website? I'm guessing it is not health related or a
| "critical resource" if you are cheery about 1% of users being
| blocked?
|
| For people who put stuff online to help people as well as to
| extract pure profit, knowing the anguish of your users really
| helps look out for them.
| neilv wrote:
| Thank you for honesty on this.
|
| The choice isn't necessarily between 99% and 0% of legitimate
| users/visitors getting through.
|
| What if you, and every other customer of Cloudflare or its
| competitors, applied pressure to make that 100% of legitimate
| users/visitors getting through?
|
| What if legislators also mandated that 100% for many sites?
| brookst wrote:
| Mandating 100% availability sounds like regulating pi to
| 3.0.
|
| It can't be done. If someone is on a home network whose
| router has been compromised and is part of a ddos attack,
| there's no way their innocent HTTP traffic is getting
| through. Ditto if their machine has been compromised. Lots
| of scenarios where an innocent user must be blocked, unless
| the entire internet is reinvented. Which is beyond the
| scope of my project.
| neilv wrote:
| > _It can't be done. If someone is on a home network
| whose router has been compromised and is part of a ddos
| attack, there's no way their innocent HTTP traffic is
| getting through. Ditto if their machine has been
| compromised._
|
| To me, this sounds like giving up way too easily on
| engineering problems.
|
| One distinction to start with: Let's say grandma's router
| _isn 't_ part of a DDoS attack. Even if she might be
| trying to talk with a site that someone is trying to
| attack.
|
| After solving that one, maybe the solution also somehow
| solves the problem of when grandma's router _is_ involved
| in DDoS (or that site? of a different one?), or maybe we
| have to think harder.
| mvdtnz wrote:
| The people behind Cloudflare spend all day, every day
| trying to solve these kinds of problems. They're just not
| as simple as you make it sound.
| globie wrote:
| The people behind Cloudflare engineer this issue for
| profit, which is a very different motive than to "solve"
| the problem.
|
| The people most interested in doing away with the problem
| altogether are not Cloudflare, but its customers.
| neilv wrote:
| > _They 're just not as simple as you make it sound._
|
| I didn't say it was simple. I said I thought it was more
| achievable than "it can't be done."
|
| I suspect one of the barriers to it being done is that
| it's not a top requirement like I assert it should be,
| for basic resources of society.
|
| When led with that requirement, I have faith that some
| smart engineers and product management can figure it out.
|
| With apologies to JFK, "We do these things, not because
| they are easy, but because--" they need doing. Even if
| they are hard.
| mvdtnz wrote:
| I doubt a single person in Cloudflare would claim it
| can't be done.
| jedberg wrote:
| We have thought harder. We know the solution. But you
| have to trade off privacy for security. It's having every
| person get a cryptographic key from the government to
| identify themselves.
|
| Some states are trying this now with porn sites and users
| are rightfully not having it.
| neilv wrote:
| You know _a_ solution, not necessarily _the_?
|
| What do you have to do to characterize packets
| sufficiently to shield against DDoS with negligible
| false-positive significant blocking? (Without needing to
| associate packets with an identifiable person, nor zero-
| knowledge proofs of a person, etc.)
|
| It's OK to discard some prior requirements. (For example,
| it's OK to insert occasional brief latency (not barge-in
| Web browser JS) to some traffic, if that permits an
| approach that greatly reduces false-positive blocking.
| And it's OK to pass some traffic with a suspected single
| client, but then change your mind later. It's OK to
| forget about connection abstractions and clients, and
| look only at stateless packets and the entirety of
| traffic.)
| neilv wrote:
| When I've tried to get a customer of CloudFlare to fix a
| consistent block of their site -- not safety-critical, but
| mission-critical, and costing them a SaaS sale -- nobody seemed
| to care.
|
| My impression is that everyone knows that Cloudflare is
| blocking some legitimate people, but nobody -- neither the
| customer, nor Cloudflare -- cares enough to solve that problem.
|
| It's similar to why Google doesn't have much tech support. Or
| why people can be locked out of their Google or Apple accounts
| without recourse. Caring about the people who fall through the
| cracks that you created isn't profitable.
|
| When the Internet is part of the basic material of society, we
| need to rediscover ideals like "it is better that ten guilty
| persons escape than that one innocent suffer".
|
| And we need to start removing from power the entities who are
| too lazy or greedy to uphold our ideals.
|
| (Before someone jumps on literal numbers: That doesn't mean let
| through 10 botnet floods, rather than prevent grandma from
| finding a doctor. That could just mean, for example, don't
| block grandma because one of her browser headers looks
| suspiciously like an incompetent script kiddie, even though you
| can see that her traffic isn't yet part of a DDoS flood. Once
| you change the parameters to be more consistent with a fair and
| just society, maybe that means that, say, a Web site's servers
| _do_ see a brief blip, as a new DDoS attack spins up, so it 's
| not a perfectly smooth ride, but every legitimate person
| remains served. First, don't run over grandma; apply your
| engineering creativity with that hard requirement in mind.)
