Squabble to move apt.freedom.press (and friends) behind cloudflare


#1

As the title states. I’d like to discuss any security/privacy implications of our securedrop public apt repo moving behind Cloudflare. This is not a set decision but an open discussion if the FPF team decided to move in that direction.

The benefit to the team I see it is:

  • DDoS protection,
  • Adversaries lose ability to track machines connecting to apt.freedom.press solely by IP address (obviously they can still use DNS)
  • Easier management of SSL certificates on the operations side

Potentially down-sides:

  • Privacy implications of cloudflare man in the middling our apt traffic (i dont see security implications here besides replay attacks since our apt repo is signed)
  • ?

Please start your squabble engines


#2

@mike since nobody is inclined to disagree, I feel this is my duty to do something about it. IMHO adding a dependency to cloudflare has the following additional down-sides:

  • dependency to a proprietary service
  • introducing a new intermediary to all SecureDrop installations updating from apt.freedom.press

Voila!


#3

I’d like to chime-in that while Cloudflare is proprietary, they are an AWESOME company. Bezosian greed is not the only reason companies opt to not go open-source, and Cloudflare are good folks whose service I’m glad exists.

Product teams gotta eat, and supporting the for-profit/proprietary companies that do exist, whom are also committed to ethical business practices and community, is the right thing to do. A few exist, and the reasons for not always going open-source are varied and complex. I also do work for a drone company whose products are proprietary… and their reason, is to KEEP businesses who want to serve evil defense industry interests, away from their tech. So: proprietary-ness can go the other way, too.

Usability and excellent service require human labor, and laborers need to be paid. Especially women and people-of-color… and restricting one’s use to open-source software, is also restricting one’s use to products mostly made by people with the financial privilege to donate a lot of their time (so, not many women or folks from marginalized communities). That’s its own can of problem worms, right there.

The argument to only use other open-source products as a statement of activism, imho works against product makers—ESPECIALLY in open-source.

Few open source products are the best products available. As an org that makes products, we have a duty to our users to immerse ourselves in the best product experiences possible, to raise our own expectations of what we should be putting out into the world for our users. I want to see open-source products take marketshare from the greed-mongers, but that won’t happen unless open source teams leave our comfort-zones more than most do.

Sources and Journalists are communicating over FB Messenger, because it’s abundantly available and easy. That’s on us, for not making our far-superior product easier to use, and so awesome its ubiquitous. Ok, that’s a stretch—but those are the stakes, and why the bigger picture needs to matter, more.