Consider delisting instances which use Cloudflare about farside HOT 6 CLOSED

I'll be pushing a few changes shortly that will do a few things:

• Cloudflare instances will no longer be included in the default services.json file, but will continue to be tracked in the repo as a separate, unfiltered services-full.json file for others to use if they wish.
• The services JSON file that Farside uses will be configurable at runtime using an environment variable (FARSIDE_SERVICES_JSON). This can be set as FARSIDE_SERVICES_JSON=services-full.json for anyone who doesn't care about Cloudflare.
• The auto-update feature will individually look up nameservers for each instance and filter if Cloudflare is detected. This isn't using the "crimeflare" service mentioned above, since I got a timeout error for even querying one instance and I'd rather not rely on a third party tool for the filter.
• A separate cf.farside.link service might be deployed which uses the services-full.json list, haven't decided yet. I think it should be up to the user to decide if they personally are ok with using instances deployed behind Cloudflare, but I agree that it shouldn't be the default behavior.

As it stands now, it looks like the number of available instances that Farside can select from is cut in half when filtering out Cloudflare instances. Not really good or bad, just an interesting fyi.

from farside.

OK -- farside.link now excludes any instance using Cloudflare by default. A separate domain, cf.farside.link, can be used by anyone wishing to maximize the number of instances that Farside can switch between, or if they don't care about Cloudflare.

The auto-update workflow was also updated to filter instances accordingly into their respective json files, so there shouldn't be a need to manually keep track of this moving forward.

from farside.

The first line of the project readme says:

Farside provides links that automatically redirect to working instances of privacy-oriented alternative frontends,

So something has to change here. If the Cloudflare instances are retained, then “privacy-oriented” must be striken.

@testman42

I would argue that completely removing those instances from the list would be a waste.

What is being wasted by removing CF references? The Cloudflare sites are the waste, as they go against the project objective. That waste should be removed.

Someone suggests modifying update-instances.yml to run this for each instance: curl -s -X POST -F 'u='"$URL" https://karma.crimeflare.eu.org/api/is_cf.php

My suggestion for handling this issue would be to classify / tag the instances and then implement some way of handling CloudFlare exclusion.

Making privacy-abusing instances reachable is outside the scope of the Farside project (IIUC, assuming the project intends to be privacy-oriented). Is the complexity of having the option of going against the goal worth it? Keep in mind as well that if someone really wants to use CF sites, they can manually add them to a json file, IIUC.

BTW, if we consider that Cloudflare also undermines network neutrality, and Farside effectively serves to improve network neutrality (by way of improved access equality), it wouldn’t be a bad idea to also state that netneutrality is one of Farside’s objectives.

from farside.

I would argue that completely removing those instances from the list would be a waste.

My suggestion for handling this issue would be to classify / tag the instances and then implement some way of handling CloudFlare exclusion.

For example, add a part of the URL that defines which instances to choose from.
Say that you go non-cloudflare by default, but allow the user to opt-in to the cloudflare instances.
I imagine that it would be something like adding c/ after the farside.link/. So that the URL that consides cloudflare instances would look like this:
https://farside.link/c/invidious/watch?v=d_AP3SGMxxM

from farside.

@testman42

1. Essentially you'll just exclude CloudFlare instances by that, because no one would add /c/ (which is fine by me tbh).
2. Don't forget there's already /_/, so then https://farside.link/c/_/... AND https://farside.link/_/c/... should work for the user

from farside.

In my humble opinion, at the very least, we should put a warning that the user WILL be tracked by Cloudflare (and friends), this makes the "privacy" instances not very private (still better than using the non-proxied services though).

from farside.