Ask HN: What gives Cloudflare the right to takedown apps revealing site real IP?
by 5ESS on Hacker News.
I stumbled across an interesting app called “CrimeFlare” and what it does is reveal the real IP website’s using Cloudflare’s Ddos Mitigation Service. CloudFlare had it taken down. https://ift.tt/pzGYt3c I’m assuming it does this by scanning the public internet in it’s entirely, indexing the domains. (A household fiber connection can scan the entire IPv4 space in a mere matter of weeks) This is obviously a huge threat to CloudFlare’s entire business model and it totally makes sense that they want to bury this. I just fail to understand what grounds they have to take something like this down. Internet IPs are public knowledge and these websites are publicly accessible. Just because Cloudflare built a billion dollar buisness exploiting the fact that sites “real” IPs can be hidden through obscurity, doesn’t mean they should be able to censor/takedown apps that expose the flaw in their business plan! Anyways, I intend to create a new internet-wide scanning system in order to revive the functionality of CrimeFlare just to prove a point that security through obscurity is no security and all, and that CloudFlare doesn’t have the right to take something like this down!