WebProNews

Tag: CloudFlare

  • Cloudflare Announce Mastodon Support

    Cloudflare Announce Mastodon Support

    Cloudflare is throwing its weight behind the Fediverse with its first Mastodon-compatible Supercloud server, Wildebeest.

    Mastodon has emerged as the main alternative to Twitter and differentiates itself with its decentralized design. Whereas Twitter is run by a single company, with centralized servers, anyone can set up a Mastodon server. The collective of Mastodon servers forms the “Fediverse,” with users able to sign up on one server and follow and communicate with users across all of them.

    While individuals and companies may be tempted to run their own Mastodon server, doing so can present a number of challenges, as Cloudflare highlights:

    The Mastodon gGmbH non-profit organization provides a server implementation using Ruby, Node.js, PostgreSQL and Redis. Running the official server can be challenging, though. You need to own or rent a server or VPS somewhere; you have to install and configure the software, set up the database and public-facing web server, and configure and protect your network against attacks or abuse. And then you have to maintain all of that and deal with constant updates. It’s a lot of scripting and technical work before you can get it up and running; definitely not something for the less technical enthusiasts.

    Wildebeest is designed to address these issues and help individuals and companies quickly get up and running with their own Mastodon instance:

    Wildebeest serves two purposes: you can quickly deploy your Mastodon-compatible server on top of Cloudflare and connect it to the Fediverse in minutes, and you don’t need to worry about maintaining or protecting it from abuse or attacks; Cloudflare will do it for you automatically.

    Wildebeest is not a managed service. It’s your instance, data, and code running in our cloud under your Cloudflare account. Furthermore, it’s open-sourced, which means it keeps evolving with more features, and anyone can extend and improve it.

    Given the increasing popularity of Mastodon, Cloudflare may well have a hit on its hands.

  • AMD Continues to Chip Away at Intel’s Server Dominance

    AMD Continues to Chip Away at Intel’s Server Dominance

    AMD is continuing to make inroad against Intel in the server market, chipping away (pun intended) at the latter’s lead.

    Intel was once the undisputed king of the semiconductor market. While that was true across the entire PC industry, it was especially true in the server market, where the company’s market share was 98% as recently as five years ago. According to Mercury Research (via Network World), as of Q122, AMD’s server market share is now 11.6%, dropping Intel’s to 88.4%.

    AMD has its Epyc line of processors to thank for the success it’s enjoying.

    “It’s been a long, gradual increase. If you look at the data set now, AMD has completed their third consecutive year of having on-quarter gains in share,” said Dean McCarron, president of Mercury Research. “The main driver there is that AMD has its Epyc processors … and each generation has been a little bit more successful than the prior one.”

    See also: Linus Torvolds Switches to AMD, Slams Intel

    AMD’s reputation for consistently delivering quality products is also helping the company gain new business.

    “This isn’t the first time [AMD]’s had success in the market, they had success more than a decade ago, and now they’re getting back in,” McCarron added. “The key here is that they’ve established a pattern of delivery on product reliability.”

    McCarron’s comments confirm the issues Intel has had in recent years. Dell, one of Intel’s most loyal partners, had to look to AMD in 2019 as a result of Intel’s supply issues. Similarly, Cloudflare pivoted away from Intel in late 2021 because AMD’s Epyc processors were much more energy efficient. Google Cloud also moved to AMD, thanks to the performance gains it offered over Intel.

    AMD’s performance has also helped it achieve the highest share of the x86 processor market in its history, according to TechSpot. As of Q122, AMD has 27.7% of the overall market, and 18.3% of the x86 desktop market.

    Under CEO Pat Gelsinger, Intel is determined to turn the tide back in its favor, with Gelsinger even going so far as to say “AMD [is] in the rearview mirror.”

    Unfortunately for Gelsinger, the facts don’t support that claim just yet.

  • Cloudflare Launches $1.25 Billion Fund to Help Startups and Challenge AWS

    Cloudflare Launches $1.25 Billion Fund to Help Startups and Challenge AWS

    Cloudflare is going to great lengths to capture more of the startup market and challenge AWS, launching a $1.25 billion fund.

    Cloudflare is a leading content delivery network (CDN) and a major force in the cybersecurity industry. The company has launched its “Workers Launchpad” funding program with the goal of helping startups grow their business with its Cloudflare Workers platform.

    Cloudflare Workers is “a highly-scalable serverless computing platform that allows developers to build or augment apps without configuring or maintaining infrastructure.” As such, it competes with much larger companies, such as AWS. The company has partnered with 26 venture capital firms to provide the necessary funding for startups that commit to the platform.

