If Cloudflare (Atlanta server) would stop Shitting Itself, that’d be GREAT.
Seriously, I couldn’t even access Discord for hours and it’s still laggy even now, and 90% of the sites I frequent are laggy as shit because of this SE-fiber-Cloudflare nonsense. What the fuck are they even doing over there?
La experiencia reciente demuestra que estos eventos funcionan como verdaderos “stress tests” digitales. Análisis previos de Cloudflare sobre acontecimientos globales de alta audiencia —como los Juegos Olímpicos de París 2024— revelan que las solicitudes asociadas a DDoS contra sitios vinculados al evento alcanzan las 200 millones por día; durante esos juegos, en un solo día (29 de julio), se concentraron 84 millones de solicitudes DDoS relacionadas contra tres sitios de patrocinadores simultáneamente.
Cloudflare revela que el Mundial pondrá a prueba a las plataformas digitales – TeraGames
ALT
I recenti attacchi cinetici condotti tramite droni contro le infrastrutture AWS in Medio Oriente rappresentano un evento critico per l'analisi della sicurezza informatica. Questi episodi dimostrano che l'infrastruttura hardware alla base dei servizi cloud commerciali è fisicamente esposta. Questo solleva interrogativi precisi sui metodi di protezione fisica e sulle strategie di continuità operativa adottate dai grandi fornitori di servizi IT a livello globale.
Di fronte a minacce fisiche, l'opzione di collocare i data center all'interno di strutture corazzate sotterranee presenta ostacoli ingegneristici ed economici severi:
Per garantire la disponibilità dei servizi, le aziende tecnologiche evitano la concentrazione delle risorse in un'unica struttura fortificata e adottano la ridondanza geografica. I dati e i processi vengono replicati in tempo reale su più data center situati in nazioni o continenti differenti.
In caso di distruzione fisica di un nodo, la rete esegue un reindirizzamento automatico del traffico avvalendosi di tre protocolli primari:
La ridondanza geografica è concepita per neutralizzare i danni fisici, ma costituisce una debolezza critica nei confronti degli errori software. Quando provider come AWS o Cloudflare subiscono blocchi su scala globale, la causa risiede in vulnerabilità logiche che si propagano attraverso la rete stessa:
Un'ulteriore causa di disservizio esteso si verifica quando la caduta di un data center genera un eccesso di traffico sulle strutture rimanenti. Se un nodo principale viene disconnesso, i protocolli di sicurezza deviano automaticamente tutto il suo carico sui data center di backup. Se queste strutture secondarie non dispongono della capacità di calcolo sufficiente per elaborare i nuovi volumi di dati, si sovraccaricano. I sistemi di protezione interni disattivano quindi i server per evitare danni termici all'hardware. Questo riversa un quantitativo di traffico ancora maggiore sui nodi successivi, innescando una serie di spegnimenti sequenziali che portano al collasso dell'intera rete regionale o globale.
In sintesi, i protocolli di sicurezza e la ridondanza geografica estrema non rendono l'infrastruttura cloud globale invulnerabile. Mentre la protezione contro le distruzioni fisiche localizzate è garantita dalla distribuzione dei nodi, l'interconnessione necessaria per il funzionamento del sistema crea un rischio strutturale sul fronte logico e software. Un singolo errore di configurazione replicato automaticamente su scala globale, o un sovraccarico di traffico durante un reindirizzamento d'emergenza, possono aggirare le difese hardware e innescare un blocco totale. La possibilità di una caduta diffusa dei data center, quindi, rimane un'eventualità concreta e costante nell'ingegneria di rete moderna.
Per limitare i danni di un blocco globale o di un errore software a cascata, le infrastrutture critiche devono adottare approcci architetturali che riducano la dipendenza da un singolo sistema:
1. Architettura Multi-Cloud L'utilizzo esclusivo di un singolo fornitore espone l'intera infrastruttura ai suoi errori software interni. La mitigazione consiste nel distribuire i servizi su fornitori cloud concorrenti e indipendenti (ad esempio, dividendo il carico tra AWS, Microsoft Azure e Google Cloud). Se un aggiornamento errato disattiva la rete di un provider, i sistemi ospitati sugli altri fornitori continuano a operare normalmente.
