
The Mistake that Caused 1.1.1.3 to Block LGBTQIA+ Sites Today - sahin-boydas
https://blog.cloudflare.com/the-mistake-that-caused-1-1-1-3-to-block-lgbtqia-sites-today/
======
viraptor
I don't buy their approach here unfortunately. They showed that they pushed
the whole product without one person raising this as an issue easier. Even
though this is the most common problem with block lists in real world: the
LGBT sites and sexual health information sites. "We fixed it, it's ok now" \-
let's see how long that lasts / what's the next category to get impacted - I
haven't seen any fixes in the process / validation described in the post. (I
mean validation of their sources/approach in the future beyond a spot check on
regressions)

~~~
thesh4d0w
Did you read the post? They obviously went and reviewed what was going to be
included in that list before continuing, then just mixed up the list that was
used in the final result. That's an understandable thing to miss when
testing...

~~~
viraptor
Yes. They still released a product without validating the issue where many
other products of this category fail. Maybe it's a stupid mistake. But it
really reduces my trust in how much they pay attention to this project.

~~~
intpx
its a free service that they are providing as a social good in a strange time
when more parents and more kids are spending more time on the internet than
ever before. It wasn't malicious, there was no harm done, and like everyone
else their resources are at leas unbalanced if not constrained right now.

------
Terretta
> _But, initially, we created two default settings that were the most
> requested types of content people wanted to block: Malware (which you can
> block by setting 1.1.1.2 and 1.0.0.2 as your DNS resolvers) and Malware +
> Adult Content (which you can block by setting 1.1.1.3 and 1.0.0.3 as your
> DNS resolvers)._

Not sure more people request to block malware or adult than request to block
ads?

Where’s the Malware + Ads block like Zscalar, Adblock, and new crowd fave
NextDNS.io?

------
nullc
> which schools and libraries in the United States are required to follow

Only if they accept federal money. The federal government couldn't lawfully
impose their weird censorship rules on the libraries but they were able to
make federal funding conditional on it...

~~~
lonelappde
And that funding comes from taxes raised from the people of the states. It's a
complete subversion of the Constitution and the only reason it's considered
legal is because the Supreme Court is appointed by the Federal Executive.

------
dannyw
Nice writeup. Explains what happened. Shows immediate action. Apologies. 5/5.

------
hyperman1
Does anyone know what the data structure is that takes 2 hours to generate.
Sounds like some interesting technical content is lurking in there.

~~~
adontz
Maybe some king of succinct trie?

~~~
jasonhansel
Or a very large bloom filter?

------
lilyball
I'm rather disappointed that Cloudflare did not proactively identify the
possibility of blocking this sort of content and put tests in place prior to
launching to ensure that access to these sites were unaffected. Content
blocking has a long history of blocking legitimate sites, especially LGBTQIA+
sites, and ensuring that these sites remain accessible should be a priority,
not something that you rely on customers to notify you about after launch.

------
jojo2000
Cloudflare seems like a trustworthy and technically competent company. Kudos.

------
nailer
> we've set up a number of checks of known sites that should fall outside the
> intended categories, including many that we mistakenly listed today

I'm glad CloudFlare is going to write some basic tests for one of the most
obvious failure scenarios (false positives) for their software.

~~~
blorenz
It also seems like a job for MTurk.

~~~
nailer
It's a job for a competent engineer.

------
agentdrtran
This is the best response I've seen to this kind of thing.

------
jeegsy
What sites in particular were blocked?

