[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Using Cloudflare as CDN for debian.org website

On 2019-06-17 14:43, Bagas Sanjaya wrote:
> Carsten and Steve, we're talking about performance
It has been pointed out that performance is currently not an issue (see
Wouter's reply for details).

> and security of debian.org

With "security", you seem to mean "ensuring that a visitor is human". It
has been pointed out that there is currently no desire for that.

> if we use Cloudflare CDN, especially regarding to reCAPTCHA challenge page

Quoting Wikipedia [1]:

> The reCAPTCHA code is also heavily obfuscated and reverse-engineering
> attempts demonstrated that it collects enormous amounts of personal
> data, in line with Google user tracking and fingerprinting practices.
> Usage of reCAPTCHA, since acquisition of Google, is subject to Google's
> general privacy policy, which essentially requires the user to consent
> to collection of vast amounts of personal data in order to use websites
> protected by reCAPTCHA.

Given that
 * the one Pro you mentioned is currently of no value to Debian, and
 * the N Cons mentioned in this thread would come at a great cost to
   Debian and especially the visitors of Debian.org,
it should be evident why reCAPTCHA is out of the question at the moment.

[1] https://en.wikipedia.org/wiki/ReCAPTCHA#Criticism

Regards,
Christian
Reply to: