Heard something about cloudflare and co. This is a rather sloppy writeup. Don’t quote me on it.
There are various modes.
[1] full ssl -> end to end through cloudflare
[2] CDN (content delivery network) - ssl user to cloudflare - decrypt at cloudflare - ssl cloudflare to actual server
[2] is results in a huge speedup. Static content such as images, html and scripts can be delivered from a server close to the user - including QoS (quality of service) prioritization. Since cloudflare can decrypt all the traffic, this is a solution many privacy aware websites won’t want.
[1] So cloudflare is mostly known for CDN / [2]. How can [1] be useful? It’s obviously slower, but slower here still means factor 3 speedup. It works by cloudflare having their own dark fiber and making deals with ISPs for guaranteed bandwidth so they can implement faster routing and higher QoS priority.
If true, that means the debate on net neutrality is already over and practically we transitioned into the QoS age. Most services nowadays sign up for cloudflare to be faster. Which from their point of view is profitable, since website speed is crucial. More then 2 seconds page load time and already x % bounce rate.
At the moment there are various free offers of cloudflare. [1] is among them.
If everyone signed up for cloudflare eventually, we could as well as also decide to go back to no one using it - since then some superfluous extra proxy was added - and no one benefited.
The final result will probably be that all server providers have to be bidding on bandwidth or be super slow.
Obviously we shouldn’t sign up whonix.org for cloudflare and co. However, as more and more destitutions are behind cloudflare and co, the number of destinations for all Tor traffic was reduced from many to “one”. Safe to assume cloudflare and co. as a giant global at least passive traffic observer.