Cloud9 DNS

[L&LD]

You do, because you wouldn’t be suggesting that Cloudflare is operating outside of its posted privacy policy. Your own tweet, in 2018, called Cloudflare’s privacy policy “strong” and to me—the read between the lines argument of their privacy policy is used to sow doubts of their service. This rubs me the wrong way. Sorry—but that’s my opinion, as you have your opinion. We’ll have to disagree here.

Post 37 seems to back up those doubts with facts that can be easily checked? I don't see what you're disagreeing with here?

 

[appleseed]

Bill Woodcock made an informative post. no feels just reals and he came prepared with the receipts.

 

[scjr]

Bill Woodcock made an informative post. no feels just reals and he came prepared with the receipts.

He also said, in August 2018 via tweet, that Cloudflare has a strong privacy policy.

So which Bill Woodcock should we believe? How do you go from saying that, to quoting material from 2016 and 2018 to make a point that Cloudflare isn’t adhering to their privacy policy? Material that is dated before his actual tweet. To me—that calls into question what he’s suggesting. It’s my opinion. I could be totally wrong here, but I also could be right and maybe that’s the point. You either believe the Cloudflare privacy policy or you don’t.

https://twitter.com/woodyatpch/status/1033422327327936512?s=21

 

[L&LD]

He also said, in August 2018 via tweet, that Cloudflare has a strong privacy policy.

So which Bill Woodcock should we believe? How do you go from saying that, to quoting material from 2016 and 2018 to make a point that Cloudflare isn’t adhering to their privacy policy? Material that is dated before his actual tweet. To me—that calls into question what he’s suggesting. It’s my opinion. I could be totally wrong here, but I also could be right and maybe that’s the point. You either believe the Cloudflare privacy policy or you don’t.

https://twitter.com/woodyatpch/status/1033422327327936512?s=21

I don't know, you may be right. But instead of attacking a possible Bill Woodcock clone (which one!), why don't you address the facts as posted in post 37 above?

And just because someone states the opposite of what they once did, I usually call that learning all else being equal. Even if the 'facts' presented were available before the time of the original statement(s).

 

[scjr]

I don't know, you may be right. But instead of attacking a possible Bill Woodcock clone (which one!), why don't you address the facts as posted in post 37 above?

And just because someone states the opposite of what they once did, I usually call that learning all else being equal. Even if the 'facts' presented were available before the time of the original statement(s).

I’m not attacking him, my friend. I’m as respectful as they come. I believe my behavior on SNB forums attests to that.

I’ve explained above why I disagree, which references his tweet and then using material that came before the tweet. I simply have a different opinion here and disagree. I’m sure or at least hope Mr. Woodcock respects that.

 

[gattaca]

We can debate what any DNS provider does... and indeed CF's "Privacy Policy" may be accurate and carefully written by some very good, very $ lawyers. The point I made earlier still applies. The very act of providing DNS requires some form of data collection and while they (or anyone) may discard the actual data after N hours, there's plenty of analysis which can be done in NN hours to generate new data which technically would not be anything directly collected from your DNS query and hence not discarded but still let them remain within the "stated policy"

The take-away is read carefully between the lines and choose the lessor of the evils. Couple that with your common sense. For instance, CF is privately held... it's making $ somewhere.. right? The executives are getting paid somehow right?

BTW, great discussion and insights.. don't let it get personal - read and decide for yourselves.. you've got up to 8 good choices.. Peace.

 

[L&LD]

I’m not attacking him, my friend. I’m as respectful as they come. I believe my behavior on SNB forums attests to that.

I’ve explained above why I disagree, which references his tweet and then using material that came before the tweet. I simply have a different opinion here and disagree. I’m sure or at least hope Mr. Woodcock respects that.

And of course, I'm not attacking you personally either friend!

Just want to get to the bottom of this too, but while I can agree to disagree with anyone, it seems like your position is not tenable, with the information you've posted so far.

