This way, the only possible way for such an attack to happen would be for Cloudflare to target a specific IP.
No. This way, an obvious next move for cloudfare is to spoof your website for all requests from IPs that are
far away from your server's one and from what cloudfare
thinks is
probably not remotely accessible (
no vpn server, no tor node, no datacenter - they control a huge part of the internet traffic, it's easy for them to collect this kind of statistics).
You start the message with 0 doubts saying "No" but then you proceed to show that by mistake or intentionally you misunderstood parts of our previous message and even presented your personal assumptions as facts, even though that seems highly unlikely for such a security conscious person as you seem to be so after this message if you are still not convinced we can agree to disagree on this subject. We will never reveal all information about how everything works or anything that could be used against us, but what we've said until now is already more than enough to use as valid arguments for your concerns.
1.We never said we are only using VPN/Tor/Datacenter IPs
2.We never said the servers we're using for the checks are in a 'far away' location, nor did we say that they are in one place.
3.We are not underestimating the control that Cloudflare has, but what Cloudflare
thinks or estimates is simply not enough in this case no matter how many statistics they can collect. in order for any MITM attack to be succesful they need to be right in 100% of cases.
4.There are multiples of times more requests made by us than from real users so statistically speaking their chance to be successful for even a day is incredibly small, let alone for a long period of time.
Or they can add one more condition for contents alteration: they alter the contents only if their estimate of the user's computer knowledge is low. Then even verification of your webiste by someone living far away (but without remote access to their computer) will not help. Once you start to collaborate with cloudfare, this will be an eternal battle of shield and spear at best.
1.An 'estimate' is still not enough. They need to be right in 100% of cases to perform a large scale attack
2.Remote access makes no difference
3.We mentioned we are using various fingerprints for the checks
4.We already said Cloudflare is a temporary solution implemented for a very short period of time until we gain more popularity, 'an eternal battle' doesen't seem accurately worded
We already mentioned that the only way to be 100% sure that nothing is being tampered with is to release a CLI or GUI open source app, with the backend's public key directly patched into the code. This way, we would be sure the data cannot be tampered with, since it is downloaded from a safe source.
There is only one problem with this approach, Clearnet is mostly used by people who don't download Tor browser, so they probably won't download our app or use the CLI either.
By your logic, which we agree with to a certain point, all clearnet services are insecure no matter if they use Cloudflare or not. If you host the server somewhere then it could be wiretapped/spied on by the provider etc. and in that case there really is
no way to know, that is also a more likely scenario to happen IMO than Cloudflare successfully breaking our security unnoticed. You also can't host it yourself since it's exposed, so really there is
no way to be 100% sure that a clearnet website is secure, that's why we always highly recommend using Tor.
TLDR: A large scale attack is not possible in the way you described. Targeted attacks? Possible in certain edge cases as previously acknowledged, but still highly improbable to happen if the user in question does basic things like change his IP and use a fresh Private window. Other types of attacks? Anything is possible with a clearnet service regardless of what security measures you take and that is not a problem we're trying to solve.