| globie wrote:
| Do you ever find that advocating for these tenets feels
| "weird" nowadays? As in, don't you know these publicly traded
| companies are legally bound to extract profit without these
| silly notions of empathy or trust? What do you expect them to
| do? To start acting silly?
| neilv wrote:
| I know that some corporations behave like they are jerks
| who are full of poo.
|
| And some percentage of the rest will act like jerks once
| it's to their advantage.
|
| But society still holds corporations to account on some
| societal values.
|
| Mostly through legislation. But sometimes through consumers
| (and B2B) voting with their pocketbooks.
| reynaldi wrote:
| Ignoring the Spain block for a while, I wonder how/why these
| piracy sites use Cloudflare. Are they using something like R2 or
| Stream? This means someone still has to pay for it, right?
| pier25 wrote:
| Here's the actual tweet:
|
| https://xcancel.com/eastdakota/status/1924969551478804543
| jorvi wrote:
| I see so many people in these threads always complain about
| Cloudflare or Google CAPTCHA loops.. but even when using Private
| Internet Access (one of the most abused VPNs), I rarely if ever
| got on a full-on loop. Maybe Google CAPTCHA made me solve 3
| things instead of one. Cloudflare is always just a checkbox. And
| I have my Brave and Firefox profiles hardened.
|
| I'm not saying you aren't experiencing this, but I am curious:
| what is your setup that Cloudflare and Google treat you with such
| suspicion / hostility?
| candiddevmike wrote:
| Incognito mode with ad blockers triggers it for me
| Filligree wrote:
| Nothing unusual here; just Safari on OSX, with an ad blocker.
| CAPTCHA loops happen all the time, to the point that I try to
| avoid Cloudflare-served websites.
| mac-mc wrote:
| It's because you have previous cookies/state in your browser
| that you got from non-VPN addresses, which adds to your trust
| score. Do it with a clean browser with AdBlock and many, many
| things block you.
|
| If you don't clear your state or keep its original origin VPN
| only, you're breaking a big point of using VPNs.
| jorvi wrote:
| Brave uses Forgetful Browsing, nuking all stateful site data
| after a tab close. I have Firefox configured to do the same
| via the Cookie Autodelete extension.
| MallocVoidstar wrote:
| I use Firefox Focus on Android (wipes its cookies on close) +
| Mullvad and Cloudflare captchas don't even make me solve
| anything, just tap on them and they let me through.
| tekla wrote:
| I use Firefox Focus on mobile, use-once containers on Firefox
| Nightly w/ Mozilla VPN or Mullvad and have never entered the
| doom loops that are described.
| vvpan wrote:
| I am somehow out of the loop about why Cloudflare is as big as it
| is? There are many other CDNs, why them?
| wbl wrote:
| Cloudflare is very easy for small sites to use. The enterprise
| market is where the competition is.
| speedgoose wrote:
| Descent free tier, not restricted to enterprise customers, many
| features, good overall quality.
| SXX wrote:
| Free tier that let you hide your server IPs, cheap domain
| registry (with no margin) and even some also tunnels for zero
| trust. Like I used them for a lot of personal and tbh even
| commercial projects for years paying them $0. Also they have
| bandidth alliance with Backblaze so you can serve 100s of TBs
| for free.
|
| So there a lot of convinience and free stuff. It's quite
| obviously that when I had commercial customers where for
| whatever reason free tier wasn't anough I juse used them as
| well. Why not? There are horror stories about their corporate
| pricing, but for smaller company paying $20-200 for CDN is no
| brainer.
|
| Also huge massive advantage of CloudFlare is that majority of
| their services are not metered so it's hard to wake up to
| $100,000 bill like it can happen with AWS and almost any other
| CDN provider.
|
| I still believe this kind of centralized MiTM is bad for us
| all, but honestly I'd rather it be CloudFlare than Amazon,
| Microsoft or some other "evil corp".
| jonhohle wrote:
| I was always unsure about cloudflare as an end user - I don't
| want all my traffic going through one provider, but their
| business use case seemed reasonable.
|
| Then my in-laws got tricked into sending login credentials to a
| phishing page fronted by cloudflare. It was obviously spoofing
| IDP logins of Yahoo, Microsoft, etc. I sent a request assuming
| they would disable the domain and it was immediately closed (in
| minutes) as not an issue. It made no sense that they would want
| to front phishing sites. I eventually got them to look more
| closely and it was removed, but it soured my perception of them.
|
| I think large scale internet businesses may need to start having
| more liability in matters like this. Being blocked from an entire
| country seems extreme, but if there are financial incentives to
| solve the problem, the problem will get solved.
| SoftTalker wrote:
| Auto-closing an issue and waiting to see if there is followup
| is probably a decent filter for real complaints. Like you, a
| person with a legitimate concern will persist, at least for a
| while.