2. Modello Ibrido e Backup On-Premise Per i dati di importanza vitale, come i registri bancari o le identità crittografiche, la sola replica sul cloud pubblico non è adeguata. Le aziende devono mantenere server fisici di proprietà (on-premise), fisicamente isolati dalle configurazioni software dei provider cloud. Questo garantisce l'accessibilità ai dati primari anche in caso di compromissione totale dei protocolli di routing BGP o di blackout del fornitore esterno.
3. Chaos Engineering (Ingegneria del Caos) I sistemi di ridondanza falliscono spesso perché non vengono testati in condizioni reali. La pratica del Chaos Engineering prevede lo spegnimento intenzionale e controllato di server e data center in ambiente di produzione. Questo processo forza i sistemi di failover ad attivarsi regolarmente, permettendo agli ingegneri di identificare e correggere i limiti di capacità prima di un disastro reale.
4. Sistemi di Fallback Statici e Indipendenti Quando il database principale o l'applicazione dinamica smettono di funzionare, il traffico deve essere deviato verso server di emergenza esterni alla rete principale. Questi server ospitano versioni statiche e di sola lettura del sito o del servizio. Questo accorgimento previene la visualizzazione di errori totali di connessione e mantiene attiva la comunicazione con gli utenti.
“Questo articolo ha beneficiato dell’assistenza di Gemini, un modello linguistico AI”
Cloudflare dio un paso clave hacia la ciberseguridad del futuro: la compañía anunció que se convierte en la primera plataforma SASE del mundo en integrar cifrado poscuántico moderno en todos sus componentes, adelantándose al mandato del NIST para 2030. La actualización protege a empresas frente a amenazas emergentes como el modelo “Harvest Now, Decrypt Later”, sin requerir hardware adicional ni costos extra. En un contexto donde la computación cuántica redefine el riesgo criptográfico global, este anuncio marca un punto de inflexión en la seguridad empresarial.
Cloudflare y Mastercard anunciaron una alianza estratégica para enfrentar uno de los mayores riesgos del entorno digital actual: los puntos ciegos en la superficie de ataque que dejan expuestas a pequeñas empresas e infraestructuras críticas. La integración de las capacidades de monitoreo y calificación de riesgo de Recorded Future y RiskRecon con las soluciones de seguridad de Cloudflare permitirá detectar activos vulnerables, evaluar la seguridad cibernética en tiempo real y activar defensas automatizadas desde un solo panel, en un contexto donde estas organizaciones concentran cada vez más ataques pero cuentan con menos recursos para responder.
Cloudflare y Mastercard se asocian para ampliar la ciberdefensa integral de las Pymes – TeraGames
Humans are bad at randomness. Ask a million people to give you a random number from one to ten, and you’ll probably see a large number of them choose 7 and very few pick 1 or 10. The numbers in the middle feel more random than the ones on the edge of the range, even if you know that’s totally wrong.
Well, most things are pretty bad at being random. Regardless of your source of randomness, everything is predictable to at least some extent! Don’t try to “um actually” me on that, because I have written that statement as vaguely as possible so as to be right no matter how you want to interpret it. The key is minimizing how much influence can be made on the randomness.
Real randomness is important in the modern world too though, particularly when trying to perform encryption. Truly random input is need to encrypt something so that the output is not reliably related to the input except when a deciphering key is applied.
Think of a Caesar cipher, the one where you just rotate every letter a certain distance down the alphabet. The only randomness might be how far down you rotate, and so you can decipher the message without the key (the number of rotations) just by looking at patterns in the encrypted text.
So yeah, input should be randomly different from the output. It’s important for other things too like creating hashes but wow I don’t feel like going into that today.
