Cloudflare concerns

Why should Cloudfare—or any “gatekeeping” web service with so much power — be trusted?

When you visit a Cloudflare protected site, your HTTPS connection ends at Cloudflare’s server. Cloudflare then decrypts your transmitted data, inspects it, then re-encrypts it and forwards it to the actual website.

Cloudflare holds the TLS certificate and is able to read everything as plaintext, including your passwords, form fields, etc.

After Snowden brought NSA’s PRISM to light, it would be surprising if the NSA is not harvesting the traffic passing through Cloudflare’s servers and have placed them under a gag order, like they have previously done with Google, Apple, Microaoft, etc.

For everyday users, escaping State-sponsored surveillance and maintaining security against State actors is next to impossible at this point, which is why I’m getting close to giving up the various Inconveniences that come with using GOS, and just switching to an iPhone with lockdown mode as my daily driver.