December 2024 Summaries
16 posts from Cloudflare
Filter
Month:
Year:
Post Summaries
Back to Blog
The author of this project aimed to experiment with an e-paper display and explore its capabilities. They started by sourcing the necessary hardware components, including a Waveshare e-paper display and an ESP32-based universal board. The author then delved into understanding the ESP32 CPU family, which they found impressive due to its speed, power efficiency, and built-in Bluetooth and Wi-Fi capabilities. To render web content on the e-paper display, the author employed three layers of software: the ESP32 (Display Layer), Server A (Rendering Layer), and Server B (Content Layer). The ESP32 handled fetching data from the server, while Server A rendered the website into a bitmap format suitable for the e-paper display. Server B hosted the actual website with HTML and CSS content. The author used Cloudflare's Browser Rendering API to fetch web pages, which they then processed using Python in Cloudflare Workers. They also implemented dithering to prepare the bitmap for the ESP32. With this setup, the author successfully rendered a weather panel on the e-paper display, showcasing its potential for displaying dynamic content.
Dec 31, 2024
1,806 words in the original blog post.
The Internet protocol specifications are instructions designed for engineers to build things, with great care taken to ensure document quality through consensus and review from experts in the field. The standardization process is crucial for the reliability and security of the Internet. h3i is a binary command line tool and Rust library designed for low-level testing and debugging of HTTP/3, which runs over QUIC. It provides a flexible framework for testing and can be used to test various aspects of the protocols, including stream data split into STREAM frames sent in QUIC packets over UDP. The h3i tool allows users to exercise servers by sending malformed requests or invalid frame sequences, helping to determine if a server is acting robustly and defensively. It provides an interface for users to interactively input their own tests, with the ability to record and replay test cases using qlog. This makes it easier for developers to take advantage of h3i's capabilities, particularly for those who are not experts in protocol testing or Rust.
Dec 30, 2024
4,575 words in the original blog post.
Cloudflare has rolled out its cross-platform 1.1.1.1 & WARP applications and device agents to use MASQUE, a cutting-edge HTTP/3-based protocol for securing Internet connections. This update provides faster and more stable performance, aligning with Cloudflare's belief in building on open internet standards. The company also announced the general availability of its Digital Experience Monitoring (DEX) tool, which offers detailed device visibility with Remote Captures functionality. With MASQUE, users can enjoy increased security, stability, and compatibility with existing firewall and security rules, making it a more secure and resilient solution for Internet browsing.
Dec 27, 2024
1,184 words in the original blog post.
HTTP caching is a simple concept: serve cached responses if available, otherwise fetch and cache the response. Cache revalidation helps prevent too many requests from going to the origin server at once. A new approach uses probability to determine when to revalidate the cache. This approach can adapt to changing request rates and reduce the number of requests sent to the origin server, preventing cache stampede. The code implements this approach using a probabilistic function that increases over time as the expiration gap approaches, ensuring low latency and high performance while maintaining optimal cache utilization.
Dec 26, 2024
2,607 words in the original blog post.
As the year comes to a close, distinct changes in global Internet usage emerge. Year-end traditions shape online behavior across continents and cultures, with Christmas and New Year's Eve being the most significant offline moments worldwide. In many European countries, Christmas Eve and Day consistently register the biggest drops in Internet traffic, while in other regions, such as Asia and Africa, cultural holidays like Hanukkah, Eid al-Fitr, or New Year's Eve celebrations drive online patterns. The data highlights regional differences in how people celebrate the holiday season, with some locations showing significant dips in traffic during Christmas Eve dinner, Christmas Day morning or lunch, and others experiencing smaller declines or different patterns. The study provides a unique insight into how cultural traditions shape our relationship with technology, revealing that while the Internet connects billions, offline moments remain an essential part of human experience.
Dec 24, 2024
3,574 words in the original blog post.
Cloudflare Stream launched AI-powered automated captions to transcribe English in on-demand videos in March 2024. The Stream Product Manager experimented with using Workers AI to translate captions into other languages, including Spanish. Initially, the results were surprisingly quick and easy to implement, but evaluating translation quality proved challenging due to issues such as "copy-of-a-copy" effect, poor grammar, and punctuation. To improve translation quality, the experiment introduced a cue consolidator that groups translated sentences together, resulting in better output. The script returns the translated output in the format of the original VTT file with renumbered cues and properly formatted timestamps. The successful prototype demonstrated the potential of Workers AI for translating captions between multiple languages, but also highlighted challenges such as quality control, user interface design, and the need for team members familiar with target languages to evaluate translation results.
