It's not that the article's points are wrong. They're right and well argued. But...

pverghese · on Dec 30, 2022

What are the websites you feel saree blocked by cloudfare and not by court orders?

dspillett · on Dec 30, 2022

The complaint about CF blocking is, I think, the other way around: blocking users access to sites, or making access a faf, because of the address their request comes from. It affects people behind GCNAT significantly, as well as those using commercial VPNs, because of the activity of others who appear to come from the same address*.

Unfortunately there is little you can do about such collateral damage other than wistfully wonder “what if IPv6 had been implemented widely, and properly, some time ago, so such address sharing wasn't necessary”. VPN users might still end up coming from the same address/range so be indistinguishable from bad actors using the same VPN, but that is their choice to be unidentifiable and they should be aware of the ramifications†).

--

[*] It can impact those with a dynamic address similarly, but more randomly.

[†] I'm not saying not wanting to be identifiable is not a bad thing: just that you need to appreciate that being indistinguishable from the average non-identifiable Internet user makes you, erm, indistinguishable from the average non-identifiable Internet user[‡].

[‡] Who is trash. Or a bot written by trash.

wickedsight · on Dec 30, 2022

That's an easy one, it's all of the ones that use Cloudflare.

If your IP address is for some reason blacklisted by Cloudflare, you're screwed. With CGNAT, this means that you can have a hard time visiting many web sites if your IP is used by someone else who does nefarious things.

superkuh · on Dec 30, 2022

Almost every website that uses cloudflare is inaccessible except using near bleeding edge latest browsers. If you use a non-standard browser or have JS turned off you get blocked by cloudflare's chosen defaults. It doesn't matter what your IP is. Even my Comcast residential IP doesn't work.