back to article Cloudflare is over the moon because its pro-privacy 1.1.1.1 DNS service got a clean bill of health from everyone's favorite auditor – KPMG

Two years ago, network infrastructure biz Cloudflare launched the 1.1.1.1 Public DNS Resolver, with the promise that internet users could use the service to surf the internet without being tracked - by Cloudflare at least. The biz positioned itself as a speedier, privacy-focused alternative to Google Public DNS, which operates …

  1. b0llchit Silver badge
    Boffin

    Not yet, at least

    "Cloudflare's business has never been about targeted advertising or selling user data," said CEO Matthew Prince

    That would fall in the category famous last words not yet. The problem is never with current management. It is always a problem with who will follow. Either an internal policy change or a big investor, who wants to squeeze the last cent out of it too. But then it is too late. Your infrastructure has been committed and changing it is hard and expensive.

    The lesson, that we all should have learned by now, is that a promise is just a promise. It does not say anywhere, how long that promise may last or is applicable. So, yes, good promise but use caution. Do not make yourself (too) dependent.

    1. Anonymous Coward
      Anonymous Coward

      Re: Not yet, at least

      Plus weren't KPMG the company involved in the HPE/Autonomy trial?

      OK, it looks like it may be the case that they only answered very specific questions but I can't help but wonder if they're the best people to audit anything any more...

      1. Anonymous Coward
        Anonymous Coward

        Re: Not yet, at least

        Maybe that's why it took 2 years... they customer actually *WANTED* an audit done!

        1. Anonymous Coward
          Anonymous Coward

          Re: Not yet, at least

          Cant upvote this enough

          1. Anonymous Coward
            Anonymous Coward

            Re: Not yet, at least

            KPMG did a real audit? Wow.

            Dealt with them back when there was a Netherlands Antilles, and they were the most corrupt bastards since The Vatican.

            Managing director told an underling to "thicken" a report because the binder was too thin and it cost the client half a million guilders.

            Underling refused, was fired, and new underling did as told.

    2. Graham Cobb Silver badge

      Re: Not yet, at least

      Good point, but I still commend Cloudflare for taking that (current) position.

      I am beginning to wonder if, with that position, using their DoH service might actually be better than rolling my own? I am currently intending to run a DoH service on my own (internet-visible) server, backed by my own recursive resolver (not forwarded to another resolver).

      However, that makes the fact that I (the server owned in my name, with a static IP, running DoH) am looking up that name visible to all the servers I touch during the resolution (and potentially visible to other players like the networks my server transits to get to those servers).

      If I use Cloudflare's DoH service then, obviously, Cloudflare know that I (or actually, my end device, which is probably behind carrier-grade NAT somewhere) looked up that name. But nothing else knows: my communication with Cloudflare is encrypted and the nameservers involved only know Cloudflare's DoH server looked up the name.

      Interesting that using their service might actually end up being more private than rolling my own.

      1. doublelayer Silver badge

        Re: Not yet, at least

        DoH to your own private server is only going to protect you from a potentially insecure local network as far along as your ISP. Of course, compared to standard DNS, it at least gives you that, but nothing more. Your server also has an ISP, and it can watch your standard DNS resolutions to figure out where you're going. If you didn't want to trust Cloudflare, the best way to maintain privacy is to make the server available to others, either a specific set of people to maintain a cap on resource usage or making the server public. Since this inevitably entails quite a bit of resource usage for others and since others don't know for sure that you can be trusted, that might not work as expected.

    3. HildyJ Silver badge
      Holmes

      Re: Not yet, at least

      I wouldn't worry so much about the future if Cloudflare was actually making a profit. Continued losses often lead to a search for new revenue streams which makes "not yet" seem far more ominous.

  2. Anonymous Coward Silver badge
    Childcatcher

    Poor old 8.8.4.4, overlooked again.

    P.S. dig dns.google TXT +short

    1. Gene Cash Silver badge

      8.8.4.4

      Yeah, but that's Google, which is definitely not pro-privacy.

      1. Anonymous Coward Silver badge
        Facepalm

        Re: 8.8.4.4

        I was only remarking that 8.8.8.8 is mentioned in the article but not its counterpart.

        1. Wayland Bronze badge

          Re: 8.8.4.4

          Sometimes being overlooked makes 8.8.4.4 better because less load on it.

  3. big_D Silver badge
    Facepalm

    Why?

    Instead, it took nearly two years because the accounting firms approached didn't have a playbook for this sort of technically-focused review of policy and practice.

    Then why not use an organisation that is specifically set up for IT security auditing? There are some good ones around and some have a long tradition in science and industrial auditing as well as IT, so they have a good reputation. TÜV springs to mind.

    1. chivo243 Silver badge
      Coat

      Re: Why?

      IMTech?

      My coat with a breached contract in the pocket...

  4. Anonymous Coward
    Anonymous Coward

    Carillion's favourite auditor... 'nuff said

  5. GrumpenKraut Silver badge
    Thumb Up

    "We've tried to design all of our products from the beginning that data held by us is a toxic asset,"

    That is a VERY good way of looking at data retention.

    1. Anonymous Coward
      Anonymous Coward

      Been trying to get this into Marketing People's heads for the last few years. Data Is A Liability.

      Just because you _can_ get that Excel spreadsheet with the email address, name, phone number, time and IP of everyone who opened your daft B2B email last week - doesn't mean you should. I don't care if "the Sales team" want it. In that case push that data through your CRM and restrict access to just those people.

      Do not request an XLSX: which gets generated by an Agency Developer, gets emailed to an Agency Account Manager, then emailed to you, then distributed by you to an ever-growing mailing list. Thus creating dozens, even hundreds of copies - dutifully backed up forever, any one of which could easily be left in a train, bus, taxi, hotel room at any time.

      Toxic Asset is a great way of describing it. Might start trying that one instead!

    2. Anonymous Coward
      Anonymous Coward

      I spent some time trying to convince a local authority that having a database that linked members of the public to names, emails and demographic information such as disability status and ethnicity, age and what school they attended, attendance at rehabilitation classes or drug and alcohol support services, was a really bad idea...

      Eventually they got it when we said we would need a guarantee that they would pay any data protection related fines if we were breached in any way, for any reason, no matter what data was removed, and showed them that this could run into the millions for the number of uses they had.

      So we built a small website, all in javascript, that the users could select the categories they felt they were in, and it generated a QR code 'membership card'. When the service users attended, the QR codes were scanned, and all we stored was the aggregated data, with no links to a specific user.

      In the end, the whole system was bought by Crapita, and they just built the database of users instead.

  6. jonnycando

    Cloudflare may be secure but its not speedy...at all...thats been my observation at least

  7. Anonymous Coward
    Anonymous Coward

    Niggly problem here

    Isn't Cloudflare US, and thus required to comply with US laws?

    In that case, your privacy is only protected for as long as none of the agencies give in to their usual data fetishism - if that hasn't happened already (I can't imagine KPMG defying a National Security letter - they've got too much to lose). Maybe they're presently distracted by the COVID19 crisis, but the attraction is certainly there.

    Not saying it's happening already, but caveat emptor IMHO.

    1. Anonymous Coward
      Anonymous Coward

      Re: Niggly problem here

      That is why Cloudflare diligently makes use of warrant canaries. Further reading: https://en.wikipedia.org/wiki/Warrant_canary and https://www.cloudflare.com/transparency/

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021