Dec 24, 2024
2,087 words in the original blog post.
Cloudflare observed a significant rise in DDoS attacks targeting political campaigns, parties, and election infrastructure during the 2024 global elections, with peaks reaching up to 96,000 requests per second in France and 156,000 rps in the UK. Internet traffic patterns often reflect a country's dominant device usage, with mobile-first nations experiencing notable drops after polling stations closed. Election-related Internet shutdowns were also imposed by authorities for various reasons, such as in Comoros and Pakistan. Cybersecurity challenges emerged during elections worldwide, with trends showing increased phishing, misinformation, and DNS traffic to news outlets reflecting heightened public interest. The 2024 election cycle underscored the growing need for robust cybersecurity measures to safeguard critical infrastructure and ensure free, fair electoral processes.
Dec 23, 2024
2,615 words in the original blog post.
Cloudflare observed significant Grinch Bot activity on Black Friday 2024, with 29% of traffic being from these malicious programs. The number of bot requests increased by 4x compared to 2021, and AI bots made up 1% of all bot traffic, generating 29 billion requests alone. Bots targeted customer accounts, leading to 63% of login attempts on e-commerce sites, and 14.1 billion requests from bots to /login endpoints. Residential proxy networks accounted for 22% of bot activity, making it challenging for traditional bot defense mechanisms to detect and stop attacks. To protect themselves, businesses need year-round bot protection and proactive strategies tailored to the unique challenges of holiday shopping. Cloudflare offers solutions such as Bot Management, account abuse detections, rate-limiting best practices, and automatic AI bot blocking features to help customers keep Grinch Bots at bay.
Dec 23, 2024
1,544 words in the original blog post.
OpenAI has announced support for WebRTC in their Realtime API, allowing developers to build experiences that weren't possible before, such as multiple users interacting with voice or video AIs simultaneously across the globe. This is made possible by combining OpenAI's Realtime API with Cloudflare Calls, which enables real-time audio and video interactions between users and AI models. The integration of WebRTC solves the problem of latency in real-time multimedia experiences, allowing for seamless streaming of audio and video data to and from AI models. With this technology, developers can invite ChatGPT or other AIs to their internal meetings, creating a secure and private platform for real-time interactions. The possibilities are vast, including interactive broadcasts and global livestreams, and the integration is made possible by Cloudflare's support for WebRTC and its own Call API.
Dec 20, 2024
978 words in the original blog post.
The Model Context Protocol (MCP) is an open standard that enables Large Language Models (LLMs) to interact with services and applications in a standardized way. It consists of several components, including MCP hosts, clients, servers, local data sources, and remote services. MCP allows LLMs to access tools, resources, and data from these components, enabling tasks such as generating images, sending messages, and deploying applications. The new workers-mcp tooling simplifies the deployment of MCP servers using Cloudflare Workers, allowing developers to build and deploy their own MCP server with just a few lines of code. This enables the creation of custom functionality for LLMs, such as image generation, without requiring extensive setup work. By combining MCP with Cloudflare Workers, developers can extend the capabilities of LLMs like Claude to build applications, generate images, and more, making it easier to interact with AI models in a standardized way.
Dec 20, 2024
1,280 words in the original blog post.
Phishing remains a persistent threat that attackers use various deceptive techniques to bypass security measures and target organizations, employees, and vendors across multiple communication channels. Cloudflare's integrated Zero Trust services provide extensive visibility from protecting approximately 20% of all websites and processing billions of email messages a year. The company's email security solution protects organizations before, during, and after message delivery while extending protection beyond email into the broader security ecosystem. By assessing holistic user risk and providing a unified dashboard for SOC teams to review detailed information regarding targeted users, attackers impersonating them, risky behaviors, and more, Cloudflare helps organizations combat phishing and identify insider threats. The solution also includes AI-driven predictive models that eliminate the need for creating and updating rules and provide automated isolation, blocking, and incident investigation capabilities. Looking ahead to 2025, Cloudflare plans to introduce additional capabilities that deepen the integration of its email security solution with its SASE platform, delivering enhanced insight and protection against user-based threats.
Dec 19, 2024
1,704 words in the original blog post.
The Cloudflare Radar team has successfully localized its platform to support 12 languages, marking its fourth birthday in September 2024. To achieve this, they applied internationalization principles, making the product ready for translation and adaptation into multiple languages and cultures. Localization involves adapting content for a region, including translation, imagery, and cultural elements that influence how content is perceived. The team used pseudo translation to detect hard-coded strings, externalized strings from the code, and implemented text expansion to accommodate language differences. They also addressed regional considerations such as date formats, number notations, list sorting, API localization, and search engine optimization. By setting up a project for internationalization using remix-i18next, they were able to load translated content dynamically based on user selection. The team emphasized the importance of collaboration between globalization and Radar teams, translator familiarity with the product, and continuous testing for consistency and industry standards. With this achievement, Cloudflare Radar is now available in multiple languages, providing a better experience for users worldwide.
