Possibly not uninteresting 4 some.

I found it on a german site ("Tarnkappe.info") :

"Cloudflare, the Godfather of the Internet may have had a visit from the Feds, at least that's what a missing warrant canary update suggests.

What does that mean for me?

For you, it potentially means a lot. Cloudflare acts as a reverse proxy and thus gets all the traffic you send through their server protection service. Unencrypted. "But I use a VPN!" That's nice, but it doesn't help you here. Cloudflare needs to forward your request and to do that they need to decrypt it.
While many rely on Cloudflare, it does have some risk if Cloudflare can be forced, by court order for example, to take down data for a domain.
Cloudflare's warrant canary is no longer fresh ...
... you could say it already smells a bit. On their page where they publish their semi-annual transparency report, you can see that this data covers January 1 to June 30 last year. The Canary in the "Some things we have never done" section can thus be considered "invalid". This Canary covered the following areas:

Cloudflare...
... has never shared encryption or authentication keys.
... has never installed law enforcement software or hardware on its network.
... has never provided law enforcement agencies with a feed of customer traffic.
... has never modified traffic at the request of third parties.
... has never modified the destination addresses of DNS requests at the request of third parties.
... has never had its encryption weakened, compromised, or rendered unusable due to a third-party request.

Why this is potentially disastrous news probably doesn't need to be explained to any user. It would also be understandable if the admins of popular warez sites such as House of Usenet, Sky of Usenet, and Baka Board are now getting their asses handed to them; after all, they are behind a Cloudflare reverse proxy.
So now, thanks to Cloudflare, the police know where I load Linux ISOs?

No. At least not necessarily The fundamental problem with a warrant canary is that it can be forgotten. But that is unrealistic with a huge company like Cloudflare.
It is also possible that American law enforcement agencies have gained access. That would be stupid, but it still doesn't mean that German authorities have the data. German authorities have much weaker leverage in the States.

So what now? ¯\_( ⁰͡ Ĺ̯ ⁰͡ )_/¯

As a user, there is nothing you can do about it, and changing the infrastructure of the boards is not something that can be done quickly on the side. There is probably nothing left for us to do but hope ... and that is a bad position to find yourself in."

Source: https://tarnkappe.info/artikel/inte...warrant-canary-nicht-aktualisiert-279099.html
Translation: deepL

 

Last edited: Aug 2, 2023

By the way: The way to AZ, Peeplink etc. also leads through Cloudflare (despite VPN)...