Initial commit

HISTORY.md

@@ -0,0 +1,180 @@
+
+*2020.02.25*
+
+Self publishing platform, [BookRix.com](https://www.bookrix.com/), denied Mr. Jeff Cliff's book titled "_The Great Cloudwall_" and stopped publishing it. The reason is "_Copyright infringement_". All of book's data, text and image can be found in this repository. You can download this book [here](pdf/2019-Jeff_Cliff_The_Great_Cloudwall.epub).
+
+
+*2019.08.05*
+
+@jeffcliff@niu.moe:
+```
+#greatcloudwall gets further politicized:
+Terminates Service for 8Chan - the #greatcloudwall gets one step closer to dictating what you can/cannot say on the internet 
+``` 
+
+https://niu.moe/@jeffcliff/102566376973167221
+
+*2019.04.04*
+
+@holydevil@birdsite:
+```
+The log file from your iOS app shows that you do track personal information, like device name, UUID, and an identifier - install_id That contradicts what you have in your blogpost - “We don't write user-identifiable log data to disk”
+```
+
+https://twitter.com/holydevil/status/1112769739045158912
+
+*2019.03.13*
+
+@thexpaw@birdsite:
+```
+So why did I get that email anyway if I'm opted out of all email communication in the account settings?
+Which part of the privacy policy allows you to share data with marketing crap like trustpilot?
+```
+
+https://twitter.com/thexpaw/status/1108424723233419264
+
+*2019.03.12*
+
+```Cool new tool : Cloud Firewall```
+
+https://framapiaf.org/@gkrishnaks/101727497214557035
+
+*2019.03.03*
+
+```
+"I can't visit Army.mill and Archive Today with Cloudflare DNS."
+```
+
+https://twitter.com/wongmjane/status/1102446734993551360
+
+Let's test: https://danwin1210.me/url.php?id=39706
+
+```
+archive.today
+CloudFlare: (None)
+Google: A 46.17.42.43 (Russia, AS51659 LLC Baxet)
+```
+
+```
+archive.is
+CloudFlare: A 104.16.181.15 (NSA, AS13335 Cloudflare, Inc.)
+Google: A 46.17.42.43 (Russia, AS51659)
+```
+
+Why these results are completely different!?
+Try OpenNIC: https://www.opennic.org/
+
+
+*2019.03.02*
+
+"client was trying to make session requests to their API servers
+but before I can prevent it, cloudflare had me blocked.
+It's pretty bad as half the internet is behind Cloudflare."
+
+https://twitter.com/Skyfusion89/status/1101596592426151937
+
+*2019.02.27*
+
+* Cloudflare XSS bypass
+https://twitter.com/ameenmaali/status/1100536056372490241
+
+*2019.02.26*
+
+Take a look at Cloudflare's transparency report, "Some things we have never done" section.
+
+```
+Cloudflare has never terminated a customer or taken down content due to political pressure.*
+```
+
+If you're using SumatraPDF, you won't notice * is a link to https://www.cloudflare.com/cloudflare-criticism/ .
+Apparently they've terminated a political account.
+Do you think it's okay to make a false statement and hide a link to tiny asterisk?
+
+https://twitter.com/mattskala/status/1100479615389159424
+https://mstdn.io/@mattskala/101660051818948847
+
+*2019.02.24*
+
+```
+"Sites that respect their visitors do not resort to Cloudflare."
+"In some cases, for particular countries, having all traffic visible
+to the U.S.A can be a matter of life and death."
+```
+http://techrights.org/2019/02/17/the-cloudflare-trap/
+
+*2019.02.21*
+
+* CF defaults to HTTP connections for its customers
+https://g0v.social/@sheogorath/101404226960335320
+
+*2019.02.08*
+
+* well written post, along with some causes for action in privacytools.io
+https://github.com/privacytoolsIO/privacytools.io/issues/374#issuecomment-460077544
+
+* another privacytools.io thread
+https://github.com/privacytoolsIO/privacytools.io/issues/711
+
+* Cryptome on CF's ability to deanonymize (2016)
+https://cryptome.org/2016/07/cloudflare-de-anons-tor.htm
+
+* bug report issued in wire webapp
+https://github.com/wireapp/wire-webapp/issues/5716
+
+*2019.02.01*
+
+* The global internet is rotting from within, and 
+
+"In a not-so-distant future, if we're not there already, it may be that if you're
+going to put content on the Internet you'll need to use a company with a giant
+network like Cloudflare, Google, Microsoft, Facebook, Amazon, or Alibaba."
+
+Net neutrality is but a skirmish in this larger struggle for control to monopolize all global digital communications.
+https://www.itu.int/en/ITU-T/Workshops-and-Seminars/20181218/Documents/Geoff_Huston_Presentation.pdf
+
+*2018.12.10*
+
+* "like this page on NSA/Facebook & allow Facebook to track you to prove you're a human being"
+https://niu.moe/@jeffcliff/101220470739320859
+
+
+*2018.11.12*
+
+* Cloudflare's permissions for DNS are...sketchy
+https://weeaboo.space/objects/323a4b45-6e40-44f0-9108-77245638df7e
+
+* AV Updates blocked by cloudflare - "how to proceed?"
+http://forums.clamwin.com/viewtopic.php?t=4915
+http://lists.clamav.net/pipermail/clamav-users/2018-November/thread.html
+
+---
+
+### Previous 
+
+
+This project was started by Shiro (@shiromarieke@birdsite) and CryptoParty Berlin (@cryptopartybln@birdsite).
+Shiro handed over support to the greater internet in summer 2016.
+
+
+It was a text list on okfn.org text pad: (https://pad.okfn.org/p/cloudflare-tor and https://pad.okfn.org/p/noncloudflare-torblocks)
+
+
+However it was pointed out that this website itself was on cloudflare, and cloudflare actively blocked Tor users to access it.
+
+
+So it was moved to systemli.org : ( https://pad.systemli.org/p/noncloudflare-torblocks )
+and an onion service ( http://j7652k4sod2azfu6.onion/p/noncloudflare-torblocks , http://j7652k4sod2azfu6.onion/p/cloudflare-tor , http://j7652k4sod2azfu6.onion/p/cloudflare-philosophy )
+
+
+These systemli pads needed to be updated once in every while (week? month?) or the whole list was scrubbed.  
+This happened a few times, and there were some attempts at vandalism up to and including june 2016
+ 
+ 
+A fork was made during a multi-day outage at http://git.vola7ileiax4ueow.onion/fuckcloudflare/cloudflare-tor/ (new, not GitHub repo)
+
+
+However vola7ileiax4ueow's git service went down, so it was moved to github
+
+
+There used to also be a list of websites that *were* on cloudflare but are no longer.
+This list has been lost ( it was on https://pad.systemli.org/p/ex-cloudflare-tor )

LICENSE.md

@@ -0,0 +1,12 @@
+### License
+
+* /globalist/* (Globalist) -- [GNU GPLv3](globalist/LICENSE)
+* /pdf/* -- Unknown (you can find a copy everywhere. Thanks to authors)
+* Else -- [PUBLIC DOMAIN (CC0)](https://web.archive.org/web/https://creativecommons.org/share-your-work/public-domain/cc0/)
+
+
+This repository, _stop\_cloudflare (aka cloudflare-tor)_, is in the PUBLIC DOMAIN (CC0).
+
+It was created anonymously, in public, for the use of the world to resist [Cloudflare](https://www.cloudflare.com/).  
+  
+Contributors who have anonymously contributed (including in [CryptoParty](https://cryptoparty.at/cryptoparty_wien_53)) have since come forward to give this project their blessing.  

