February 2019 Summaries
33 posts from Cloudflare
Filter
Month:
Year:
Post Summaries
Back to Blog
The article discusses how the explosion of cloud services has made it challenging for governments to conduct law enforcement investigations due to data being stored outside their home borders. It mentions that countries have taken matters into their own hands, proposing laws mandating that important data about their citizens remain in-country and can be easily accessed when requested. The article also talks about the U.S. CLOUD Act, which aims to allow governments that protect their citizens' due process rights and civil liberties to get access to electronic content related to their citizens when conducting law enforcement investigations, wherever that data is stored. It further discusses how other countries like the UK and EU are also moving forward with proposals providing law enforcement agencies authority to obtain information related to their citizens across borders. The article concludes by stating Cloudflare's principles for handling requests from non-U.S. law enforcement authorities, including requiring due process, providing notice, protecting privacy and user rights, and being transparent.
Feb 28, 2019
1,670 words in the original blog post.
Cloudflare has published a blog post detailing its approach to addressing content-related complaints and law enforcement requests for its various products and services. The company receives abuse reports and law enforcement requests on fewer than one percent of the more than thirteen million domains that use its network, with most complaints being about copyright violations or other intellectual property rights. Cloudflare's policy is to provide building blocks for content sharing in a content-neutral way and maintain transparency regarding its policies and responses to requests. The company considers factors such as its interaction with website content, the type of action requested by law enforcement or private complainants, applicable laws and regulations, and the scalability of its response process when addressing complaints. Cloudflare's approach varies depending on the product or service involved and may include actions like placing warning interstitial pages in front of specific phishing content, disabling access to content in response to valid legal takedown requests, or forwarding complaints to website owners and hosting companies for action.
Feb 27, 2019
2,748 words in the original blog post.
On February 26th at 4:00 PM, Connor Peshek and Andrew Fitch released the second edition of "The Serverlist". This publication provides updates on serverless technology, offers developer tutorials, encourages discussions among serverless developers, and highlights upcoming meetups and conferences. To receive future editions directly in your email, sign up using the provided link while ensuring that your privacy is respected.
Feb 26, 2019
65 words in the original blog post.
Cloudflare has been reflecting on its approach to handling problematic content online after terminating services for the Daily Stormer website in 2017. The company engaged with various groups, including human rights organizations and tech companies, to understand different perspectives on addressing troubling content at different levels of the internet stack. It found that the world is moving away from viewing the internet as a neutral platform for expression and accessing information, with many governments and constituents wanting it cleaned up of problematic content through any technical means necessary. Cloudflare believes there are ways forward to address risks online while maintaining the internet's promise as a forum for communication, commerce, and free expression. It sees a fundamental split between services that substantively touch content (content curators) and those that do not (infrastructure services). The company supports different expectations for these two types of services and believes in providing infrastructure services in a content-neutral way. Cloudflare is working on operationalizing its view by considering how different laws apply to it on a service-by-service, and function-by-function basis.
Feb 26, 2019
2,101 words in the original blog post.
Cloudflare attended a roundtable meeting in Brussels, convened by the European Commissioner for Digital Economy and Society, Mariya Gabriel, with all signatories of the Tech Leaders’ Declaration on Gender Balanced Company Culture. The company joined this initiative late last year and is committed to taking action to close the digital gender divide in skills, technology development, access, and career opportunities. Companies involved have committed to implementing five specific actions to achieve equality of opportunities for women: fostering an inclusive company culture, recruiting and investing in diversity, giving women a voice and visibility, creating future leaders, and advocating for change. The project allows companies to exchange ideas and best practices, as well as discuss challenges faced. Cloudflare has put significant effort into its diversity and inclusion programs, including gender, with initiatives such as the Cloudflare Aware (Diversity & Inclusion) Programme and partnerships with external organizations like Toastmasters. The company is also keen to speak to women from an engineering background and supports the UK Tech Talent Charter.
Feb 26, 2019
750 words in the original blog post.