 

[scjr]

We can debate what any DNS provider does... and indeed CF's "Privacy Policy" may be accurate and carefully written by some very good, very $ lawyers. The point I made earlier still applies. The very act of providing DNS requires some form of data collection and while they (or anyone) may discard the actual data after N hours, there's plenty of analysis which can be done in NN hours to generate new data which technically would not be anything directly collected from your DNS query.

The take-away should be read-between the lines and choose the lessor of the evils and couple that with some common sense. For instance, CF is privately held... it's making $ somewhere.. right?

BTW, great discussion and insights.. don't let it get personal - read and decide for yourselves.. you've got up to 8 good choices.. Peace.

Good post, @gattaca.

What would be nice—if a Cloudflare representative would comment here as well. That would bring more clarity or maybe not?

 

[scjr]

And of course, I'm not attacking you personally either friend!

Just want to get to the bottom of this too, but while I can agree to disagree with anyone, it seems like your position is not tenable, with the information you've posted so far.

It’s all good, my friend. I respect you and your thoughts, @L&LD. If we all agreed, this would be a boring place. Haha

 

[Ryan K (Cloudflare)]

Google and Cloudflare make their money by collecting and selling personal information.

With regard to Cloudflare, this is a completely false statement. We don't sell data on users or their activities. Period. We do collect data, which is used for debugging purposes, but it is purged in 24 hours. We don't mine data or sell it for profit. Not our business model and I feel pretty comfortable saying it never will be.

At first, Cloudflare was denying that they were sharing the information, but now they've published a policy tries to obscure the fact that they're gathering this information for Geoff. Originally, they flat-out denied it, but I guess their lawyers caught up with that, and now they just weasel around it.

Not sure where you saw the denial, but to my knowledge we were always acknowledging that APNIC received limited anonimyzed data.


https://www.cloudflare.com/learning/dns/what-is-1.1.1.1/

"Some other recursive DNS services may claim that their services are secure because they support DNSSEC. While this is a good security practice, users of these services are ironically not protected from the DNS companies themselves. Many of these companies collect data from their DNS customers to use for commercial purposes. Alternatively, 1.1.1.1 does not mine any user data. Logs are kept for 24 hours for debugging purposes, then they are purged."

 

[L&LD]

Good post, @gattaca.

What would be nice—if a Cloudflare representative would comment here as well. That would be bring more clarity or maybe not?

If any of the information in post 37 is factual, I wouldn't allow any representative to speak on Cloudflare's behalf.

 

[L&LD]

With regard to Cloudflare, this is a completely false statement. We don't sell data on users or their activities. Period. We do collect data, which is used for debugging purposes, but it is purged in 24 hours. We don't mine data or sell it for profit. Not our business model and I feel pretty comfortable saying it never will be.

https://www.cloudflare.com/learning/dns/what-is-1.1.1.1/

"Some other recursive DNS services may claim that their services are secure because they support DNSSEC. While this is a good security practice, users of these services are ironically not protected from the DNS companies themselves. Many of these companies collect data from their DNS customers to use for commercial purposes. Alternatively, 1.1.1.1 does not mine any user data. Logs are kept for 24 hours for debugging purposes, then they are purged."

Thank you for joining the conversation!

Your statements are great to hear. However, the link does not (easily) show me the same things you stated.

For example, the following link seems to be exactly the opposite of what you state above.

https://www.cloudflare.com/analytics/

What about the other points in post 37? Possible you could expand on those as well?

 

[scjr]

If any of the information in post 37 is factual, I wouldn't allow any representative to speak on Cloudflare's behalf.

Then it comes down to who you want to believe. Whether you believe the privacy policy as written by a company or not.

 

[scjr]

With regard to Cloudflare, this is a completely false statement. We don't sell data on users or their activities. Period. We do collect data, which is used for debugging purposes, but it is purged in 24 hours. We don't mine data or sell it for profit. Not our business model and I feel pretty comfortable saying it never will be.

https://www.cloudflare.com/learning/dns/what-is-1.1.1.1/

"Some other recursive DNS services may claim that their services are secure because they support DNSSEC. While this is a good security practice, users of these services are ironically not protected from the DNS companies themselves. Many of these companies collect data from their DNS customers to use for commercial purposes. Alternatively, 1.1.1.1 does not mine any user data. Logs are kept for 24 hours for debugging purposes, then they are purged."