    “If there’s one thing venture capitalists look for in the companies they fund, it’s the potential to achieve significant scale. Startups that build on Cloudflare Workers are building on a platform made to automatically support serious scale,” said Matthew Prince, co-founder and CEO of Cloudflare. “While we can provide the technology, we’re thrilled to partner with some of the leading venture capital firms on the Workers Launchpad Funding Program, who will potentially invest more than a billion dollars in funding towards great startups built on Cloudflare Workers as they scale.”

    At least some in the industry see this as a major shot across the bow of AWS, as well as a potentially revolutionary approach to capturing market share.

    “AWS EC2 changed everything when it launched 16 years ago. I see Workers, and the broader Cloudflare portfolio, in a similar place today. Serverless is the way to build apps in 2022,” said Eric Anderson, Partner at Scale Venture Partners.

  • Cloudflare Launches Zero Trust Mobile eSIM

    Cloudflare Launches Zero Trust Mobile eSIM

    Cloudflare has scored an industry first, launching the first zero trust eSIM for mobile devices in the BYOD era.

    Bring your own device (BYOD) refers to the common practice of using a personal device for work, a practice that has become far more common as a result of the transition to remote and hybrid work. Unfortunately, BYOD introduces a number of security risks, which Cloudflare is trying to address.

    The company is introducing the Cloudflare Zero Trust SIM designed to help organizations secure their employees’ various devices.

    “When I speak to CISOs I hear, again and again, that effectively securing mobile devices at scale is one of their biggest headaches, it’s the flaw in everyone’s Zero Trust deployment,” said Matthew Prince, co-founder and CEO of Cloudflare. “Effectively securing mobile devices is hard, and we have been working on this problem since we launched our WARP mobile app in 2019, now we plan on going even further. With Cloudflare Zero Trust SIM we will offer the only complete solution to secure all of a device’s traffic, helping our customers plug this hole in their Zero Trust security posture.”

    By using eSIMs, companies will be able to deploy SIMs to mobile devices without a physical SIM chip since eSIMs use programmable hardware within the device. This eliminates the risk of SIM-swapping attacks or SIM cloning.

    Cloudflare’s solution is an innovative one and should help provide a significant layer of security for organizations that have a remote or BYOD-based workforce.

  • Cloudflare Launches Adaptive DDoS Protection

    Cloudflare Launches Adaptive DDoS Protection

    Cloudflare has launched its latest weapon in the war to protect the internet from bad actors: Adaptive DDoS Protection.

    Cloudflare is one of the leading content delivery networks (CDN), and is at the forefront of cybersecurity. The company has been at the forefront of DDoS protection, helping to thwart some of the biggest attacks in history.

    As part of its ongoing efforts to improve security, Cloudflare has introduced Adaptive DDoS Protection. The new feature coexists with the company’s existing DDoS protection tools but takes it to the next level by learning a customer’s traffic patterns and using that info to add an extra layer of protection.

    “The Adaptive DDoS Protection system creates a traffic profile by looking at a customer’s maximal rates of traffic every day, for the past seven days,” writes Omer Yoachimik, Product Manager / Cloudflare’s DDoS Protection Service. “The profiles are recalculated every day using the past seven-day history. We then store the maximal traffic rates seen for every predefined dimension value. Every profile uses one dimension and these dimensions include the source country of the request, the country where the Cloudflare data center that received the IP packet is located, user agent, IP protocol, destination ports and more.”

    The new feature works out of the box, automatically creating the profiles it needs to function. Customers can then tweak the sensitivity rules, as well as what actions are taken in response.

    “Adaptive DDoS Protection complements the existing DDoS protection systems which leverages dynamic fingerprinting to detect and mitigate DDoS attacks,” Yoachimik adds. “The two work in tandem to protect our customers from DDoS attacks. When Cloudflare customers onboard a new Internet property to Cloudflare, the dynamic fingerprinting protects them automatically and out of the box — without requiring any user action. Once the Adaptive DDoS Protection learns their legitimate traffic patterns and creates a profile, users can turn it on to provide an extra layer of protection.”

    Cloudflare’s goal is nothing short of ending the threat DDoS attacks pose, and its latest feature is a major step in that direction.

  • Cloudflare Outage Takes Out Hundreds of Sites

    Cloudflare Outage Takes Out Hundreds of Sites

    A major outage at content delivery network (CDN) Cloudflare has brought down some of the biggest sites on the web across a range of industries.