Dec 16, 2024
3,840 words in the original blog post.
Cloudflare's AI Audit dashboard now allows users to quickly see which AI services are honoring their robots.txt policies, identify non-compliant services, and programmatically enforce these policies at the network level.`
This new feature provides visibility into how AI companies and services access content, helps customers define and enforce robots.txt policies, and reduces automated traffic to servers. The feature is live today for all Cloudflare customers, who can log in to their dashboard and navigate to their domain to begin auditing bot traffic from AI services and enforcing robots.txt directives.
Dec 10, 2024
683 words in the original blog post.
The Internet continues to play a vital role in people's lives, with billions relying on it for various activities. The top 10 most popular internet services globally in 2024, based on Cloudflare's observations and DNS trends, are Google, Facebook, Apple, TikTok, Amazon Web Services, Microsoft, Instagram, YouTube, WhatsApp, and eBay. Generative AI services like ChatGPT and GitHub Copilot have gained significant traction, with ChatGPT reaching the top 50 globally. Social media platforms like X, Snapchat, and Reddit continue to dominate, while e-commerce sites like Temu and Shein experience growth. The US elections and global events have influenced online activity, with some services experiencing a surge in popularity. Cryptocurrency-related services also see significant changes, with Binance regaining momentum. Gaming platforms like Roblox maintain their lead, while Steam experiences notable growth. The Internet's influence on daily life is evident, reflecting the need for these rankings to be updated regularly.
Dec 09, 2024
6,213 words in the original blog post.
The 2024 Cloudflare Radar Year in Review provides an overview of the Internet's patterns across multiple areas over the course of 2024. Key findings include a 17.2% growth in global internet traffic, with Google maintaining its position as the most popular internet service overall. Starlink traffic grew 3.3x in 2024, and Googlebot was responsible for the highest volume of request traffic to Cloudflare's network. The majority of mobile device traffic came from Apple iOS devices globally, while Android had a >90% share in 29 countries/regions. Nearly half of web requests used HTTP/2, with 20.5% using HTTP/3. React, PHP, and jQuery were among the most popular technologies used to build websites, while Hubspot, Google, and WordPress were among the most popular vendors of supporting services and platforms. Go surpassed NodeJS as the most popular language used for making automated API requests. Google is the most popular search engine globally, with 88% market share across all platforms. Google Chrome is the most popular browser overall, followed by Safari on iOS devices and Microsoft Edge on Windows devices. The top 10 countries ranked by Internet speed all had average download speeds above 200 Mbps, with Spain consistently among the top locations across measured Internet quality metrics. Nearly 41.3% of global traffic comes from mobile devices, while 20.7% of TCP connections are unexpectedly terminated before any useful data can be exchanged. Cloudflare mitigated 6.5% of global traffic as potentially malicious or for customer-defined reasons, with the United States responsible for over a third of global bot traffic. The Gambling/Games industry was the most attacked in 2024, followed by Finance. Log4j remained an active threat and was actively targeted throughout 2024. Routing security continued to improve globally throughout 2024, with a 6.4% increase in valid IPv4 routes and a 3.2% increase in valid IPv6 routes. An average of 4.3% of emails were determined to be malicious in 2024, with deceptive links and identity deception being the two most common types of threats found in malicious email messages. Over 99% of the email messages processed by Cloudflare Email Security from the .bar, .rest, and .uno top level domains (TLDs) were found to be either spam or malicious in nature.
Dec 09, 2024
9,500 words in the original blog post.
Internet traffic patterns during Black Friday and Cyber Monday revealed significant variations globally and regionally. In the US, Cyber Monday consistently led as the busiest day for global Internet traffic, followed closely by Black Friday. However, other countries like the UK and Germany saw higher traffic on Black Friday, while Australia ranked it third. The days leading up to Black Friday also experienced increased activity in many regions. On the cybersecurity front, DDoS attacks surged during Cyber Week, especially targeting shopping-related sites. The trends observed this year are consistent with previous years, likely due to factors like colder weather and holiday shopping periods. Cloudflare's analysis provides insights into internet traffic patterns and cybersecurity threats, offering a unique perspective on global online behavior.
Dec 03, 2024
2,011 words in the original blog post.