Cloudflare has introduced Logpush, a new tool for uploading logs to cloud storage providers such as Amazon S3 or Google Cloud Storage. The service is currently available in Early Access for Enterprise domains. Logpush aims to simplify the process of downloading and uploading logs by pushing them directly to the desired destination, saving customers from writing scripts to repeatedly download logs using the Logpull API. Currently, Logpush works with Amazon S3 and Google Cloud Storage, but more popular destinations are expected to be added soon.
Feb 25, 2019
596 words in the original blog post.
Cloudflare has released its transparency report for the second half of 2018, detailing its practices regarding user data and interactions with law enforcement agencies. The company added three new "warrant canaries" to its list of things it has never done, which are intended to address changes in technology and global regulation. These include not modifying customer content at the request of law enforcement or another third party, not modifying the intended destination of DNS responses at the request of a third party, and not weakening, compromising, or subverting any of its encryption at the request of law enforcement or another third party. The report also includes new reporting on requests for user information from foreign law enforcement agencies and non-law enforcement government agencies.
Feb 25, 2019
1,907 words in the original blog post.
Cloudflare has made significant strides in enhancing the security of Border Gateway Protocol (BGP) Internet routing through its involvement with Resource Public Key Infrastructure (RPKI). The company aims to make it easier for network operators to deploy RPKI, a framework that allows networks to use cryptography-validated information. Currently, around 70% of Cloudflare's network is filtering invalid routes using their custom software called GoRTR and the RTR protocol. They have also developed OctoRPKI, a Relying Party written in Go, which provides control over route validation. These tools are designed to help networks easily deploy RPKI and contribute to making the Internet more secure.
Feb 24, 2019
855 words in the original blog post.
In this text, Dave Steer reflects on his first year at Cloudflare, a company dedicated to building a better internet through its platform of products and solutions. He highlights the importance of trust in their business model, as well as the fusion of mission and product that sets them apart from other companies. Steer also emphasizes the satisfaction of shipping innovative new products and the significance of a strong company culture at Cloudflare. The author concludes by expressing his honor to work with such an amazing team and encourages others to join their Product Marketing team.
Feb 23, 2019
797 words in the original blog post.
On February 22, 2019, Cloudflare announced the availability of its domain registrar service to all users. The company launched the product in September and has since been gathering feedback and making improvements. One key feature is one-click DNS security, which helps prevent attacks by adding a chain of trust to DNS queries. Since launching this feature, 25% of domains on Cloudflare Registrar now use DNSSEC. The company also reported that users prefer manual approval over waiting five days for domain transfers. Additionally, gTLDs continue to dominate registrations, with a slight shift expected as the company expands into more ccTLDs. Currently, Cloudflare supports 246 TLDs on its Registrar and is working to add more.
Feb 22, 2019
823 words in the original blog post.
The United States FBI has warned organizations about an increase in attacks exploiting vulnerabilities in Remote Desktop Protocol (RDP). To address this issue, Cloudflare has introduced a solution that enables secure RDP connections without compromising security or performance. Cloudflare Access integrates with identity providers to enforce password strength and rotation requirements for RDP connections, while Argo Tunnel secures RDP ports by routing all requests through the Cloudflare network. This solution helps protect remote desktops from unauthorized access and ensures that only authorized users can connect over RDP.
Feb 21, 2019
637 words in the original blog post.
Developer Week Bay Area is taking place this week with Cloudflare engineers and developer relations team members delivering several talks in San Francisco and Oakland. The event includes partnerships with the WebAssembly SF meetup group for three talks on WebAssembly, npm, and genomics tools at Cloudflare HQ in San Francisco. Additionally, there are serverless talks happening in downtown Oakland, including "How Workers Work," "Security: the Serverless Future," and "Building a Serverless World (Map) with IoT and Workers." Lastly, Cloudflare will be present at Developer Week Bay Area, presenting on Single-Process Serverless, Building an Iot World (Map) with Serverless, and Make Your Existing Application Serverless.
Feb 20, 2019
194 words in the original blog post.
Bot-powered credential stuffing poses a significant threat to the modern internet, as it attempts to take over user accounts by assaulting password forms with stolen credentials. Cloudflare has developed a suite of technologies grounded in machine learning (ML) to combat bots. The article discusses three stages that companies go through when infusing ML into their DNA: Business Intelligence, Standalone Machine Learning, and Machine Learning Productization. It provides an example from the dental insurance industry to illustrate these concepts. Cloudflare uses ML to address bot attacks on its network by analyzing data from 13 million domains and employing a state-of-the-art model to predict automated credential stuffing and other bot attacks. The company is also working on developing an algorithm to predict which companies will be attacked next, allowing for proactive protection against potential threats.