README.md

@@ -0,0 +1,266 @@
+## I am not the author of this documentation. This is just a reupload after it got taken down from Codeberg.
+
+# The Great Cloudwall
+
+![](image/itsreallythatbad.jpg)
+![](image/telegram/c81238387627b4bfd3dcd60f56d41626.jpg)
+
+---
+
+
+## No Cloudflare
+
+
+"The Great Cloudwall" is [Cloudflare Inc.](https://www.cloudflare.com/), the [U.S. company](https://en.wikipedia.org/wiki/Cloudflare).
+It is the [world's](https://almanac.httparchive.org/en/2019/cdn) [largest](https://w3techs.com/technologies/history_overview/proxy) MITM proxy([reverse proxy](https://en.wikipedia.org/wiki/Reverse_proxy)).
+It sits between you and origin webserver, acting like a [border patrol agent](https://www.cbp.gov/careers/bpa).
+The origin webserver administrator allowed the agent to decide [who can access](https://gitlab.com/iblech/tor-appeal/issues/1) to their "_web property_" and define "_restricted area_".
+
+---
+
+![](image/cfmarketshare.jpg)
+![](image/cloudflaredearuser.jpg)
+![](image/usershoulddecide.jpg)
+
+---
+
+Take a look at the first image posted below. You will think Cloudflare block _only_ attackers. You will think _Cloudflare is always online(never go [down](https://twitter.com/bengoldacre/status/1146058200887648258))_. However [it is not true](PEOPLE.md).
+
+---
+
+![](image/howcfwork.jpg)
+![](image/cfdowncfcom.jpg)
+![](image/cfdown2019.jpg)
+![](image/cloudflareinternalerror.jpg)
+
+---
+
+It is called this in reference to the [Great Firewall of China](https://www.comparitech.com/privacy-security-tools/blockedinchina/) which does a comparable job of [filtering out many humans](PEOPLE.md) from seeing web content (ie everyone in mainland China and people outside) while at the same time those not affected to see a dratically different web, a web free of censorship such as an image of ["tank man"](https://en.wikipedia.org/wiki/Tank_Man) and the history of ["Tiananmen Square protests"](https://en.wikipedia.org/wiki/1989_Tiananmen_Square_protests#Censorship_in_China). 
+
+Cloudflare also [automatically](https://twitter.com/itsybitsydots/status/1212691131508477952) [block](PEOPLE.md) legit robots/crawlers such as Google, Yandex, Yacy, and API clients.
+
+---
+
+![](image/cloudflarechina.jpg)
+![](image/onemorestep.jpg)
+![](image/accdenied.jpg)
+![](image/cfublock.jpg)
+![](image/omsjsck.jpg)
+![](image/cftestgoogle.jpg)
+
+---
+
+Cloudflare similarly prevents many people who have poor internet connectivity from accessing the websites behind it (for example, they could be behind 7+ layers of NAT or sharing same IP) unless they solve multiple image CAPTCHAs. In some cases, [this will take 10 to 30 minutes to satisfy Google](https://trac.torproject.org/projects/tor/ticket/23840). Many humans are being blocked by Cloudflare [every day](PEOPLE.md). There is no way to solve the captcha without enabling Javascript and Cookies. Cloudflare is [using them](PEOPLE.md) to make a browser signature.
+
+---
+
+![](image/googlerecaptcha.jpg)
+![](image/omsnote.jpg)
+![](image/omsdroid.jpg)
+![](image/omsstream.jpg)
+![](image/omsappl.jpg)
+![](image/cferr1010bsig.jpg)
+
+---
+
+[Tor users](https://www.torproject.org/) and [VPN users](https://airvpn.org/topic/23090-cloudflare-often-bans-my-ip-address/) are also a [victim](https://blog.torproject.org/trouble-cloudflare) of Cloudflare. If you didn't try Tor until this moment, we encourage you to [download Tor Browser](https://www.torproject.org/) and visit your favorite websites. (advice: _Do not login to your bank website or government webpage or they will flag your account. [Use VPN](https://www.vpngate.net/en/) for those websites._)
+
+You might want to say "_Tor is illegal! Tor is criminal's browser! Tor is bad!_". No.
+Tor _was_ developed by US Army, but current Tor is developed by the [Tor project](https://www.torproject.org/). There are many people and organizations who use Tor including your future friends. So, if you are using Cloudflare on your website you are blocking real humans. You will lose potential friendship and business deal.
+
+---
+
+![](image/banvpn2.jpg)
+![](image/banvpn.jpg)
+![](image/whousetor.jpg)
+![](image/iusetor_alith.jpg)
+
+---
+
+And their DNS service, [1.1.1.1](https://1.1.1.1/), is also filtering out users from visiting the website by returning [fake](https://trac.torproject.org/projects/tor/ticket/32915) IP address owned by Cloudflare, localhost IP such as "127.0.0.x", or just return nothing. Cloudflare DNS also [break](https://twitter.com/bowranger/status/1213031783576428550) [online](https://twitter.com/jb510/status/1212521533907668992) [software](https://twitter.com/No_Style/status/1201525422795710466) [from](https://twitter.com/daemuth/status/1187758306535903233) [smartphone](https://twitter.com/gregortorrence/status/1183102089439805441) [app to computer game because of their fake DNS answer](PEOPLE.md).
+
+---
+
+![](image/cferr1016.jpg)
+![](image/cferr1016sp.jpg)
+![](image/dnsfailtest.jpg)
+![](image/cfdnsprob.jpg)
+
+---
+
+And here you might think, "_I am not using Tor or VPN, why should I care?_".
+If you visit website which use Cloudflare, you are sharing your information not only to website owner _but also Cloudflare_.
+It is impossible to [analyze](https://blog.cloudflare.com/the-csam-scanning-tool/) without [decrypting TLS traffic](https://github.com/nym-zone/block_cloudflare_mitm_fx/issues/15#issuecomment-354773389). Cloudflare knows all your data such as raw password.
+[Cloudbeed](https://en.wikipedia.org/wiki/Cloudbleed) can happen anytime.
+
+---
+
+![](image/cfbloghtmledit.jpg)
+![](image/cfhelp204144518.jpg)
+![](image/cfhelpforum.jpg)
+![](image/prism_gfe.jpg)
+![](image/sniff2.gif)
+
+---
+
+Do you really want to share your data with Cloudflare, and also 3-letter agency?
+Internet user's online profile is a "product" that the government and big tech companies wants to buy.
+
+US [Department of Homeland Security](https://www.dhs.gov/) said:
+```
+Do you have any idea how valuable the data you have is?
+Is there any way you would sell us that data?
+```
+
+---
+
+![](image/dhssaid.jpg)
+![](image/federalinterest.jpg)
+![](image/cfstrengthdata.jpg)
+
+---
+
