Over the past 6 months or so, a few members have asked us if we accept donations via .

We moved away from them because they were having issues; it looks like those issues are now fixed (we hope). So we’re happy to announce that Fosstodon is now accepting Liberapay donations again. 😁

@fosstodon yeah but i think we all can agree that dependence on a centralised MITM service doesnt really fit with what we're doing on fedi and with open payment platforms



to be honest, there are plenty of practical users to use CloudFlare for a relatively small platform like Liberapay. Security matters when credit card data is being stored

@tuxdevices @fosstodon it's like suddenly we're forgetting about cloudbleed
@tuxdevices @fosstodon security matters which is all the more reason to rid themselves of cloudfuck

@wowaname if people stopped using software everytime a significant vulnerability was discovered, no-one would be using any software.

Whilst I wouldn't use CloudFlare personally, I wouldn't hold it against another company, especially when they want a quick and simple way of securing their infra.


@fosstodon @tuxdevices @fosstodon @tuxdevices oh yeah thanks for twisting my words, thinking i said we should stop using any software with any history of security issues. read again, more closely this time, that is NOT what i said. cloudflare is a single point of failure, a huge one, so whenever theres a compromise, an entire section of the internet is affected. cloudbleed isnt an isolated incident. cloudflare has faced successful ddos attacks affecting entire regions, and as attacks get stronger and easier to carry out, im willing to bet that itll happen again in the future.

by NO MEANS is cloudflare a suitable way to "secure infra". reminder that all those IP addresses cloudflare is "protecting", theyre all still publicly routable, all it takes is direct attacks on the providers themselves (aws, do, any other popular provider with zero mitigation) and bam, you lose any "security" benefit cloudflare fooled you into buying, lulling you into a false sense of reassurance

secure your infra properly, cloudflare isnt an answer
@wowaname @fosstodon @tuxdevices cloudflare is a surveillance wet dream, a single point that decrypts SSL connections and allows collation of data for a VERY large number of websites that ppl use daily. Anyone using it's protection doesn't give a shit about their users privacy.
@wowaname @fosstodon @tuxdevices not to mention that Cloudflare's CEO was heavily involved with the US DoD's Project Honeypot - not exactly great credentials for someone who 'takes his responsibility for your privacy seriously'.
Sign in to participate in the conversation

Fosstodon is a Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.