Feb 20, 2019
1,302 words in the original blog post.
Cloudflare is working on a new feature that will allow users to deploy their Cloudflare Workers to a custom subdomain-of-their-choice.workers.dev. This move aims to make it easier for developers, especially those without an existing Cloudflare domain, to get started with building and deploying serverless applications using the platform. The company's mission is to help build a better internet by providing equal access to scalable infrastructure for all developers, regardless of their size or resources. To claim your subdomain on workers.dev, users need to verify their email addresses, which will also be used to notify them once they can deploy their first Worker.
Feb 19, 2019
563 words in the original blog post.
The article discusses TCP socket splicing API, a promising technology that can potentially revolutionize data-heavy applications like software proxies. It explains how proper TCP socket splicing reduces the load on userspace processes and enables more efficient data forwarding. The author also delves into the history of L7 proxies and their birthing pains, highlighting the limitations of existing methods such as sendfile(2), splice(2), and vmsplice.
The article then introduces SOCKMAP, a new eBPF machinery for socket splicing introduced in Linux Kernel 4.14. It explains how to use SOCKMAP and its benefits, including the fact that data is never copied to userspace, there's no need to wake up the userspace program, and all the action is done in the kernel.
However, despite these theoretical advantages, the author found that SOCKMAP was not ready for prime time yet due to poor performance, high jitter, and a couple of bugs. The article concludes by expressing excitement about the potential of eBPF interfaces and their ability to offload TCP splicing to the kernel.
Feb 18, 2019
2,259 words in the original blog post.
The text discusses a new open-source utility called "cf-terraforming" which enables users to easily convert their existing Cloudflare configurations into Terraform-compliant configuration files. This tool is designed to simplify the migration of complex Cloudflare setups, records, resources and rules into Terraform format. It supports all resource types that can be managed via the official Cloudflare Terraform provider. The utility requires a working Golang installation and a Cloudflare account with some defined resources. Users need to provide their Cloudflare credentials, zone information, and the resource type they want to export. Cf-terraforming is available on GitHub and users are encouraged to provide feedback or contribute to its development.
Feb 15, 2019
732 words in the original blog post.
In the world of SEO strategies, both subdomains and subdirectories have their merits and trade-offs. While setting up subdirectories is straightforward on basic websites, modern sites often require additional configuration due to various remote services. Subdomain setup, however, is relatively easier for sites hosted on cloud-based platforms.
In terms of SEO, Google treats subdomains and subdirectories equally. However, using subdomains can lead to keyword dilution and backlink dilution, which may affect a site's search rankings negatively. Subdirectories, on the other hand, concentrate keywords onto a single domain, boosting root domain authority and leading to better search rankings.
For startups or small businesses looking to optimize their SEO, using subdirecties over subdomains is recommended. This approach helps in building stronger root domain authority by concentrating keywords and backlinks on the main domain.
Feb 15, 2019
1,120 words in the original blog post.
In this text, the author discusses how to implement a subdirectory strategy using Cloudflare Workers instead of NGINX for routing traffic from subdirectories to remotely hosted services. The author provides an example script that proxies traffic from a subdirectory (bobtopia.com/blog) to a hosted Ghost blog endpoint (bobtopia.coolghosthost.com). The script handles requests for HTML documents and assets required by the document, ensuring that the browser still thinks it's on bobtopia.com. The author also mentions a caveat about the current implementation and suggests a more general solution involving modifying the blog asset block to handle asset requests without using paths. Finally, the author encourages readers interested in deploying Cloudflare Workers to reserve a workers.dev subdomain or add Workers to their existing website on Cloudflare.
Feb 15, 2019
917 words in the original blog post.