+Cloudflare also offer _FREE_ VPN service called "[Cloudflare Warp](https://blog.cloudflare.com/1111-warp-better-vpn/)". If you use it, all your smartphone ([or your computer](https://techniapps.com/2019/09/26/download-cloudflare-warp-vpn-for-pc-windows-10-mac/)) connections are sent to Cloudflare servers. Cloudflare can know which website you've read, what comment you've posted, who you've talked to, etc. You are voluntary giving [all your information](https://github.com/privacytoolsIO/privacytools.io/issues/374#issuecomment-478686469) to Cloudflare. If you think "_Are you joking? Cloudflare is secure._" then you need to learn how [VPN works](https://en.wikipedia.org/wiki/VPN).
+
+Cloudflare said their VPN service make your internet [fast](https://www.wired.com/story/cloudflare-says-new-vpn-service-wont-slow-you-down/). But VPN make your internet connection _slower_ than [your](https://twitter.com/ExYakuza/status/1182317536089526273) [existing](https://twitter.com/waddling/status/1177615384616325120) [connection](https://techcrunch.com/2019/04/01/cloudflares-warp-is-a-vpn-that-might-actually-make-your-mobile-connection-better/).
+
+---
+
+![](image/howvpnwork.jpg)
+![](image/notfastervpn.jpg)
+
+---
+
+You might already know about the [PRISM](https://en.wikipedia.org/wiki/PRISM_(surveillance_program)) scandal. It is true that AT&T lets NSA to [copy all internet data](https://www.cnet.com/news/at-t-lets-nsa-hide-and-surveil-in-plain-sight-the-intercept-reports/) for surveillance. Let's say you're working at the NSA, and you want _every citizen's internet profile_. You know most of them are blindly trusting Cloudflare and using it - only one centralized gateway - to proxy their company server connection([SSH](https://blog.cloudflare.com/public-keys-are-not-enough-for-ssh-security/)/[RDP](https://blog.cloudflare.com/cloudflare-access-now-supports-rdp/)), personal website, chat website, forum website, bank website, insurance website, search engine, secret member-only website, auction website, shopping, video website, NSFW website, and illegal website. You also know they use Cloudflare's DNS service ("_1.1.1.1_") and VPN service ("_Cloudflare Warp_") for "_Secure! Faster! Better!_" internet experience. Combining them with user's IP address, browser fingerprint, cookies and RAY-ID will be useful to build target's online profile. You want their data. [What will you do](https://www.reddit.com/r/privacy/comments/1gb0pa/how_prism_actually_works_1520_att_fiber_optic/)?
+
+---
+
+![](image/prismattnsa.jpg)
+![](image/nsaslide_prismcorp.gif)
+
+---
+
+### Cloudflare is a honeypot.
+
+![](image/honeypot.gif)
+
+### Free honey for everyone. _Some_ strings attached.
+
+![](image/iminurtls.jpg)
+
+### Do not use Cloudflare.
+
+![](image/shadycloudflare.jpg)
+
+### Decentralize the internet.
+
+!["Cloudflare is not an option."](image/cfisnotanoption.jpg)
+
+---
+
+
+## continue to next page:  [Cloudflare Ethics](README_ethics.md)
+
+
+
+---
+
+<details>
+<summary>_click me_
+
+## Data & More Information
+</summary>
+
+
+This repository is **a list** of websites that are **behind "_The Great Cloudwall_"**, **blocking Tor users** and **other CDNs**.
+
+
+**Data**
+* [Cloudflare Inc.](cloudflare_inc/)
+* [Cloudflare Users](cloudflare_users/)
+* [Cloudflare Domains](cloudflare_users/domains/)
+* [Non-Cloudflare CDN users](not_cloudflare/)
+* [Anti-Tor users](anti-tor_users/)
+
+![](image/goodorbad.jpg)
+
+
+**More Information**
+* [Short version of README](README_short.md)  `DRAFT`
+* [Myth Catalog](myth_catalog.md)  `DRAFT`
+* [The Great Cloudwall](article.txt) by Mr. Jeff Cliff; PDF version [here](pdf/2019-The_Great_Cloudwall.pdf), [ePUB here](pdf/2019-Jeff_Cliff_The_Great_Cloudwall.epub) `DRAFT`
+* [Padlock icon indicates a secure SSL connection established w MITM-ed](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831835) by Anonymous
+* [Block Global Active Adversary Cloudflare](https://trac.torproject.org/projects/tor/ticket/24351) by nym-zone
+* [Problem with Cloudflare](https://github.com/privacytoolsIO/privacytools.io/issues/374#issuecomment-460077544) by libBletchley
+* [Criticism and controversies](https://en.wikipedia.org/wiki/Cloudflare#Criticism_and_controversies) by Wikipedia
+* [Cloudflare Watch](http://www.crimeflare.org:82/) (cons: _down quite a lot, old data, search restricted to EU only_)
+* [Another landmark day in the war to control, centralize and censor the internet.](https://www.reddit.com/r/privacy/comments/b8dptl/another_landmark_day_in_the_war_to_control/) by TheGoldenGoose8888
+* [Disadvantage of relying on only one service](https://twitter.com/w3Nicolas/status/1134529316904153089) ([DO is CF](https://www.digwebinterface.com/?hostnames=ns1.digitalocean.com%0D%0Ans2.digitalocean.com%0D%0Ans3.digitalocean.com%0D%0Awww.digitalocean.com&type=A&ns=resolver&useresolver=8.8.4.4&nameservers=))
+* [HashTag #FuckCloudflare on Mastodon Network](https://mastodon.social/tags/fuckcloudflare)
+
+![](image/watcloudflare.jpg)
+
+</details>
+
+---
+
+<details>
+<summary>_click me_
+
+## What can you do?
+</summary>
+
+* Read [our list of recommended actions](what-to-do.md) and share it with your friends.
+
+* Read [other user's voice](PEOPLE.md) and write your thoughts.
+
+* Search something on [Ansero](http://ansero.xgwglrypkjbgecns2zru5ekyu7tnqgg7l5blojlq7roohxbwkr5k77id.onion/)<sub><sup> [ᶜˡᵉᵃʳⁿᵉᵗ](https://ansero.eu.org/)</sup></sub> or [Searxes](http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/)<sub><sup> [ᶜˡᵉᵃʳⁿᵉᵗ](https://searxes.eu.org/)</sup></sub>.
+
+* Update the domain list: [List instructions](instructions.md).
+
+* Add Cloudflare or project related event to [history](HISTORY.md).
+
+* Try & write new [Tool / Script](tool/).
+
+* Here's some [PDF](pdf/) to read.
+
+---
+
+### "Stop Cloudflare" Official Accounts
+
+**NEVER** trust other accounts.
+
+* [Mastodon (crimeflare)](https://activism.openworlds.info/@crimeflare)
+
+* [Twitter (stop_cloudflare)](https://twitter.com/stop_cloudflare) ([We don't like Twitter](https://robinwils.gitlab.io/articles/why-i-made-a-twitter/#why-twitter))
+
+
+> We don't read _direct message_. If you want to say something [join here](https://codeberg.org/crimeflare/cloudflare-tor/issues).
+
+---
+
+![WTF](image/wtfcf.jpg)
+
+![](image/omsirl.jpg)
+![](image/whydoihavetosolveacaptcha.jpg)
+![](image/fixthedamn.jpg)
+![](image/imnotarobot.jpg)
+
+</details>
+
+---
+
+
+![](image/twe_lb.jpg)
+
+![](image/twe_dz.jpg)
+
+![](image/twe_jb.jpg)
+
+![](image/twe_ial.jpg)
+
+![](image/twe_eptg.jpg)
+
+![What did YOU do to stop CF?](image/stopcf.jpg)
+
+![](image/peopledonotthink.jpg)