The bad news is that if you thought humans are bad at coming up with random numbers, computers are even worse. They’ll typically combine as many random-ish factors as possible, like the current fraction of a second, but none of it is impossible to predict.
That’s why most of the time when you ask a computer for a random number, what you’re really getting is ‘pseudo-random’. Sure, you could (with enough work) figure out the random number someone else got knowing their environment, but it would be used to generate your Minecraft world, not encrypt secret messages.
So how can a computer get a real random number? Physical phenomenae are the best source for it, and there are some very neat workarounds for putting them into a desktop. You can pick up random background radiation, one of the few times you actually want a noisy signal.
One of the earliest efforts at getting a computer to do this was 1947 by RAND Corporation, where they created an 'electronic roulette wheel’ which had randomish pulses sent through it, then filtered with a constant frequency pulse, making a properly random signal due to the spin of the wheel.
The output from this was, of course, a book. Not a research volume; it was literally a book of a million numbers outputted by the process, creatively titled “A Million Random Digits with 100,000 Normal Deviates”. Flip to a page, any one of them is a nice random number.
Finally, the Cloudflare company has a whimsical way to get random data. In the lobby of their headquarters is a wall of 100 lava lamps, monitored by a camera. A photo of the lamps is parsed down to a string of 0s and 1s. Since those lamps really are randomly changing their appearance, the photo is unique every time!
Cuando el balón comience a rodar en junio de 2026, no solo los estadios en Ciudad de México, Guadalajara y Monterrey estarán al máximo de su capacidad. También lo estará Internet.
Continue reading Mundial 2026: ¿Por qué será la mayor prueba para las plataformas digitales?
Here’s yet another hack attempt on a WordPress account I don’t have and never have had (or will have…). 🙄
This coward hid behind CloudFlare, Internet services that speed up and secure websites by acting as a reverse proxy, sitting between users and websites to filter traffic, cache content, etc. All they ended up getting was a series of 404 - Not Found errors… 😆
Oh, but keep looking… 😁
“Put it in your pantry with your cupcakes…” 😁😆😁😆
Block all bots is officially outdated.
Web Bot Auth is a new IETF backed standard that lets AI agents carry a cryptographic ID card so websites can verify who is legit and who is just scraping your content.
In my latest TechGlimmer post, I explain:
- How Web Bot Auth actually works (keys, signatures, directories)
- Why Cloudflare, AWS, Fingerprint & SEO tools are jumping in
- What this means for creators, e‑commerce, and security
Read it here:
https://techglimmer.io/what-is-web-bot-auth-web-bot-auth-explain/
Learn how to detect and stop DDoS attacks on your small business site. Discover attack types, warning, and affordable DDoS protection steps.
iT4iNT SERVER When Cloud Outages Ripple Across the Internet http://dlvr.it/TQkSNG VDS VPS Cloud
New Delhi News: टेक्नोलॉजी की दुनिया में Artificial Intelligence (AI) ने कोहराम मचा रखा है। हाल ही में ‘मोल्टबॉट’ (Moltbot) नाम का एक एआई एजेंट इंटरनेट पर वायरल हुआ था। इसे अपना पर्सनल असिस्टेंट बनाने के लिए लोग धड़ाधड़ महंगे ‘मैक मिनी’ (Mac mini) खरीद रहे थे। लेकिन अब आपको हजारों रुपये खर्च करने की जरूरत नहीं है। क्लाउडफ्लेयर (Cloudflare) ने एक ऐसी तकनीक पेश की है, जिससे यह काम बेहद आसान और…
New Delhi News: टेक्नोलॉजी की दुनिया में Artificial Intelligence (AI) ने कोहराम मचा रखा है। हाल ही में ‘मोल्टबॉट’ (Moltbot) नाम का एक एआई एजेंट इंटरनेट पर वायरल हुआ था। इसे अपना पर्सनल असिस्टेंट बनाने के लिए लोग धड़ाधड़ महंगे ‘मैक मिनी’ (Mac mini) खरीद रहे थे। लेकिन अब आपको हजारों रुपये खर्च करने की जरूरत नहीं है। क्लाउडफ्लेयर (Cloudflare) ने एक ऐसी तकनीक पेश की है, जिससे यह काम बेहद आसान और…
Yesterday one of the archive’s early adopters sent me a link to an article about how various sites block archive.org and asked how things are on our end.
