garrett
Threat/abuse tracking, History/Geopolitics thonking, Misinfo/Grift fan, PDX based
openpgp4fpr:EC93911D412ACAE8779B8222588C793376B5F13C
It’s a bit more about how miserable it is to work with Cloudflare and their unwillingness to remove abuse in general, opting to say they’re “not the host” and that they cannot tell you where it is but they cannot do anything. It’s hardly an ethical decision to say that phishing and bulletproof hosting aren’t the bedfellows you want.
People who don’t work in fraud or abuse don’t understand how miserable Cloudflare is to work with. They have a single email box I can send to for identifying if I host a website that takes them days to respond to, no automation by the year of our lord 2024.
There’s a balance to be struck here but Cloudflare is truly the most miserable entity I have to work with from an abuse perspective. They’re not necessarily “ignoring” warrants but most phishing doesn’t get reported with a legal takedown request. In those cases, Cloudflare will be almost intentionally obtuse. I’m happy to outline the misery of a host working with Cloudflare but it’s not necessarily important to this. TLDR; Cloudflare takes steps that don’t make sense for its “we’re not responsible” stance while also having zero automation in the year of our lord 2024.
I suppose everything could be a legal request but that just makes the whole process so infinitely worse for NGOs like Spamhaus and only serves to make lawyers excited that their consultation fees are going up. I see that the laziest pathway is “Youtube-like strikes” which is misery as well but they could just shift to investigating accounts receiving a high volume of reports as potential fraud or abuse actors since it is a drag on their services and these accounts are not paying or are paying with stolen credit cards.
Ultimately, I don’t disagree with you that much but there’s a lot of room for CF to improve their management of fraud & abuse without becoming a trash platform or invalidating legal protections. Happy to get into the weeds on this a bit more since it’s a lil’ bit close to home. 😅
I still want the “Turn off your computer before midnight” sticker someone made but, alas, CrowdStrike DMCA’d the Etsy account.
Will this stand up to the death of Chevron deference? Or are we 3 weeks away from a judge throwing the rule out unless congress passes a specific law.
I think this is squarely in the charter of the FTC but who knows with the courts any longer. We just saw them strike down a ruling by the EPA to enact health measures under the requirements of the Civil Rights Act.
I truly don’t understand how anyone does the free work for a corporation to moderate a subreddit. Steps like this seem to treat them like employees and they’ll largely just chug along with it for… what? Notoriety?
Honestly, the US is largely safer than it’s ever been. Not sure why this is a constant drumbeat but folks will buy it up, I suppose.