README_ethics.md

@@ -0,0 +1,267 @@
+# Ethical Issues
+
+![](image/itsreallythatbad.jpg)
+![](image/telegram/c81238387627b4bfd3dcd60f56d41626.jpg)
+
+"_Don't support this company which is void of ethics_" -- [phyzonloop](https://twitter.com/phyzonloop)
+
+"_Your company isn't trustworthy. You claim to enforce DMCA but have many lawsuits for not doing so._" -- [phyzonloop](https://twitter.com/phyzonloop)
+
+
+---
+
+
+<details>
+<summary>_click me_
+
+## CloudFlare spams people
+</summary>
+
+
+Cloudflare is sending spam emails to non-Cloudflare users.
+
+- Only send emails to subscribers who’ve opted in
+- When the user say "stop", then stop sending email
+
+It's that simple. But Cloudflare doesn't care.
+Cloudflare said using their service [can stop all spammers or attackers](https://support.cloudflare.com/hc/en-us/articles/200170066-Will-activating-Cloudflare-stop-all-spammers-or-attackers-).
+How can we stop _Cloudflare spammers_ without activating Cloudflare?
+
+
+![](image/cfspam01.jpg)
+![](image/cfspam03.jpg)
+![](image/cfspam02.jpg)
+![](image/cfspambrittany.jpg)
+![](image/cfspamtwtr.jpg)
+
+</details>
+
+---
+
+<details>
+<summary>_click me_
+
+## Remove user's review
+</summary>
+
+
+Cloudflare censor [negative reviews](https://web.archive.org/web/20191116004046/https://www.trustpilot.com/reviews/5aa6ee0ed5a5700a7c8cf853). If you post _anti-Cloudflare_ text on Twitter, you have a chance to get a [reply](https://twitter.com/CloudflareHelp/status/1126051764917145601) from [Cloudflare employee](cloudflare_inc/cloudflare_members.txt) with "_[No, it's not](PEOPLE.md)_" message. If you post a negative review on any review site, they will try to [censor](https://twitter.com/phyzonloop/status/1178836176985366529) [it](https://twitter.com/dxgl_org/status/1178722159432220672).
+
+
+![](image/cfcenrev_01.jpg)
+![](image/cfcenrev_02.jpg)
+![](image/cfcenrev_03.jpg)
+
+</details>
+
+---
+
+<details>
+<summary>_click me_
+
+## Doxxing users
+</summary>
+
+
+Cloudflare has a massive [harassment problem](https://web.archive.org/web/20171024040313/http://www.businessinsider.com/cloudflare-ceo-suggests-people-who-report-online-abuse-use-fake-names-2017-5).
+Cloudflare [shares personal information](https://archive.ph/ePdvi) of those [who](https://twitter.com/ZJemptv/status/898299709634248704) [complain](https://twitter.com/TinyPirate/status/554718958176067584) [about](https://twitter.com/remembrancermx/status/1010329041235148802) [hosted](https://twitter.com/Bridaguy/status/915003769280172037) [sites](https://twitter.com/HelloAndrew/status/897260208845500416). They sometimes ask you to provide
+your true ID. If you don't want to get harassed, [assaulted](https://twitter.com/NiteShade925/status/1158469203420205056), [swatted](https://boingboing.net/2015/01/19/invasion-boards-set-out-to-rui.html) or [killed](https://twitter.com/RusEmbUSA/status/1187363092793040901), you better stay away from Cloudflared websites.
+
+
+![](image/cfdox_what.jpg)
+![](image/cfdox_swat.jpg)
+![](image/cfdox_kill.jpg)
+![](image/cfdox_threat.jpg)
+![](image/cfdox_dox.jpg)
+![](image/cfdox_ex1.jpg)
+![](image/cfdox_ex2.jpg)
+
+</details>
+
+---
+
+<details>
+<summary>_click me_
+
+## Corporate solicitation of charitable contributions
+</summary>
+
+
+CloudFlare is [asking](https://web.archive.org/web/20191112033605/https://opencollective.com/cloudflarecollective#section-about) for charitable contributions. It’s quite appalling that an American corporation would ask for charity alongside non-profit organizations that have good causes. If you like [blocking people or wasting other people's time](PEOPLE.md), you might want to order some pizzas🍕 for Cloudflare employees.
+
+
+![](image/cfdonate.jpg)
+
+</details>
+
+---
+
+<details>
+<summary>_click me_
+
+## Terminating sites
+</summary>
+
+
+What will you do if your site goes down _suddenly_? There are reports that Cloudflare is [deleting](https://twitter.com/stefan_eady/status/1126033791267426304) [user's](https://twitter.com/derivativeburke/status/903755267053117440) [configuration](https://twitter.com/lordscarlet/status/1046785164792205314) or [stopping service without any warning](https://twitter.com/svolentin/status/1227324408475344896), [silently](https://twitter.com/BlnaryMlke/status/1194339461984854018). We suggest you find [better provider](what-to-do.md).
+
+![](image/cftmnt.jpg)
+
+</details>
+
+---
+
+<details>
+<summary>_click me_
+
+## Browser vendor discrimination
+</summary>
+
+
+CloudFlare gives preferential treatment to those using Firefox while giving hostile treatment to users of non-Tor-Browser over Tor.
+Tor users of who rightfully refuse to execute non-free javascript also receive hostile treatment.
+This access inequality is a network neutrality abuse and an abuse of power.
+
+![](image/browdifftbcx.gif)
+
+- Left: `Tor Browser` , Right: `Chrome`. Same IP address.
+
+![](image/browserdiff.jpg)
+
+- Left: `[Tor Browser] Javascript Disabled, Cookie Enabled`
+- Right: `[Chrome] Javascript Enabled, Cookie Disabled`
+
+![](image/cfsiryoublocked.jpg)
+
+- QuteBrowser(minor browser) without Tor (Clearnet IP)
+
+| ***Browser*** | ***Access treatment*** |
+| --- | --- |
+| Tor Browser (Javascript enabled) | access permitted |
+| Firefox (Javascript enabled) | access degraded |
+| Chromium (Javascript enabled) | access degraded (pushes Google reCAPTCHA) |
+| Chromium or Firefox (Javascript disabled) | access denied (pushes *broken* Google reCAPTCHA) |
+| Chromium or Firefox (Cookie disabled) | access denied |
+| QuteBrowser | access denied |
+| lynx | access denied |
+| w3m | access denied |
+| wget | access denied |
+
+
+"_Why not use Audio button to solve easy challenge?_"
+
+Yes, there is an audio button, but it _always_ [doesn't work over Tor](https://trac.torproject.org/projects/tor/ticket/23840). You will get this message when you click it:
+
+```
+Try again later
+Your computer or network may be sending automated queries.
+To protect our users, we can't process your request right now.
+For more details visit our help page
+```
+
+</details>
+
+---
+
+<details>
+<summary>_click me_
+
+## Voter suppression
+</summary>
+
+
+Voters in US states register to vote ultimately through the state secretary's website in the state of their residence.
+Republican-controlled state secretary offices engage in voter suppression by proxying the state secretary's website through Cloudflare.
+Cloudflare's hostile treatment of Tor users, its MITM position as a centralized global point of surveillance, and its detrimental role overall 
+makes prospective voters reluctant to register.  Liberals in particular tend to embrace privacy.  Voter registration forms collect sensitive information about a voter's political leaning, personal physical address, social security number, and date of birth.
+Most states only make a subset of that information publicly available, but Cloudflare sees ***all*** that information when someone registers to vote.
+
+Note that paper registration does not circumvent Cloudflare because the secretary of state data entry staff workers will likely use the
+Cloudflare website to enter the data.
+
+![](image/cfvotm_01.jpg)
+![](image/cfvotm_02.jpg)
+
+Change.org is a famous website for gathering votes and take action. "[people everywhere are starting campaigns, mobilizing supporters, and working with decision makers to drive solutions.](https://web.archive.org/web/20200206120027/https://www.change.org/about)"
+Unfortunately, many people cannot view change.org at all due to Cloudflare's aggressive filter. They cannot vote even if they want to.
+
+![](image/changeorgasn.jpg)
+![](image/changeorgtor.jpg)
+
+</details>
+
+---
+
+<details>
+<summary>_click me_
+
+## Ignoring user's preference
+</summary>
+
+
+If you opt-out something, you expect that you receive no email about it. Cloudflare ignore user's preference and share data with third-party corporations [without customer's consent](https://twitter.com/thexpaw/status/1108424723233419264).
+
+![](image/cfviopl_tp.jpg)
+
+</details>
+
+---
+
+<details>
+<summary>_click me_
+
+## Lying about deleting user's data
+</summary>
+
+
+According to this [ex-cloudflare customer's blog](https://shkspr.mobi/blog/2019/11/can-you-trust-cloudflare-with-your-personal-data/), Cloudflare is lying about deleting accounts. Nowadays, many [companies keep your data](https://justdeleteme.xyz/) after you've closed or removed your account. Most of good companies do mention about it in their privacy policy. Cloudflare? No.
+
+```
+2019-08-05 CloudFlare sent me confirmation that they'd removed my account.
+2019-10-02 I received an email from CloudFlare "because I am a customer"
+```
+
+Cloudflare didn't know about the word "remove". If it is really _removed_, why this ex-customer got an email? He also mentioned that Cloudflare's privacy policy doesn't mention about it.
+
+```
+Their new privacy policy doesn't make any mention of retaining data for a year.
+```
+
+![](image/cfviopl_notdel.jpg)
+
+How can you trust Cloudflare if [their privacy policy is a LIE](https://twitter.com/daviddlow/status/1197787135526555648)?
+
+</details>
+
+---
+
+<details>
+<summary>_click me_
+
+## Keep your personal information
+</summary>
+
+
+Deleting Cloudflare account is [hard level](https://justdeleteme.xyz/).
+
+```
+Submit a support ticket using the "Account" category,
+and request account deletion in the message body.
+You must have no domains or credit cards attached to your account prior to requesting deletion.
+```
+
+You will [receive this confirmation email](https://twitter.com/originalesushi/status/1199041528414527495).
+
+![](image/cf_deleteandkeep.jpg)
+
+"We have begun to process your deletion request" but "We will continue to store your personal information".
+
+Can you "trust" this?
+
+</details>
+
+---
+
+# continue to next page:   [Cloudflare Voices](PEOPLE.md)
+
+!["Cloudflare is not an option."](image/cfisnotanoption.jpg)

README_short.md

@@ -0,0 +1,106 @@
+# CrimeFlarE
+***Why you should say "NO" to Cloudflare***
+
+# `This is a draft`
+
+![CrimeFlarE logo](image/crimeflare-logo.png)
+
+Are you already aware of the problems?
+You might want to check:
+- [Alternatives](#alternatives)
+- [Solutions](#solutions)
+
+## Who are we?
+`CrimeFlarE` is a group of volunteer Tor, privacy and net neutrality
+enthusiasts working to counter CloudFlare’s oppressive attack on the Tor 
+community and reduce the harms CloudFlare brings to all users (Tor users and 
+clearnet users).
+
+## Who is Cloudflare?
+Cloudflare is the world's largest man-in-the-middle proxy. This means that it 
+sits between you and the server which sent you the pages and images.
+
+Cloudflare is a content delivery network, which means that it has different 
+servers in different locations, so that websites are supposed to be better 
+reachable. This has a bad side.
+
+*ADD IMAGE*
+
+## Why you shouldn't use it
+### Privacy problems
+#### Single point of failure
+Cloudflare goes down from time to time. All the content which uses Cloudflare 
+goes down as well when that happens.
+
+Read more about the 
+[single point of failure](subfiles/single-point-of-failure-problem.md).
+*ADD IMAGE*
+
+#### It removes anonymity
+Cloudflare usually blocks Tor or makes it hard for Tor users to access the 
+website or content. Tor is not only for criminals. It is important for many 
+people and everyone has the right on privacy.
+
+Tor is important, read more about 
+[why Tor matters](subfiles/why-tor-matters.md).
+
+Cloudflare often uses Google reCATPCHAs to check if you are human. These
+CAPTCHAs which check if you are human, track you and many claim that they
+even try to find out which human you are.
+
+Read more about the
+[reCAPTCHA problem](subfiles/recaptcha-problem.md).
+
+#### Project Honey Pot
+Project Honey Pot is a project which collects a lot of personal data
+and much of that data is from innocent people who deserve privacy.
+Cloudflare was created by people who worked on that project.
+
+![Honeypot](image/honeypot.gif)
+
+### Not convenient
+Cloudflare is not convenient for many visitors of your site. You will
+lose visitors when you choose Cloudflare. Many people who helped writing
+this file even block Cloudflare.
+
+Did you know that you can lose visitors because your site doesn't load
+in a few seconds?
+
+Cloudflare often makes visitors wait for a few seconds. Many visitors will
+leave your site when they see this.
+
+### Other problems
+There are other problems as well, but we want to keep this file simple.
+Those problems are listed in
+[another file](subfiles/more-cloudflare-problems.md).
+
+## Alternatives
+Do own a website?  
+We created a
+[file with Cloudflare alternatives](subfiles/cloudflare-alternatives.md)
+to make your life easier if you agree with us.
+## Solutions
+### Blocking Cloudflare request or IPs
+- [Add-ons](what-to-do.md#website-consumer)
+- [Cloudflare IPs to block](cloudflare_inc/)
+- [Change default DNS provider of firefox](subfiles/change-firefox-dns.md)
+
+### Share information about the problem
+Many supporters of CrimeFlarE have written some
+[articles](subfiles/articles.md) about the problem.
+You can check them out and share them.
+
+You can ask website owners to stop using Cloudflare, please do so in
+a polite way. It might be good to mention some [alternatives](#alternatives).
+
+There are more files on this repository to educate yourself.
+We haven't included them all in the README to keep it fairly readable.
+
+## Not convinced yet?
+Many supporters of CrimeFlarE have written some
+[articles](subfiles/articles.md) about the problem.
+You can check them out and share them.
+
+Still not convinced?  
+That's fine. Just know that many people won't be able to use your content or
+website. It works against you.

