Cloudflare is over the moon because its pro-privacy 1.1.1.1 DNS service got a clean bill of health from everyone's favorite auditor – KPMG Two years ago, network infrastructure biz Cloudflare launched the 1.1.1.1 Public DNS Resolver, with the promise that internet users could use the service to surf the internet without being tracked - by Cloudflare at least. The biz positioned itself as a speedier, privacy-focused alternative to Google Public DNS, which operates …
"Cloudflare's business has never been about targeted advertising or selling user data," said CEO Matthew Prince
That would fall in the category famous last words not yet. The problem is never with current management. It is always a problem with who will follow. Either an internal policy change or a big investor, who wants to squeeze the last cent out of it too. But then it is too late. Your infrastructure has been committed and changing it is hard and expensive.
The lesson, that we all should have learned by now, is that a promise is just a promise. It does not say anywhere, how long that promise may last or is applicable. So, yes, good promise but use caution. Do not make yourself (too) dependent.
KPMG did a real audit? Wow.
Dealt with them back when there was a Netherlands Antilles, and they were the most corrupt bastards since The Vatican.
Managing director told an underling to "thicken" a report because the binder was too thin and it cost the client half a million guilders.
Underling refused, was fired, and new underling did as told.
Good point, but I still commend Cloudflare for taking that (current) position.
I am beginning to wonder if, with that position, using their DoH service might actually be better than rolling my own? I am currently intending to run a DoH service on my own (internet-visible) server, backed by my own recursive resolver (not forwarded to another resolver).
However, that makes the fact that I (the server owned in my name, with a static IP, running DoH) am looking up that name visible to all the servers I touch during the resolution (and potentially visible to other players like the networks my server transits to get to those servers).
If I use Cloudflare's DoH service then, obviously, Cloudflare know that I (or actually, my end device, which is probably behind carrier-grade NAT somewhere) looked up that name. But nothing else knows: my communication with Cloudflare is encrypted and the nameservers involved only know Cloudflare's DoH server looked up the name.
Interesting that using their service might actually end up being more private than rolling my own.
DoH to your own private server is only going to protect you from a potentially insecure local network as far along as your ISP. Of course, compared to standard DNS, it at least gives you that, but nothing more. Your server also has an ISP, and it can watch your standard DNS resolutions to figure out where you're going. If you didn't want to trust Cloudflare, the best way to maintain privacy is to make the server available to others, either a specific set of people to maintain a cap on resource usage or making the server public. Since this inevitably entails quite a bit of resource usage for others and since others don't know for sure that you can be trusted, that might not work as expected.
Instead, it took nearly two years because the accounting firms approached didn't have a playbook for this sort of technically-focused review of policy and practice.
Then why not use an organisation that is specifically set up for IT security auditing? There are some good ones around and some have a long tradition in science and industrial auditing as well as IT, so they have a good reputation. TÜV springs to mind.
Been trying to get this into Marketing People's heads for the last few years. Data Is A Liability.
Just because you _can_ get that Excel spreadsheet with the email address, name, phone number, time and IP of everyone who opened your daft B2B email last week - doesn't mean you should. I don't care if "the Sales team" want it. In that case push that data through your CRM and restrict access to just those people.
Do not request an XLSX: which gets generated by an Agency Developer, gets emailed to an Agency Account Manager, then emailed to you, then distributed by you to an ever-growing mailing list. Thus creating dozens, even hundreds of copies - dutifully backed up forever, any one of which could easily be left in a train, bus, taxi, hotel room at any time.
Toxic Asset is a great way of describing it. Might start trying that one instead!
I spent some time trying to convince a local authority that having a database that linked members of the public to names, emails and demographic information such as disability status and ethnicity, age and what school they attended, attendance at rehabilitation classes or drug and alcohol support services, was a really bad idea...
Eventually they got it when we said we would need a guarantee that they would pay any data protection related fines if we were breached in any way, for any reason, no matter what data was removed, and showed them that this could run into the millions for the number of uses they had.
So we built a small website, all in javascript, that the users could select the categories they felt they were in, and it generated a QR code 'membership card'. When the service users attended, the QR codes were scanned, and all we stored was the aggregated data, with no links to a specific user.
In the end, the whole system was bought by Crapita, and they just built the database of users instead.
Isn't Cloudflare US, and thus required to comply with US laws?
In that case, your privacy is only protected for as long as none of the agencies give in to their usual data fetishism - if that hasn't happened already (I can't imagine KPMG defying a National Security letter - they've got too much to lose). Maybe they're presently distracted by the COVID19 crisis, but the attraction is certainly there.
Not saying it's happening already, but caveat emptor IMHO.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