Thanks for joining the discussion by commenting and clarifying your policy.

 

[L&LD]

Then it comes down to who you want to believe. Whether you believe the privacy policy as written by a company or not.

You got me there.

I don't believe anything written by a lawyer. Whether I'm paying them or not. Masters of doublespeak and only looking out for their own rear ends.

 

[appleseed]

months ago I installed Cloud Fare's free iOS DNS app to get on the waiting list for the new free/paid VPN service: https://blog.cloudflare.com/1111-warp-better-vpn/

The DNS works well. The iOS app shows your place on the waiting list for release and has since moved up the list from number 800K-something to 200K-something so I was pretty excited to try a fast free (and possibly paid) VPN from what I thought was an internationally well-known CDN company. Now I am unsure if there is some kind of profile of me that will pay for it.

I think I dun goofed.

 

[L&LD]

months ago I installed Cloud Fare's free iOS DNS app to get on the waiting list for the new free/paid VPN service: https://blog.cloudflare.com/1111-warp-better-vpn/

The DNS works well. The iOS app shows your place on the waiting list for release and has since moved up the list from number 800K-something to 200K-something so I was pretty excited to try a fast free (and possibly paid) VPN from what I thought was an internationally well-known CDN company. Now I am unsure if there is some kind of profile of me that will pay for it.

I think I dun goofed.

Don't laugh... but I don't trust any apps either. They're the #1 way of getting all your information to someone else with your consent (willingly, or not willingly). Just by having them installed.

 

[Ryan K (Cloudflare)]

For example, the following link seems to be exactly the opposite of what you state above.

https://www.cloudflare.com/analytics/

Completely different product. That has to do with a site operator reviewing and analyzing information that would already be available to them about their own site visitors, with the addition of info about bots (that other analytics typically ignore).

If you are asking about Matthew's comments while in business school, that was long before Cloudflare was fleshed out into an actual concept/product/business. And the data in question was related to Project Honeypot, which was for identifying spammers. Doesn't seem relevant to the 1.1.1.1 Resolver.

Either way, our business is not about mining and selling user data.

 

[L&LD]

Completely different product. That has to do with a site operator reviewing and analyzing information that would already be available to them about their own site visitors, with the addition of info about bots (that other analytics typically ignore).

If you are asking about Matthew's comments while in business school, that was long before Cloudflare was fleshed out into an actual concept/product/business. And the data in question was related to Project Honeypot, which was for identifying spammers. Doesn't seem relevant to the 1.1.1.1 Resolver.

So, if I take this at face value, what 'protection' do I have if I'm using Cloudflare as a user on someone's website that uses this different product above? I am guessing none.

No, I don't care about mere comments, but I would like to know about the sharing of DNS data with APNIC Labs. And the 5-year 'deal' when 1.1.1.1 won't be a valid DNS address anymore, at least not through Cloudflare?

 

[Ryan K (Cloudflare)]

Totally understand having suspicions. And I'm happy to try and help clarify. If I don't have all the info I can reach out to the Resolver team and see what else I can find out.

So, if I take this at face value, what 'protection' do I have if I'm using Cloudflare as a user on someone's website that uses this different product above? I am guessing none.

While the 1.1.1.1 app uses the VPN function on your phone, it is not a VPN (in the traditional sense). It secures and speeds up your DNS requests, but doesn't completely anonymize you on the web. Many network providers would like to sell your browsing habits for advertising purposes. Cloudflare doesn't do that and frankly doesn't want any part of that kind of activity.

No, I don't care about mere comments, but I would like to know about the sharing of DNS data with APNIC Labs. And the 5-year 'deal' when 1.1.1.1 won't be a valid DNS address anymore, at least not through Cloudflare?

I'm not sure I can speak to the nuts and bolts of the APNIC arrangement, but it's not about sharing any information that can be used to identify anyone. I think it's more for understanding the garbage traffic that gets directed at an IP address that people have historically used as a placeholder. I'm sure there are other aspects to evaluate, but none are about tracking activity back to a user.