On February 14, 2019, the U.S. Court of Appeals for the Federal Circuit affirmed a lower court decision dismissing the patent infringement case brought by Blackbird Tech against Cloudflare. This marks the end of a two-year legal battle that began in March 2017. Despite the swift and decisive ruling, the process was costly and time-consuming for both parties involved. The case highlights the dysfunctional nature of patent trolling and the appeal of quick settlements for those sued by patent trolls. Cloudflare's efforts on Project Jengo aimed to change this long-term calculus and help others facing similar situations in the future.
Feb 14, 2019
907 words in the original blog post.
Kassian Wren from Cloudflare shares their experience of creating a light-up Data Center map using over 100 LEDs tied to the deployment state of each data center. The map is designed for portability and updates, debuting at SF Developer Week in February. The project utilizes Serverless technology, with Workers KV data stores used to store information about data centers and their representation on the map. Two APIs were developed around the data centers, allowing rapid deployment of serverless Workers across the world for quick access to updated data. The physical architecture of the sign will be discussed in a future post.
Feb 14, 2019
798 words in the original blog post.
Cloudflare, an Internet infrastructure provider, recently dealt with a fake abuse complaint from an entity claiming to be the "New Jersey Office of the Attorney General." The company forwarded the complaint to the website host and provided contact information for the hosting provider. Upon further investigation, they identified several anomalies in the complaint that raised questions about its legitimacy. Later, the New Jersey Attorney General's office confirmed that the complaint was fake. This incident highlights the importance of carefully handling abuse complaints and requests from law enforcement to prevent bad actors from gaming the system. Cloudflare will continue exploring ways to minimize the possibility of their abuse process being abused by malicious parties.
Feb 13, 2019
1,093 words in the original blog post.
Cloudflare has launched "The Serverlist" newsletter, focusing on serverless technology. It covers news updates, tutorials, and events related to the serverless space. The first edition of this newsletter can be viewed, and interested developers can sign up for future editions delivered directly to their inbox while ensuring privacy.
Feb 12, 2019
93 words in the original blog post.
In this text, Mike Genstil from Cloudflare discusses their collaboration with IBM in building a better Internet. They joined forces last year and have since brought several leading brands onto the Cloud Internet Services (CIS) platform. The CIS has been used for various purposes such as high availability across regions, ensuring performance during high traffic events, and greater availability and performance for Internet-facing workloads. At IBM Think customer conference in San Francisco, they are excited about the opportunities ahead. They also introduced new features to the CIS suite of security and performance features, including robust analytics and forensics, protection and acceleration of non-HTTP traffic, and serverless computing benefits through CIS Edge Functions.
Feb 11, 2019
756 words in the original blog post.
Cloudflare has introduced a new feature called "Access Service Tokens" which extends the same level of access control provided by its Cloudflare Access service to automated tools, scripts, and bots. This is achieved through the use of JSON Web Tokens (JWTs) that are generated when a request is made to a site behind Access. When a bot sends a request with unique Client ID and Secret credentials as headers, Cloudflare validates them instead of redirecting to an identity provider. Service tokens can be created within the Access tab of the Cloudflare dashboard, and their usage is demonstrated through a chatbot example that securely accesses data behind Access.
Feb 07, 2019
546 words in the original blog post.
Web performance is crucial for businesses as it impacts revenue, user engagement, and SEO. Cloudflare offers services that boost speed and performance, making it faster than competitors in terms of accelerating performance. Studies show that a two-second delay in page rendering can lead to a 4.3% loss in revenue per visitor, while an additional second of load time reduces conversions by 7%. Customers using Cloudflare have reported significant improvements in response times and page load speeds, leading to increased user engagement and higher conversion rates.
Feb 06, 2019
589 words in the original blog post.
In this final part of a six-part series, John Graham-Cumming shares his experience as the Chief Technology Officer (CTO) at Cloudflare. He initially joined as a programmer and later took on managing engineering responsibilities temporarily. Over time, he transitioned from writing code to encouraging others, recruiting leaders for various teams, and handling sales. As CTO, Graham-Cumming emphasizes the importance of marketing technology through blog posts and direct customer engagement. He also mentions that while he may not be the source of all technical wisdom in the company, his experience can help guide the organization's technological direction. The key takeaways from his experience include being audacious, sharing widely, working hard, finding the right people, creating teams, rewriting code, panicking early, and remaining humble.