| Ekaros wrote:
| Maybe they should separate vetted services behind different IP
| ranges. Or even company. And put in place massive financial
| penalties for those services if for any reason because of them
| they have to block traffic.
| tbrownaw wrote:
| I seem to recall news a while back about how cloudflare was _very
| deliberately_ making it impossible to block only some things they
| provide, specifically for the purpose of causing any blocks to
| have enough blast radius to cause popular outrage. At the time it
| was presented in terms of fighting back against political
| censorship.
| mvdtnz wrote:
| This is the second time I have seen an article on this topic that
| talks about "LaLiga" without ever defining it. As if ordinary
| people outside of Europe are expected to know what LaLiga is.
| KaiserPro wrote:
| So on the one hand I am sympathetic. On the otherhand, I'm also
| pretty sure cloudflare won't take down pirated stuff, so what do
| they expect?
|
| I don't like the way that large football conglomerates abuse
| copyright, but then those same rules _should_ be open to me for
| anything I produce. The main difference is I don't have a team of
| lawyers.
| Fokamul wrote:
| This goes to Spain government (Nazi-like behavior has long
| tradition there) and Spain citizens letting laws, which allows
| this, to pass. Because same law was or will be used to block
| opposition, etc.
|
| Of course, that similar organizations (paid by huge copyright
| companies) tried the same in my country. And luckily our
| government listens to local experts (NIC.cz and others) and not
| to mention, pirating has big tradition here. So they failed to
| pass this ridiculous law. (blocking IP addresses)
| jedberg wrote:
| How come no one is mentioning the obvious solution -- LaLiga
| needs to make their product as easy to access as piracy. If they
| offered worldwide streaming of the matches available on an easy
| interface at a reasonable price, then none of this would be a
| problem.
|
| Piracy is almost never about the price -- it's almost always
| about the availability. Especially when it comes to live sports.
| pixelesque wrote:
| I suspect it's not quite that easy: it's likely similar to the
| situation with the Premier League in the UK (and other things
| like Formula 1 previously) where a particular broadcaster has
| been given exclusive distribution rights, and has paid a lot of
| money for those rights (which in theory go back into the game
| and pay for the huge salaries of players).
| tough wrote:
| They also did it to Vercel.
|
| Paella and sol heh, not CDN's
| SXX wrote:
| Many will disagree here, but I really respect Cloudflare fight
| against government-enabled censorship and abuse of power by anti-
| piracy whatever.
|
| Yes, sometimes CloudFlare used for some actually bad stuff, but
| same can be said for any cloud service. Having major internet
| infrastructure provider react to every whim of every single
| government in the world is not a good idea.
| phoronixrly wrote:
| They aren't really fighting against censorship and especially
| anti-piracy censorship. If they were, they'd refuse to take
| down sites. Instead they've a streamlined process for just that
| purpose, and are only fighting because _they_ have been
| censored, affecting their bottom line.
| SXX wrote:
| Might be something have changed recently, but CloudFlare is
| kind a infamous for not taking down some questionable
| services. At the same time companies like Apple and Microsoft
| still continue to censor stuff on requests from Russia where
| they supposedly not operate.
| carlosbaraza wrote:
| I live in Spain and my ISP is Digi, which uses the network from
| Telefonica. These blocks are incredibly frustrating, and a ton of
| people have noticed websites and services not working. However,
| because the block lasts some hours, people don't know what is
| happening: "is my mobile network bad?", "Is the website down?".
| They try a few hours later and it's back up, so they move on.
|
| My company's website is behind Cloudflare and I discovered this
| whole situation because someone couldn't access it. Also my home
| assistant is not accessible from the internet the days with a
| match. And we use it to open the garage and the house. We learned
| the lesson the hard way being locked outside until I managed to
| connect with a VPN. This is just nuts and incredibly frustrating.
| And for La Liga we are just a bunch of "frikis" (nerds)
| complaining about it... because we are the only ones that
| understand what the problem is.
|
| Unfortunately, someone would have to die and a lawsuit to follow,
| and maybe that could stop this crazy nonsense. E.g. A few days
| ago I read about someone with diabetes whose device was
| malfunctioning because of these blocks.
| sionisrecur wrote:
| And then the Spanish high sea robbers will just find other routes
| while the regular people will keep wondering why their bank
| doesn't work.
| vvillena wrote:
| This is literally the case. Pirated streams keep working, while
| a good chunk of the internet is rendered inoperative during
| weekends.
| renatovico wrote:
| I live in Spain and love LaLiga games, but I dislike the
| executives. There's no straightforward way to stream all matches.
| The Cloudflare/piracy issue is the lack of clear streaming
| options. Even with DAZN, Movistar Plus, and TVBar, none offer
| complete coverage.
___________________________________________________________________
(page generated 2025-05-26 23:01 UTC)