This post is very much related to the Christchurch Mosque Shooting thread but is asking a wider question in regards to using technology post Christchurch with specific regard to Cloudflare.
Some of you may or may not be aware that Cloudflare protect ALL of the vile sites (such as the Chans and various other hate / white supremacist sites) that hosted and promoted the Christchurch Mosque Video during and after the attacks. The majority of those sites still host the content with zero intent to remove it.
The problem of providing DDoS / WAF protection to White Supremacist websites is a problem that only Cloudflare has. This is not by accident, this is by design.
Cloudflare have a single paragraph for an Acceptable Use Policy. Where unless it is criminal in the US (essentially copyright or child abuse) then Cloudflare don't care.
And even when they do receive reports they absolve themselves of all responsibility by forwarding the information onto the hosting company which often results in people being doxed and receiving targeted harassment (this includes me).
Ironically enough for a company who proports to support free speech, when it came crunch time they removed a site that provided support for sex workers. When other sites that hosted far more vile content remained.
So my question is, when it walks like a duck and talks like a duck at which point do we stop saying it's not a duck?
Some light reading if you want some background to Cloudflare:
https://www.propublica.org/article/how-cloudflare-helps-serve-up-hate-on-the-web
http://copyright.nova.edu/cloudflare/
https://www.huffpost.com/entry/cloudflare-cybersecurity-terrorist-groups_n_5c127778e4b0835fe3277f2f
https://samambreen.wordpress.com/2019/01/05/updated-dossier-on-kiwi-farms/
https://en.wikipedia.org/wiki/Cloudflare
It's my view that no one should have any business dealings with Cloudflare as they have shown absolutely no interest in having any morals. The only way to have any action is to no longer fund their support of hate.
If you're looking for any other DDoS / WAFs that don't support terrorists or white supremacists are:
https://www.stackpath.com/maxcdn
https://aws.amazon.com/cloudfront/
https://projectshield.withgoogle.com