anti-tor_users/README.md

@@ -0,0 +1,7 @@
+# Which websites are hostile to **Tor users**?
+
+Don't block us!
+
+![](../image/sorry.jpg)
+
+See [instructions.md](../instructions.md) for file purpose and format specifications.

anti-tor_users/fqdn/README.md

@@ -0,0 +1,12 @@
+# Anti-Tor users FQDN list
+
+- Not all Tor users are bad. Do not punish everyone.
+- Blocking Tor is not a solution. There are VPNs, webproxies, and botnets.
+- Also read: [Tor Project - Don't Block Me](https://trac.torproject.org/projects/tor/wiki/org/projects/DontBlockMe)
+
+
+![](../../image/anonexist.jpg)
+
+
+
+See [instructions.md](../../instructions.md) for file purpose and format specifications.

article.txt

@@ -0,0 +1,326 @@
+Audience: General, people who stumble upon gnu.org
+          1924+/-395 words english
+          1028+/-395 words instead?
+          755 words        rahisibhasha
+          stab at          french
+Version: 2019-05-29
+
+
+#########################################
+
+大云墙 (Dà Yún qiáng)
+大きな雲壁 (Ookina Kumo kabe)
+The Great Cloudwall
+
+by Jeff Cliff
+
+essistensa una reason you go to
+
+#########################################
+
+
+
+There is a reason that none of your favourite work has appeared on Tor since early 2016[15].
+That reason has lead to the discovery of a threat to the operation of the World Wide Web.
+
+Prerequisites:
+- The JavaScript Trap[47]
+- Understanding that Google is not to be trusted[45][46]
+- Nick Szabo: "Trusted Third Parties are Security Holes"[44][48]
+
+Cloudflare is a network service for turing tests its users use against visitors, which means that it frustrates attempts 
+by users of its users to develop software to interact with their websites[3].
+This might seem strange at first - why would you need a program to access a web resource?
+But there's many things that work on the web like this, including RSS, streaming, chat, podcasts, and anti-virus definitions[57][58] which 
+are completely broken by a CAPTCHA appearing mid stream[11].
+"We humans don't make HTTP requests, our machines to do it for us."
+This makes clear what is really being tested here - whether or not you have the right software stack in between you and
+Cloudflare.
+
+This is not hypothetical: Cloudflare is currently attempting to dictate which browsers users of their "protected" 
+websites may use[60].
+
+{{expand}}
+
+Your right to use Free Software in this stack is at risk and could disappear at any moment.
+
+It also is extracting free labor from website users[35], in effect tricking humans into acting like robots in order to 
+pass a test designed to see whether or not they are a robot. Worse, this labor is being used to train[62] Google's artificial intelligence, a very 
+poor candidate for "friendly AI"[36].  Given unfriendly AI is an existential[43] risk[42] to mankind, avoiding this 
+should be among the highest of priorities.
+
+This software stack includes human language: the CAPTCHAs are in English, leaving non-English speakers around the world 
+at a disadvantage[13]. Attempts to fix this are bound by the fact that they also leak language information to 
+Cloudflare[21].
+
+Furthermore, they use Google's reCaptcha for their turing test/"proof you are a human" challenge and Google is known as a part of NSA's PRISM surveillance project so they expose their website visitor's data to PRISM data collection.
+
+On its own, this is terrible bad but it's also worth pointing out how the reCAPTCHAs work. It isn't by whether or not you 
+click on the correct icon (though that is a factor too) but also collect:
+
+> mouse movement, its slightness and straightness
+> page scrolls
+> time intervals between browser events
+> keystrokes
+> click location history tied to user fingerprint
+> device information
+> All these criteria are stored in the browser’s cookie and are processed by Google’s servers
+> It should be emphasized that there is DARPA technology to identify people by mouse movements and typing ​
+[23]
+
+This collection of data is likely illegal in regions where privacy is taken seriously (like the EU)[24].
+
+It is frustrating even when it works because you have to fill out 20 captchas on the off-chance that you succeed one time in 
+twenty. So this is 95% censorship and 5% wasting users' time[5].
+
+More important, though, is that it starts to form a ratchet for web browser technology; the captchas are upgraded all the 
+time and if you use an older browser, you risk being left behind even when it works. 
+
+
+*How Cloudflare Threatens You*
+
+"When you fetch a page from a website that is served from Cloudflare, JavaScript has been injected on-the-fly into that 
+page by Cloudflare. And they also plant a cookie that brands your browser with a globally-unique ID. This happens even if 
+the website is using SSL and shows a cute little padlock in your browser" [10]
+
+- Cloudflare tracks you
+Even if your traffic is protected from onlookers, Cloudflare itself can see your traffic[6] because they are a MITM[14][31].
+In addition, if Cloudflare[53] has intercepted your traffic(MITM), so has the NSA[33].
+"If a site uses Cloudflare, then the browser lock icon is a false promise."[14]
+"The short version, a rhetorical question: Would you trust a key escrow regime, in which an “authorized” entity was 
+entrusted with the potential to decrypt all communications at will? If not, why would you trust a de facto mass decryption 
+chokepoint at which many communications are actually decrypted?"[34]
+In other words,
+
+- They are in a position to track, tap, and link Internet activity across a wide range of sites. [14]
+
+- Cloudflare frustrates accessibility efforts[25][27][36]:
+"CAPTCHA remains the most problematic item indicated by respondents"
+Cloudflare is one of the largest, if not the largest source of unconsensual CAPTCHAS, making them quite possibly the 
+biggest impediment in accessibility efforts worldwide.
+
+- Cloudflare makes using Tor frustrating by making efforts to become anonymous more difficult and making it more likely 
+that people will use non-Tor connections for some or all of their web browsing. The problem is getting worse with time. 
+[13]
+
+- It's not just Tor[19] but Tor users are the biggest group of people who've noticed it and are organizing against it so 
+far.
+
+- In particular, the model of Project Honeypot depends on one IPv4 address, meaning one person. As IPv4 addresses become 
+scarce, more and more ISPs (and whole countries[22]) are forced to use higher and higher levels of NAT. The result is that 
+the kinds of treatment of Tor users by Cloudflare starts to be not just for Tor, but for all web users. "Tor is just being 
+slightly ahead of what the IPv4 Internet is going to look like pretty soon."
+The next time a large group wakes up, millions of websites might be down (including critical ones) across a whole 
+continent. This has actually happened already. [49]
+
+"It was made clear in the Snowden leaks that GCHQ, the NSA, etc. would like people to stop using Tor so I am sure they are 
+very happy to see CF make general web browsing difficult and frustrating for ordinary users." [12]
+
+- Worse, Cloudflare makes using Tor *dangerous* because enabling JavaScript and images to deal with their system makes it 
+likely that some people will enable JavaScript and images on other websites, which, even if Cloudflare wasn't threatening 
+them, would. [9]
+
+- Cloudflare is capable of tracking users of its websites, and initial looks into its JavaScript/CAPTCHA seems to bear out 
+that they are doing so.
+
+- Cloudflare can target individual users with JavaScript malware; since you typically wind up enabling their JavaScript 
+to use websites, you fall into their trap. Because they track users, are giving, individualised code, and work directly 
+with the US government/DHS, there's no reason why they can't tailor attacks to specific users.
+ 
+- Even if they aren't doing it yet, they are at any point one US government administration, one vulture capital funding 
