The US govt is VERY interested in knowing exactly who uses Torproject’s Tor and CloudFlare provides that info to them as a business model.
What’s so scary about Cloudflare?
They specifically target for surveillance journalists and activists
seeking anonymity and privacy. In this case they don’t JUST DNS the site providing TOR email services … allegedly for dDos prevention, they OWN IT, and they brag about their ‘direct peering’ with Mail2Tor too:
They’ve been found spying on Ferguson Black Lives Matter and NoDAPL organizing sites and many more. See my tags for more about the activist sites Cloudflare stalks for the US government, and a backgrounder.
For those of you who might think me a bit paranoid it was recently noted that Edward Snowden’s Dox about the NSA shows they have an interest in the practice of stalking internet nameservers, referred to operationally as “MoreCowbells”, and for those not familiar with Cloudflare it might be best to start here with Yasha Levine’s seminal 2011 article at the eXiled
CloudFlare’s CEO Matthew Prince made a weird, glib admission that he decided to start the company only after the Department of Homeland Security gave him a call in 2007 and suggested he take the technology behind Project Honey Pot one step further…
And that makes CloudFlare a whole different story: People who sign up
for the service are allowing CloudFlare to monitor, observe and
scrutinize all of their site’s traffic, which makes it much easier for
intel or law enforcement agencies to collect info on websites and
without having to hack or request the logs from each hosting company
separately.
Two of ISIS’ top three online chat forums are currently guarded
by CloudFlare and law enforcement HAS NOT asked them to stop
Yesterday I tweeted:
Apparently the NSA makes SPECIAL NOTE of people who talk about exterminating them as traitors. All of a sudden I was seeing retweets by accounts that look quite real but if I scrolled down a way I’d find tweets duplicated by those accounts (Try @williamjones691& @ArinaBibi31 at Twitter). These accounts are apparently taking live accounts of interest and interspersing them with links to ‘news’ at sites such as ‘toptidingsDOTnet’ which research shows is DNS-ed by Cloudflare.
This is how “Honeypots” operate.
My initial tweets when I first noticed the stalking are here. The follow up series of tweets I’m basing this post on, with some more information about one of the stalking accounts, is here.
A link to my Tumblr postings about the topic including info on Cloudflare’s stalking of FergusonAction (contacted via twitter regarding this and never responded), DearPutinDOTcom, and a seminal article on Cloudflare by Yasha Levine of the eXiled.
Wikipedia’s entry about Cloudflare(links to the ISIS note). CloudflareWatch now CrimeFlareWatch “Uncovering bad guys hiding behind CloudFlare”, because those bad guys are mostly honeypots-in-disguise, and Cloudflare is hosting literally a million of them… 1,001,992 to be (almost) exact.
I clicked on the shorturl which redirected me to FergusonActionDOTcom.
At the same time my always-suspicious self began wondering who was responsible for the site, so I did a lookup @DomainTools. What I discovered is FergusonactionDOTcom uses Cloudflare’s dedicated domain name servers, ostensibly for dDos circumvention.
I’ve blogged at length about Cloudflare’s connection to US federal Domestic Spying before. Most recently in the case ofHushmail’s use of their serviceswhen one logs in via Tor or any other means of masking your computer’s location making it seem far away from where you actually are, to verify the user, the new PirateBay… “Officially Back Online, but different!”, DearPutinDOTcom. A site alleged to be collecting signatures to ‘apologize’ to Russia’s president Vladimir Putin for all the ‘bad things’ the western media is saying about him, and imprisoned journalist Barrett Brown’s Project PM site(after his arrest), which researched US companies who contract with the federal government to spy on US citizens
When one uses a dedicated domain name server whose owner is also caching your whole site for dDos prevention there is NOTHING to stop the DNS owner from logging every… single… bit of information about YOUR communications with the site they’re ‘protecting’, and you can be absofuckinglutely sure Cloudflare IS doing that. Be forewarned.
I DID attempt to contact Fergusonaction via their Twitter account in regard to this:
At the time of this posting, over two hours later, I’ve received no reply about it from anyone responsible. The “Crickets are chirping”.
Ps. I did some more research and discovered that FergusonAction’s link to the “Ferguson Movement Infrastructure Fund” requests that donations be sent to the Chicago-based “SustainUS” which is a young person’s “NGO” run by a white man, Adam Hasz, and is dedicated to sustainable environment and other “Green” issues more related to the American middle class than any impoverished community. If anyone understands the ‘coding’, “Green” means gentrification and redevelopment when it comes to city planning.
BEWARE! FergusonAction MAY NOT be what it appears, and it IS utilizing a domain name service KNOWN TO BE MORE THAN WILLING TO SPY ON AMERICANS.
There’s some more info, including links to info about Adam Hasz and SustainUS and a link to a video of Adam Hasz speaking at the Rio+20 Sustainable Environment conference, at this series of tweets.
If you’re concerned with email privacy and Cybersecurity, or just want to be astounded and aghast at the level of domestic surveillance on the internet today, do note that allegedly secure “Hushmail” (hush.com) ♥s Cloudflare for it’s “Security Question” when one tries to log in using Tor.
Cloudflare has a long history of voluntarily cooperating with the US government including the data collection for “Honeypots” such as Dearputin.com, and managed to arrange ‘dDos prevention’ page caching/redirection of jailed journalist Barrett Brown’s Project PM site after his arrest. Details
"The more I make love, the more I want to make revolution. The more I make revolution, the more I want to make love.” ::: "I love you!!! Oh, say it with paving stones!!!" ~Graffiti, Paris May 1968
