Nostr Web Client

Replying to

SimplifiedPrivacy.com

Proton uses Cloudflare

The VPN traffic, which sees your real home IP (and packet size and timing), flows through Cloudflare to Proton.

This is an undeniable conflict of interest, because the websites you're hiding from are also on Cloudflare.

In this epic meme slide show "article" with humor, we quickly present the critical facts you need to know,

https://simplifiedprivacy.com/proton-vpn-and-mail-use-cloudflare/outright-negligent-harm.html

If you care about freedom tech, please share my words. Because "giving a shit" is the only way things will ever change.

Anon 6mo ago

I thought Cloudflare was just an HTTP forwarder, no?

When I connect to ProtonVPN via my OpenVPN client, it hits port 1194 (by default) on one of their worldwide servers. It’s just a UDP connection, but I don’t think it passes through Cloudflare.

My HTTP request to a website then rides on top of that UDP connection. The website is hosted at Cloudflare, so Cloudflare will see the IP address of some Proton server in the Netherlands, let’s say, but how would Cloudflare be able pierce the veil and see my real IP in San Diego?

The bigger concern to me is that Proton sees the hostname of every site I visit since it’s the one part of the SSL (HTTPS) connection that isn’t encrypted.

Reply to this note

Please Login to reply.

Discussion

SimplifiedPrivacy.com 5mo ago

They are far more than just http forwarding, it's data collection for DDoS primarily, but there are risks and issues. At the end of the day what does privacy even mean if a single provider sees so much. Regarding the IPs, here it's hitting them up on the initial client coordination, and then yes, it can tunnel direct without seeing CF. But there are risks of timing here.

Please see this article for in general the issues with CF:

https://simplifiedprivacy.com/why-and-what-is-arweb/arweave-website-creator.html