+purchase[26], or one internally rogue element away from executing JavaScript code on hundreds of millions of people's 
+computers a "highly attractive" target[7] with no oversight. The code CAPTCHA itself protects attempts to detect such 
+things from happening.
+
+- The way that Cloudflare is constructed means that even by accident, billions of people can be analyzed by their 
+government[51] and have their access limited or completely cut off at the government's whim.
+
+*Background : How Cloudflare threatens the web*
+
+- Cloudflare is a MITM for the whole web
+
+- As of 3 years ago 10% of the top 25,000 websites used Cloudflare[2]
+- A billion people in china are restricted by the Great Firewall[8]. Anyone who goes so far as to circumvent that must then 
+deal with the "Great Cloudwall" for accessing the open internet.
+
+- This is not just an individual problem, but fundamentally threatens the ecosystem of the web.
+Cloudflare is breaking the open internet one site at a time. The web is massively resilient - we can do without Stack 
+Overflow, GNU.org or even Google but when a significant enough portion of websites use a single provider, there starts to 
+be a systematic risk that if that single provider goes down, all of the websites behind it will be inaccessible. Worse, you 
+won't be allowed to access it unless you have the right kind of US government approved credential, contingent, perhaps, on 
+running software only they approve of.
+
+It is becoming a single point of failure for the internet. [39]
+
+Right now, there are alternative sources for, for example, the US constitution[17]. It is not unthinkable that Cloudflare 
+is getting big enough to threaten even that.
+
+{FIX ME - make section clearer}
+"A.1 sometimes there are necessary websites for some degree of necessary. Government websites, public service, etc. How 
+long until those are behind the "Great Cloudwall"?
+B: Not long. Our service is competitive and convenient. If public service websites choose to use our service for awesome 
+DDoS protection, it's their choice."[36]
+
+- Cloudflare has already started down the slippery slope[52] of censoring websites. If they didn't have a stranglehold on 
+people accessing the internet, it would not be a problem.  They are big enough that censorship from Cloudflare is starting 
+to be a systematic exclusion from the political process.
+
+"Cloudflare is perfect: it can implement censorship on the fly without anyone getting wise to it!"[40]
+
+- DNS[39]: given that they have become so systematically powerful, the next step to cementing their power is to attack 
+DNS. Their 1.1.1.1 DNS server, like Google's 8.8.8.8, is marketed to people so that Cloudflare will still be able to see 
+you're going to them even if you don't interact with websites "protected" by them. It gives them even more data to track you 
+with.
+
+*Background : Where does Cloudflare come from?*
+
+Cloudflare comes from a project called "Project Honey Pot"[61], originally intended to track online fraud and abuse.
+
+"What was Project Honey Pot?
+'A service that positions itself as some kind of a grassroot-y anti-spam registry, but in reality seems to be a pro-
+corporate law enforcement tool with the specific aim of entrapping and prosecuting spammers/phishing scammers in a way 
+that’s friendly to the marketing industry.'"
+
+The US Department of Homeland Security approached the developers in 2007-8[1][36] for access to their data and they have 
+been working with the US government[54] and law enforcement ever since[1].
+
+On HTTP GET requests:
+
+Cloudflare has a history of shutting down open DNS and open NTP servers.
+
+"It would be great if they allowed GET requests - for example - such requests should not and generally do not modify server 
+side content. They do not do this - this breaks the web in so many ways, it is incredible. Using wget with Tor on a website 
+hosted by CF is... a disaster. Using Tor Browser with it - much the same. These requests should be idempotent according to 
+spec, I believe."
+
+{FIX ME - "critical of it"?}
+Cloudflare has a history of closing tickets that are critical of it without actually resolving the issue[29][30][32]
+
+"Cloudflare is based in a country with secret courts, secret police, and secret prisons that are above the law - and this 
+secret government has characterized Cloudflare's data as extremely valuable"[28]
+"The CEO says, "Cloudflare's strength lies in the DATA it collects -- not in its CODE.'"[28]
+"The U.S. federal government is a Cloudflare customer."[28]
+"Cloudflare has never stated that a government agency did not install wiretapping equipment or software on the same 
+premises as a Cloudflare server."[28]
+"Cloudflare has never indicated that the architecture of its content distribution network is resistant to warrantless 
+mass surveillance."[28]
+"Cloudflare has given the Chinese government unprecedented censorship capability."[28]
+"Cloudflare has no intention to shut down as Lavabit did in order to protect the user from unlawful surveillance."[28]
+"Some Cloudflare customers are paying over 1 million dollars per year for an undisclosed service."[28]
+
+*"But Cloudflare is really necessary, the web is a nasty place"*
+
+- The more of the web is held within Cloudflare, the more pressure will be on websites not behind Cloudflare
+- As of 2016, by Cloudflare's own data, Tor was not as bad as normal internet connections.  
+- People:     "But we need Cloudflare to protect us from DDoS.” 
+  Cloudflare: "That’s a nice site you have there. It would be a shame, such a shame, if anything happened to it. Why don’t   
+  you let us decrypt all your TLS sessions[59] so we can protect you?"[14]
+
+*I heard Cloudflare is working with Tor and all is good now?*
+
+- Just because you can't see the problem doesn't mean it's not there.
+
+- This is not true. Their websites still CAPTCHA their users, same as ever, and news agencies across the political spectrum 
+screwed up stories about how the 'problem is fixed'. [18]
+
+- It's actually worse, though[17], if we couldn't see it[60] - it was easy to get a lot of riled up Tor users to understand 
+that Cloudflare was their adversary. It's a lot harder to convince people who are not blocked from their websites, today, 
+why giving systematic control over the world wide web might be a bad thing tomorrow.
+
+"Right now, Cloudflare says it monitors nearly 1/5 of all Internet visits. An astounding claim for a company most people 
+haven’t even heard of"[40]
+
+- But they are now doing more to track users and threaten the anonymity of Tor users.
+
+- Cloudflare is one of a couple of large network providers that are capturing the vast majority of digital communications, 
+effectively creating private networks the size of the modern internet that are competitive with and not subject to the 
+same kinds of scrutiny and regulation as the internet[58].
+
+*What if we shut down Cloudflare and migrate all websites out of them?*
+
+We're probably going to have the same problem with another company very soon. Just as when suddenly Microsoft no longer had
+a monopoly on software, we didn't get rid of the problem of proprietary software, there's a couple of problems that, if we
+don't solve them, something like Cloudflare is roughly inevitable as a consequence:
+
+*Cloudflare DNS*
+
+"DNS[50] is around, servers are insecure, proper end-to-end crypto isn't the norm hence MITM goes unnoticed, anonymity is an edge case, routing lacks built-in resiliency to disruption, we're always going to have actors building a business model around cobbling together superficial, overapproximating mitigations."[20]
+
+*Mozilla and Cloudflare*
+
+"At least for browsing with Firefox, because Mozilla has partnered up with Cloudflare and will resolve the domain names 
+from the application itself via a DNS server from Cloudflare based in the United States. Cloudflare will then be able to 
+read everyone's DNS requests."