Feb 06, 2019
957 words in the original blog post.
Cloudflare, a company that provides security and performance services, has been working to ensure compatibility with various public cloud providers, including Microsoft's Azure platform. They have developed an Azure application for their Argo Tunnel service, which establishes encrypted connections between the origin and Cloudflare edge. Additionally, they are promoting SSL issuance and renewal for Azure's serverless Static Web Hosting service, making it remarkably easy to secure websites hosted on this platform. Lastly, they have created a free DNS resolver, 1.1.1.1, which improves DNS response times and is future-proofed for emerging security protocols. Cloudflare continues to monitor the performance of these services on Azure and plans to introduce further support in the future.
Feb 05, 2019
394 words in the original blog post.
In this blog post, John Graham-Cumming discusses the importance of people in creating successful software companies. He emphasizes that finding and nurturing talent is crucial for a company's success. The author shares his experience with interviewing potential candidates and highlights the significance of assessing their curiosity and communication skills rather than just relying on qualifications. Additionally, he talks about the importance of letting go of underperforming employees and creating diverse teams to foster innovation and productivity. Lastly, Graham-Cumming mentions that helping people do their best work should be a manager's primary goal.
Feb 05, 2019
1,086 words in the original blog post.
Devin Davis, an employee at Cloudflare, shares his thoughts on building a better internet and fostering diversity within the company. He highlights the importance of having uncomfortable conversations to promote growth and inclusivity. The Afrocultural community at Cloudflare aims to create a sense of belonging and empowerment for its members. They have formed a group called "Afroflare" to discuss issues such as workplace diversity, Afrocultural pride, and strengthening resumes for young African Americans in the tech world. Davis emphasizes that these conversations need to extend beyond their community and involve other individuals and organizations to create positive change.
Feb 04, 2019
562 words in the original blog post.
In this part of the series, John Graham-Cumming discusses how Cloudflare thinks about open source software and patents. He explains that while they don't believe any single line of code provides them with a long-term advantage, they do open source some generic pieces of software when it makes sense for others to use them. The company also holds patents defensively to prevent others from using the patent system against them. Additionally, Cloudflare engages with governments early on to help shape policies that affect their business and encourages people to engage in the political process rather than demanding corporations act as gatekeepers.
Feb 04, 2019
1,163 words in the original blog post.
In this blog post, John Graham-Cumming discusses the evolution of Cloudflare after the Cloudbleed incident. He highlights how they moved away from memory-unsafe languages like C and C++ to more secure ones such as Go and Rust. The author also talks about the successful launch of their public DNS resolver, 1.1.1.1, which was a result of audacity, good relationships with various groups around the world, and a diverse workforce. Graham-Cumming emphasizes the importance of having a simple architecture that can scale easily and be updated quickly. He also discusses how rewrites are necessary as software use grows exponentially, making it difficult to anticipate future needs accurately. The post concludes with an overview of his role as Cloudflare's CTO and the various challenges he has faced while working there.
Feb 03, 2019
980 words in the original blog post.
In this blog post, John Graham-Cumming shares his experience dealing with the serious security issue known as "Cloudbleed" that affected Cloudflare in 2017. The company had been leaking memory from its machines into responses returned to web browsers, potentially exposing sensitive information. Google's Project Zero discovered the leak and informed Cloudflare, which quickly stopped it. However, the cleanup process was massive as they had to find what had been leaked and request search engines to delete cached data. The company faced uncertainty about its survival but ultimately found no evidence of exploitation and gained customers who appreciated their openness during the crisis.
Feb 02, 2019
1,011 words in the original blog post.
John Graham-Cumming shares his journey of joining and growing with Cloudflare. He started as a lone member in the London office, which has now expanded to almost 200 people. His path to Cloudflare began with writing an open source machine learning email filter program called POPFile, speaking at conferences, and staying connected with Matthew Prince, CEO of Cloudflare. Today, he serves as CTO of the company. Graham-Cumming emphasizes the importance of sharing knowledge through open source projects, public speaking, and collaboration. He also discusses the challenges faced by startups and the need for honesty in acknowledging difficulties.
Feb 01, 2019
1,015 words in the original blog post.