Cloudflare Blocks Abusive Content On Its Ethereum Gateway

An anonymous reader quotes a report from TorrentFreak: Cloudflare is a content-neutral Internet infrastructure service. The company aims not to interfere with the traffic of its clients and users but, in some cases, it has to take action. This means responding to DMCA subpoenas and takedown requests for hosted content, for example. In addition, Cloudflare now reports it has blocked access to 'abusive' content on its Ethereum gateway. [...] In its most recent transparency report, Cloudflare further notes that it has implemented access restrictions on its public Ethereum gateway. The company doesn't store any content on the Ethereum network, nor can it remove any. However, it can block access through its service.

If Cloudflare receives valid abuse reports or copyright infringement complaints, it will take appropriate action. The same applies to the gateway for the decentralized IPFS network. In its previous transparency report, Cloudflare already mentioned more than 1,000 IPFS actions a figure that increased slightly in the second half of last year. At the same time, Cloudflare also restricted access to 99 'items' on the Ethereum network. Since these are 'gateway' related restrictions there's no impact on the content hosted on IPFS or Ethereum. Instead, it will only make it impossible to access content through Cloudflare's service.

It's not clear how many of these restrictions are abuse or copyright-related, as not much context is provided. The Ethereum actions are, at least in part, a response to the U.S. Department of Treasury's sanctions against the cryptocurrency tumbler Tornado Cash. "Those sanctions raise significant legal questions about the extent to which particular computer software, rather than individuals or entities that use that software, can be subject to sanctions," Cloudflare writes. "Nonetheless, to comply with legal requirements, Cloudflare has taken steps to disable access through the Cloudflare-operated Ethereum Gateway to the digital currency addresses identified in the designation." The report notes that the volume of valid DMCA notices Cloudflare received has increased, "up from 18 to 972 in the span of a year." Meanwhile, the number of civil subpoenas it's received, including those issued under the DMCA, has decreased. "In the second half of last year, the company received 20 civil subpoenas which targeted 57 domain names," reports TorrentFreak. "That's the lowest number since Cloudflare first disclosed this statistic five years ago, signaling a downward trend."

Cloudflare's latest Transparency Report is available here (PDF).

Cloudflare has been doing some shady shit.

[Eunomion]

I've had to find workarounds to access places I work or even own. Since I'm not a content provider, there's no explanation that makes sense, and neither I nor anyone also affected can get a straight answer.

Re:

[jmccue]

No kidding. For like 99% of sites there is no need for Cloudflare. It is like after 9/11, many bumf*** whatever places got surveillance cameras well before NYC and other very large Cities.

I hope "AI" kills Cloudflare off, but that would be a case of "you may get what you wish for". At this point, if I get a Cloudflare Captha, I do not go to the site at all.

Re:

[AmiMoJo]

Cloudflare saves the website operator a lot of money, purely on bandwidth costs. It saves even more money if they want fast loading times, by not having to pay for and manage a separate CDN. Not just the cost of the service, the time it saves too. I assume your time is not worthless.

Re:

[jmccue]

Cloudflare saves the website operator a lot of money, purely on bandwidth costs

I have no reason to doubt this, all I know is half the WEB sites I go to I get a captha. And with minor eye issues, it takes me 4 or 5 tries on a good day. If the capthas were gone, then I would not care. As I said, now if I get a captha never go to that site.

Re:Cloudflare has been doing some shady shit.

[tlhIngan]

I have no reason to doubt this, all I know is half the WEB sites I go to I get a captha. And with minor eye issues, it takes me 4 or 5 tries on a good day. If the capthas were gone, then I would not care. As I said, now if I get a captha never go to that site.

Stop using shady exit nodes then.

TOR and VPNs are blocked because guess what? Sh*tty people do sh*tty stuff with them. CloudFlare notices some IPs generate a ton of crap traffic and blocks them. Problem is, legitimate users of them have to suffer.

Such is the nature of what TOR and VPNs provide - but in general, you'll probably find legitimate traffic to be far lower than the crap traffic for obvious reasons so any TOR or VPN traffic will get blocked in short order.