+Sharing DNS requests with Cloudflare represents mozilla having a security hole, straight to the Cloudflare (and probably: 
+the NSA).
+
+*What can you do?*
+
+Learn more about Cloudflare and make sure the people around you know about Cloudflare. Use Tor by default to be more 
+exposed to the blocks. Go to the anti-Cloudflare collaboration repository[41] and make sure websites you use aren't 
+"protected", and if they are, contact the people who run the website requesting that they no longer use Cloudflare. Get 
+involved!
+
+
+References
+
+[1] crimeflare. Is CloudFlare a honey pot?  https://web.archive.org/web/20170721161127/http://www.crimeflare.us/honeypot.html
+[2] ioerror. Issues with corporate censorship and mass surveillance.  https://trac.torproject.org/projects/tor/ticket/18361#comment:15
+[3] ioerror. Issues with corporate censorship and mass surveillance.  https://trac.torproject.org/projects/tor/ticket/18361#comment:21
+[5] ioerror. Issues with corporate censorship and mass surveillance.  https://trac.torproject.org/projects/tor/ticket/18361#comment:28
+[6] ioerror. Issues with corporate censorship and mass surveillance.  https://trac.torproject.org/projects/tor/ticket/18361#comment:30
+[7] ioerror. Issues with corporate censorship and mass surveillance.  https://trac.torproject.org/projects/tor/ticket/18361#comment:32 
+[8] ioerror. Issues with corporate censorship and mass surveillance.  https://www.bloomberg.com/quicktake/great-firewall-of-china
+[9] ioerror. Issues with corporate censorship and mass surveillance.   https://trac.torproject.org/projects/tor/ticket/18361#comment:51
+[10] crimeflare. Is CloudFlare a honey pot?  https://web.archive.org/web/20170721161127/http://www.crimeflare.us/honeypot.html
+[11] ioerror. Issues with corporate censorship and mass surveillance.   https://trac.torproject.org/projects/tor/ticket/18361#comment:59
+[12] ioerror. Issues with corporate censorship and mass surveillance.   https://trac.torproject.org/projects/tor/ticket/18361#comment:66
+[13] mikeperry. The Trouble with CloudFlare.  https://blog.torproject.org/trouble-cloudflare
+[14] nullius. Block Global Active Adversary Cloudflare.  https://trac.torproject.org/projects/tor/ticket/24351#comment:8
+[15] Unknown. Google+ https://plus.google.com/105395547687614433866/posts/G9nnQBnLtjp
+[16] Unknown. Google+ https://plus.google.com/105395547687614433866/posts/XnQryQ7hR9G
+[17] msmach. Cloudflare Ends CAPTCHAs For Tor Users  https://it.slashdot.org/comments.pl?sid=12641622&cid=57348584
+[18] msmach. Cloudflare Ends CAPTCHAs For Tor Users  https://it.slashdot.org/comments.pl?sid=12641622&cid=57388544
+[19] ioerror. Issues with corporate censorship and mass surveillance.   https://trac.torproject.org/projects/tor/ticket/18361#comment:90
+[20] ioerror. Issues with corporate censorship and mass surveillance.   https://trac.torproject.org/projects/tor/ticket/18361#comment:112
+[21] ioerror. Issues with corporate censorship and mass surveillance.   https://trac.torproject.org/projects/tor/ticket/18361#comment:132
+[22] ioerror. Issues with corporate censorship and mass surveillance.   https://trac.torproject.org/projects/tor/ticket/18361#comment:141
+[23] ioerror. Issues with corporate censorship and mass surveillance.   https://trac.torproject.org/projects/tor/ticket/18361#comment:147
+[24] ioerror. Issues with corporate censorship and mass surveillance.   https://trac.torproject.org/projects/tor/ticket/18361#comment:160
+[25] ioerror. Issues with corporate censorship and mass surveillance.   https://trac.torproject.org/projects/tor/ticket/18361#comment:175
+[26] ioerror. Issues with corporate censorship and mass surveillance.   https://trac.torproject.org/projects/tor/ticket/18361#comment:183
+[27] ioerror. Issues with corporate censorship and mass surveillance.   https://trac.torproject.org/projects/tor/ticket/18361#comment:231
+[28] ioerror. Issues with corporate censorship and mass surveillance.   https://trac.torproject.org/projects/tor/ticket/18361#comment:236
+[29] ioerror. Issues with corporate censorship and mass surveillance.   https://trac.torproject.org/projects/tor/ticket/18361#comment:255
+[30] gk. Cloudflare breaks loading the chat.  https://trac.torproject.org/projects/tor/ticket/23141
+[31] nullius. Block Global Active Adversary Cloudflare.  https://trac.torproject.org/projects/tor/ticket/24351#comment:20
+[32] nullius. Block Global Active Adversary Cloudflare.  https://trac.torproject.org/projects/tor/ticket/24351#comment:44
+[33] nullius. Block Global Active Adversary Cloudflare.  https://trac.torproject.org/projects/tor/ticket/24351#comment:52
+[34] nullius. Block Global Active Adversary Cloudflare.  https://trac.torproject.org/projects/tor/ticket/24351#comment:60
+[35] nullius. Block Global Active Adversary Cloudflare.  https://trac.torproject.org/projects/tor/ticket/24321#comment:13
+[36] Anonymous. Cloudflare philosophy.  https://codeberg.org/crimeflare/cloudflare-tor/src/master/cloudflare-philosophy.md
+[37] Peter O'Shaughnessy. Screen Reader User Survey Results #7.  https://toot.cafe/@peter/99398584471715976
+[39] ungeich. A new feature in Firefox  https://blog.ungleich.ch/en-us/cms/blog/2018/08/04/mozillas-new-dns-resolution-is-dangerous/
+[40] Yasha Levine. iSucker: Big Brother Internet Culture  http://exiledonline.com/isucker-big-brother-internet-culture/
+[41] Anonymous. The Great Cloudwall.  http://codeberg.org/crimeflare/cloudflare-tor
+[42] lesswrong wiki. Unfriendly artificial intelligence  https://wiki.lesswrong.com/wiki/Unfriendly_artificial_intelligence
+[43] Ben Harack. What is an existential risk?  https://www.visionofearth.org/future-of-humanity/existential-risks/what-is-an-existential-risk/
+[44] Nick Szabo. Twitter  http://twitter.com/nickszabo4
+[45] FSF. Google's Software is Malware  https://www.gnu.org/proprietary/malware-google.en.html
+[46] Richard Stallman. Reasons not to use Google  https://stallman.org/google.html
+[47] Richard Stallman. The JavaScript Trap  https://www.gnu.org/philosophy/javascript-trap.html
+[48] Nick Szabo. Trusted Third Parties are Security Holes. 2001.  https://nakamotoinstitute.org/trusted-third-parties
+[49] slashgeek. CloudFlare is ruining the internet (for me)  https://www.slashgeek.net/2016/05/17/cloudflare-is-ruining-the-internet-for-me/
+[50] Hamid Sarfraz. How likely is it that CloudFlare is an NSA operation?  https://www.quora.com/How-likely-is-it-that-CloudFlare-is-an-NSA-operation/answer/Hamid-Sarfraz
+[51] Karthik Balakrishnan. Airtel is sniffing and censoring CloudFlare’s traffic in India and CloudFlare doesn’t even know it.  https://medium.com/@karthikb351/airtel-is-sniffing-and-censoring-cloudflares-traffic-in-india-and-they-don-t-even-know-it-90935f7f6d98
+[52] http://pleroma.oniichanylo2tsi4.onion/notice/1563
+[53] StopMITMInt. Add an option to stop trusting Cloudflare certificate  https://github.com/mozilla-mobile/focus-android/issues/1743#issuecomment-351555735
+[54] goody2shoes. Block Global Active Adversary Cloudflare  https://lists.torproject.org/pipermail/tor-talk/2018-January/043889.html
+[55] EFF. The Crypto Wars  https://www.eff.org/document/crypto-wars
+[56] http://forums.clamwin.com/viewtopic.php?t=4915
+[57] November 2018 Archives by thread  http://lists.clamav.net/pipermail/clamav-users/2018-November/thread.html
+[58] https://www.itu.int/en/ITU-T/Workshops-and-Seminars/20181218/Documents/Geoff_Huston_Presentation.pdf
+[59] Thorin-Oakenpants. let's talk about our little buddy cloudflare.  https://github.com/ghacksuserjs/ghacks-user.js/issues/310#issuecomment-351913412
+[60] ghost. What do you think about Cloudflare?  https://github.com/privacytoolsIO/privacytools.io/issues/374#issuecomment-460413259
+[61] Unspam Technologies, Inc.  https://projecthoneypot.org/
+[62] TechRader. Captcha if you can: how you’ve been training AI for years without realising it https://www.techradar.com/news/captcha-if-you-can-how-youve-been-training-ai-for-years-without-realising-it