I wrote back something like: “Honestly, the bigger trend we’re dealing with lately is front-enders shipping a hundred JavaScript files per page, so if even one of them fails to load the whole page collapses like a house of cards. Against that background, even if something like what the article describes did happen, it probably passed unnoticed.”
…
An hour later an email arrives from a sysadmin at Condé Nast: “Are you blocking our office IP?”
“Oh. Right. Yes, we are. You’re reprinting the seed-crystal of a finne troll’s black-tar propaganda about us, laundering it with your brand’s legitimacy, and you still expect to keep using our free service? Have you people completely lost your damn minds over there?”
…
Back in the dawn-of-the-Internet era, when hosting providers billed by the gigabyte even for dedicated servers and the Great Firewall of China was still a glimmer in some bureaucrat’s eye, lots of sites just blocked visitors from China. They weren’t buying anything anyway.
Now everyone blocks everyone they don’t like or don’t profit from.
Walmart (or Target?) blocks everyone outside the U.S.
Ukraine’s been blocking VK for a decade.
Things that feel almost like core infrastructure - (((ifconfig.me))), (((ipinfo.io))), … - block Iran.
We block Cyprus because it has a suspiciously high density of people with a past best left undisclosed starting shiny new “European” lives from scratch.
…
To deal with that reality, a multi-exit VPN, one that chooses a exit node depending on the target IP, has been a necessity for a long time now, for bots and humans, long before “VPN” became a lifestyle accessory.
But it comes with problems:
First, privacy. Tracking scripts don’t see one IP, they see several. And even that pattern by itself is a de-anonymizing signal, because there aren’t that many surfers who look like that.
Second, Cloudflare. The exit gets chosen for the IP, not the domain, and multiple sites are mixed together on the same IP. Some only let you in from the U.S., others only from Europe, etc. There’s no good solution. So you pick some compromise region X based on which of your favorite sites you’re least willing to have broken. All your Cloudflare traffic now goes through region X. And if you yourself aren’t actually in X (because you chose it not by proximity but by least-badness for your personal web ecosystem) then your packets start doing laps around the planet.
For a multi-exit VPN user, a site behind such a “mixer” CDN ends up slower than a site with no CDN at all.
And this is yet another reason — after EDNS, captchas (that can pop up instead of any one of a hundred included JavaScript files), random de-platformings, did I miss anything? — that makes Cloudflare a kind of natural antagonist.
Not exactly an enemy.
More like a sparring partner you keep finding yourself matched against, again and again, in different disciplines, in different rings, each time convinced this bout will finally settle something, and each time walking away a little more bruised and a little more aware of how strange the whole fight has become.
iT4iNT SERVER Cloudflare Fixes ACME Validation Bug Allowing WAF Bypass to Origin Servers http://dlvr.it/TQSD46 VDS VPS Cloud
Cloudflare anunció la adquisición de Human Native, una plataforma británica especializada en transformar contenido multimedia en datos estructurados y licenciables. Este movimiento marca un hito en la evolución de los modelos económicos de Internet, especialmente en la era de la inteligencia artificial generativa.
Continue reading Cloudflare adquiere Human Native para revolucionar el modelo…
Cloudflare, la empresa líder en conectividad cloud, publicó su primer Informe de Innovación de Aplicaciones 2026, mismo que revela una clara diferencia: las organizaciones que apuestan por la modernización de aplicaciones —es decir, la actualización de sus infraestructuras tecnológicas para abandonar los sistemas obsoletos— logran aprovechar la IA y reforzar su seguridad de manera más favorable, mientras que aquellas que siguen con sistemas anteriores enfrentan cada vez mayores costos.