If it's security between you and your ISP, then an option is to run your own VPN - get access to an SSH server and use SSH to proxy your connections. You'll probably find it's much more acceptable since unless others are doing the same, it'll be a clean IP.

Re:

[Kisai]

AI isn't going to kill Cloudflare. Cloudflare sucks, ignores "valid" DMCA claims and sends victims contact information to their abusers.

Cloudflare pretends they are following the DMCA, but they aren't activating any brain cells, they assume that DMCA's are from legitimate sources to "mistakes" when the reality is that DMCA claims come a mixture of legitimate and fake sources and mostly target people who know they are doing something illegal and don't care.

The only way to get Cloudflare to take action is to

Re:

[RazorSharp]

For like 99% of sites there is no need for Cloudflare.

This isn't true at all. Perhaps you don't realize it, but most sites you go to that are proxied through Cloudflare do not serve up the captcha's you're complaining about.

The fact is that unless you're a security professional, Cloudflare and competing services are crucial to maintain a server on the web. Even if you are a security professional it'll save you a ton of money and time.

Try this: Go buy a cheap VPN and set up a LAMP server with any common CMS. Check your logs in a day. Check your logs in a week.

Good netizen

[markdavis]

Interesting to note: They are primarily enforcing law and with geolocation to only affect the areas required. Looks like they will fight anything they think is not grounded in law and clearly supported, and take a very anti-censorship position. Very much different than what we have seen from many other bad netizens.

The referenced PDF is a good read.

Re: Good netizen

[guruevi]

Yet they respond to ostensibly specious DMCA requests. Theyâ(TM)ve more and more taken the stance that supports a censorious approach depending on the content whether that is to defend certain political or commercial interests. Truly neutral parties would say: we are a proxy, go after the place of origin. Instead theyâ(TM)ve become through their DNS and VPN offerings just another Internet police.

Power corrupts, absolute power corrupts absolutely, CloudFlare has a âdo no evilâ(TM) stance

Content-neutral my ass

[Rosco P. Coltrane]

Cloudflare is a content-neutral Internet infrastructure service

Try to hit any website behind CloudFlare from a TOR exit node, see how content-neutral it is. It's death by a thousand captchas.

It also cut support to various extreme right and terrorist organizations. Not saying it was the wrong thing to do, I'm saying it's not content neutral: CloudFlare very much reserves the right to stop serving you if they don't like what you do.

Re:

[AmiMoJo]

Website operators can choose how much defence they want. Above a certain threshold, Tor and VPN users get hammered with captchas. It's hard to blame them, a large proportion of the abuse comes from Tor and VPNs, and while it annoys you, it's extra work and expense for them.

Cloudflare is mostly doing a reasonable job in terms of implementing legal requirements, and blocking the worst abuse like underage pornography. No company can be a free speech absolutionist - just look at what happened to Twitter, or any

Re: Content-neutral my ass

[topham]

I use cloudflare for a couple sites.

Almost nobody that uses the site has to do the captchas, or gets cloudflare messages of any kind.

98% of the time the users on my site are unaffected. The bots, fake search engines and the like just trolling to spam users or clone sites however get blocked the majority of the times.

Not stopping using them any time soon.

Cloudflare blocks alternative browsers

[xack]

If you try running an "ungoogled" Chromium or some other custom build (such as builds of Chromium with Windows XP support) it will infinity loop you on their turnstile which affects many popular sites. Cloudflare is Google's monopoly enforcer and many Linux distros have been forced to change browsers because of it. With a showdown over ublock, Firefox and YouTube I won't be surprised if Google acquires Cloudflare soon and creates a Google proprietary internet AOL style. They may have backed down on Web envi

Re:

[quonset]

Cloudflare is Google's monopoly enforcer and many Linux distros have been forced to change browsers because of it.

Apparently I'm not going to those sites because I have never had any issue with any site I visit while using Mint and older version of Firefox. Not one.

Re:

[jonwil]

I use SeaMonkey (very obscure browser in 2023 for sure) and it works just fine on every Cloudflare site I visit, no blocks, no capchas that dont work, no problems.