cloudflare_inc/README.md

@@ -0,0 +1,8 @@
+# Cloudflare, inc.
+
+Anti-human surveilance & censorship company.
+
+![](../image/blockedbyjustin.jpg)
+![](../image/blockedbymatthewprince.jpg)
+
+See [instructions.md](../instructions.md) for file purpose and format specifications.

cloudflare_inc/cloudflare_CIDR_v4.txt

@@ -0,0 +1,843 @@
+1.0.0.0/24
+1.1.1.0/24
+103.21.244.0/22
+103.21.246.0/24
+103.21.247.0/24
+103.22.200.0/22
+103.22.200.0/23
+103.22.202.0/24
+103.22.203.0/24
+103.31.4.0/22
+103.31.4.0/23
+104.16.0.0/12
+104.16.0.0/20
+104.16.112.0/20
+104.16.128.0/20
+104.16.144.0/20
+104.16.16.0/20
+104.16.160.0/20
+104.16.176.0/20
+104.16.192.0/20
+104.16.208.0/20
+104.16.224.0/20
+104.16.240.0/20
+104.16.32.0/20
+104.16.48.0/20
+104.16.64.0/20
+104.16.80.0/20
+104.16.96.0/20
+104.17.0.0/20
+104.17.112.0/20
+104.17.128.0/20
+104.17.144.0/20
+104.17.16.0/20
+104.17.160.0/20
+104.17.176.0/20
+104.17.192.0/20
+104.17.208.0/20
+104.17.224.0/20
+104.17.240.0/20
+104.17.32.0/20
+104.17.48.0/20
+104.17.64.0/20
+104.17.80.0/20
+104.17.96.0/20
+104.18.0.0/20
+104.18.112.0/20
+104.18.128.0/20
+104.18.144.0/20
+104.18.16.0/20
+104.18.160.0/20
+104.18.176.0/20
+104.18.192.0/20
+104.18.208.0/20
+104.18.224.0/20
+104.18.240.0/20
+104.18.32.0/20
+104.18.48.0/20
+104.18.64.0/20
+104.18.80.0/20
+104.18.96.0/20
+104.19.0.0/20
+104.19.112.0/20
+104.19.128.0/20
+104.19.144.0/20
+104.19.16.0/20
+104.19.160.0/20
+104.19.176.0/20
+104.19.192.0/20
+104.19.208.0/20
+104.19.224.0/20
+104.19.240.0/20
+104.19.32.0/20
+104.19.48.0/20
+104.19.64.0/20
+104.19.80.0/20
+104.19.96.0/20
+104.20.0.0/20
+104.20.112.0/20
+104.20.128.0/20
+104.20.144.0/20
+104.20.16.0/20
+104.20.160.0/20
+104.20.176.0/20
+104.20.192.0/20
+104.20.208.0/20
+104.20.224.0/20
+104.20.240.0/20
+104.20.32.0/20
+104.20.48.0/20
+104.20.64.0/20
+104.20.80.0/20
+104.20.96.0/20
+104.22.0.0/20
+104.23.112.0/20
+104.23.128.0/20
+104.23.192.0/20
+104.23.240.0/22
+104.23.96.0/20
+104.24.0.0/20
+104.24.112.0/20
+104.24.128.0/20
+104.24.144.0/20
+104.24.16.0/20
+104.24.160.0/20
+104.24.176.0/20
+104.24.192.0/20
+104.24.208.0/20
+104.24.224.0/20
+104.24.240.0/20
+104.24.32.0/20
+104.24.48.0/20
+104.24.64.0/20
+104.24.80.0/20
+104.24.96.0/20
+104.25.0.0/20
+104.25.112.0/20
+104.25.128.0/20
+104.25.144.0/20
+104.25.16.0/20
+104.25.160.0/20
+104.25.176.0/20
+104.25.192.0/20
+104.25.208.0/20
+104.25.224.0/20
+104.25.240.0/20
+104.25.32.0/20
+104.25.48.0/20
+104.25.64.0/20
+104.25.80.0/20
+104.25.96.0/20
+104.26.0.0/20
+104.27.0.0/20
+104.27.112.0/20
+104.27.128.0/20
+104.27.144.0/20
+104.27.16.0/20
+104.27.160.0/20
+104.27.176.0/20
+104.27.192.0/20
+104.27.208.0/20
+104.27.240.0/22
+104.27.32.0/20
+104.27.48.0/20
+104.27.64.0/20
+104.27.80.0/20
+104.27.96.0/20
+104.28.0.0/20
+104.28.112.0/20
+104.28.128.0/20
+104.28.144.0/20
+104.28.16.0/20
+104.28.160.0/20
+104.28.176.0/20
+104.28.192.0/20
+104.28.208.0/20
+104.28.224.0/20
+104.28.240.0/20
+104.28.32.0/20
+104.28.48.0/20
+104.28.64.0/20
+104.28.80.0/20
+104.28.96.0/20
+104.31.0.0/20
+104.31.112.0/22
+104.31.128.0/20
+104.31.144.0/20
+104.31.16.0/20
+104.31.160.0/20
+104.31.176.0/20
+104.31.192.0/20
+104.31.208.0/20
+104.31.224.0/20
+104.31.240.0/20
+104.31.64.0/20
+104.31.80.0/20
+108.162.192.0/18
+108.162.208.0/24
+108.162.210.0/24
+108.162.211.0/24
+108.162.212.0/24
+108.162.213.0/24
+108.162.214.0/24
+108.162.215.0/24
+108.162.216.0/24
+108.162.217.0/24
+108.162.218.0/24
+108.162.219.0/24
+108.162.220.0/24
+108.162.221.0/24
+108.162.222.0/24
+108.162.223.0/24
+108.162.226.0/24
+108.162.227.0/24
+108.162.228.0/24
+108.162.229.0/24
+108.162.235.0/24
+108.162.236.0/24
+108.162.237.0/24
+108.162.238.0/24
+108.162.239.0/24
+108.162.240.0/24
+108.162.241.0/24
+108.162.242.0/24
+108.162.243.0/24
+108.162.244.0/24
+108.162.245.0/24
+108.162.246.0/24
+108.162.247.0/24
+108.162.248.0/24
+108.162.249.0/24
+108.162.250.0/24
+108.162.252.0/24
+108.162.253.0/24
+108.162.255.0/24
+131.0.72.0/22
+141.101.100.0/22
+141.101.104.0/24
+141.101.105.0/24
+141.101.106.0/24
+141.101.107.0/24
+141.101.108.0/24
+141.101.109.0/24
+141.101.110.0/24
+141.101.111.0/24
+141.101.112.0/20
+141.101.112.0/23
+141.101.114.0/23
+141.101.120.0/22
+141.101.64.0/18
+141.101.64.0/24
+141.101.65.0/24
+141.101.66.0/24
+141.101.67.0/24
+141.101.68.0/24
+141.101.69.0/24
+141.101.70.0/24
+141.101.71.0/24
+141.101.72.0/24
+141.101.73.0/24
+141.101.74.0/24
+141.101.75.0/24
+141.101.76.0/23
+141.101.82.0/24
+141.101.83.0/24
+141.101.84.0/24
+141.101.85.0/24
+141.101.88.0/22
+141.101.94.0/24
+141.101.95.0/24
+141.101.96.0/24
+141.101.97.0/24
+141.101.98.0/24
+141.101.99.0/24
+162.158.0.0/15
+162.158.0.0/22
+162.158.10.0/24
+162.158.100.0/24
+162.158.101.0/24
+162.158.102.0/24
+162.158.103.0/24
+162.158.104.0/24
+162.158.105.0/24
+162.158.106.0/24
+162.158.107.0/24
+162.158.108.0/22
+162.158.11.0/24
+162.158.112.0/24
+162.158.113.0/24
+162.158.114.0/24
+162.158.115.0/24
+162.158.116.0/22
+162.158.12.0/22
+162.158.120.0/24
+162.158.121.0/24
+162.158.122.0/24
+162.158.123.0/24
+162.158.124.0/22
+162.158.128.0/22
+162.158.132.0/24
+162.158.133.0/24
+162.158.134.0/24
+162.158.135.0/24
+162.158.136.0/22
+162.158.140.0/24
+162.158.141.0/24
+162.158.142.0/24
+162.158.143.0/24
+162.158.144.0/24
+162.158.145.0/24
+162.158.146.0/24
+162.158.147.0/24
+162.158.148.0/22
+162.158.152.0/22
+162.158.156.0/22
+162.158.16.0/22
+162.158.160.0/20
+162.158.176.0/24
+162.158.177.0/24
+162.158.178.0/24
+162.158.179.0/24
+162.158.180.0/22
+162.158.184.0/24
+162.158.185.0/24
+162.158.186.0/24
+162.158.187.0/24
+162.158.188.0/24
+162.158.189.0/24
+162.158.190.0/24
+162.158.191.0/24
+162.158.192.0/24
+162.158.193.0/24
+162.158.194.0/24
+162.158.195.0/24
+162.158.196.0/24
+162.158.197.0/24
+162.158.198.0/24
+162.158.199.0/24
+162.158.20.0/22
+162.158.200.0/22
+162.158.204.0/23
+162.158.206.0/23
+162.158.206.0/24
+162.158.208.0/22
+162.158.212.0/22
+162.158.216.0/23
+162.158.218.0/23
+162.158.220.0/22
+162.158.224.0/22
+162.158.224.0/24
+162.158.225.0/24
+162.158.226.0/23
+162.158.228.0/22
+162.158.232.0/22
+162.158.236.0/22
+162.158.24.0/24
+162.158.240.0/22
+162.158.244.0/22
+162.158.248.0/22
+162.158.248.0/23
+162.158.25.0/24
+162.158.250.0/23
+162.158.252.0/22
+162.158.26.0/24
+162.158.27.0/24
+162.158.28.0/24
+162.158.29.0/24
+162.158.30.0/24
+162.158.31.0/24
+162.158.32.0/22
+162.158.36.0/24
+162.158.37.0/24
+162.158.38.0/24
+162.158.39.0/24
+162.158.4.0/22
+162.158.40.0/24
+162.158.41.0/24
+162.158.42.0/24
+162.158.43.0/24
+162.158.44.0/22
+162.158.44.0/24
+162.158.45.0/24
+162.158.46.0/24
+162.158.47.0/24
+162.158.48.0/24
+162.158.49.0/24
+162.158.50.0/24
+162.158.51.0/24
+162.158.52.0/24
+162.158.53.0/24
+162.158.54.0/24
+162.158.55.0/24
+162.158.56.0/22
+162.158.60.0/22
+162.158.64.0/21
+162.158.64.0/22
+162.158.72.0/22
+162.158.76.0/22
+162.158.8.0/24
+162.158.80.0/23
+162.158.82.0/23
+162.158.82.0/24
+162.158.83.0/24
+162.158.84.0/22
+162.158.84.0/24
+162.158.85.0/24
+162.158.86.0/24
+162.158.87.0/24
+162.158.88.0/21
+162.158.88.0/24
+162.158.89.0/24
+162.158.9.0/24
+162.158.90.0/24
+162.158.91.0/24
+162.158.92.0/24
+162.158.93.0/24
+162.158.94.0/24
+162.158.95.0/24
+162.158.96.0/24
+162.158.97.0/24
+162.158.98.0/24
+162.158.99.0/24
+162.159.0.0/20
+162.159.0.0/24
+162.159.1.0/24
+162.159.10.0/24
+162.159.11.0/24
+162.159.12.0/24
+162.159.128.0/17
+162.159.128.0/19
+162.159.13.0/24
+162.159.132.0/24
+162.159.14.0/24
+162.159.15.0/24
+162.159.16.0/20
+162.159.16.0/24
+162.159.17.0/24
+162.159.18.0/24
+162.159.19.0/24