    At roughly 3:00 AM ET Tuesday morning, Cloudflare tweeted that they were aware of an issue impacting services. The issues impacted Discord, DoorDash, Fitbit, NordVPN, and Peloton, as well as crypto exchanges OKX and FTX.

    Cloudflare has fixed the issue and explained the outage was the result of a change made in an ongoing effort to improve the resilience of the company’s network. The outage impacted 19 of the company’s data centers.

    A change to the network configuration in those locations caused an outage which started at 06:27 UTC. At 06:58 UTC the first data center was brought back online and by 07:42 UTC all data centers were online and working correctly.

    The company apologized to its customers and assured them steps have been taken to ensure the issue wouldn’t happen again.

    We are deeply sorry for the disruption to our customers and to all the users who were unable to access Internet properties during the outage. We have already started working on the changes outlined above and will continue our diligence to ensure this cannot happen again.

  • The Internet Is Broke: Almost Every Major Site Experiencing Outages

    The Internet Is Broke: Almost Every Major Site Experiencing Outages

    The majority of high-profile sites are experiencing outages Tuesday afternoon, with no indication what the cause is.

    According to DownDetector.com, Google, Google Cloud, Amazon, AWS, Facebook, Instagram, Cloudflare, Spotify, Discord and other are experiencing spikes in reported outages. The reports range from a few hundred to tens of thousands of users.

    It’s still too early to know the precise cause, although some sites are already returning to normal.

  • Meta Adopts AMD EPYC

    Meta Adopts AMD EPYC

    AMD has scored another win over Intel, with Meta (formerly Facebook) choosing the EPYC for its data centers.

    Intel has long had a near-stranglehold on the server and data center market. Even as AMD chipped away at its lead in the desktop market, Intel continued to dominate the server market.

    Recently, however, AMD has been making headway in Intel’s core market, scoring a number of high-profile contracts. Cloudflare chose AMD’s EPYC over Intel’s processors, thanks largely to the higher power efficiency AMD’s chips provide.

    Meta has become the latest company to choose EPYC for its data centers, according to an AMD statement.

    AMD announced Meta is the latest major hyperscale cloud company that has adopted AMD EPYC CPUs. AMD and Meta worked together to define an open, cloud-scale, single-socket server designed for performance and power efficiency, based on the 3rd Gen EPYC processor. Further details will be discussed at the Open Compute Global Summit later this week.

  • Cloudflare Pivots Way From Intel in Next-Gen Servers

    Cloudflare Pivots Way From Intel in Next-Gen Servers

    Cloudflare is the latest company to ditch Intel, announcing it will not be using the company’s processors in its next generation servers.

    Cloudflare’s content delivery network (CDN) and security services are used by some of the biggest names on the web. The company’s servers handle some 25 million HTTP requests every second. As result, Cloudflare chooses the technology it uses very carefully.

    When the company evaluated processors for its 11th generation servers, it evaluated Intel, AMD and the Ampere Altra ARM architecture. Cloudflare found that Intel’s latest Ice Lake Xeon processors matched AMD in performance, but their “power consumption was several hundred watts higher per server – that’s enormous. This meant that Intel’s Performance per Watt was unattractive.”

    In contrast both AMD and Ampere both made the company’s shortlist. Cloudflare ultimate went with AMD’s 64 core EPYC 7713, which provided roughly 29% better performance, while maintaining similar power consumption and thermal levels as the previous generation.

    Cloudflare’s revelation is a blow to Intel as the company is struggling to regain its former dominance in the semiconductor industry.

  • Cloudflare Rolls Out API Abuse Detection

    Cloudflare Rolls Out API Abuse Detection

    Cloudflare, one of the leading content delivery networks, has announced API Discovery and API Abuse Detection.

    Application programming interfaces (APIs) are used by companies in every industry. APIs provide a way for different programs and platforms to communicate with each other or hardware components. Many companies use hundreds, or even thousands, of APIs. Unfortunately, despite their value, APIs can be easily abused.

    Cloudflare is looking to address that issue with two tools: API Discovery and API Abuse Detection.

    API Discovery is designed to help companies keep track of the APIs they have. In some cases, companies have so many that they lose track of them, or easily confuse similar ones.

    API Abuse Detection uses a two-prong approach to detecting abuse: volume and sequence. Based on the estimated volume a company should realistically expect on a given API, Cloudflare can detect when volume is higher than it should be.

    Similarly, an API has a valid sequence of events when it’s used properly. Cloudflare can monitor an API for calls that are out of sequence, a likely indication it’s being abused.

    The new tools are currently available in early access.

  • Internet Companies Launch Initiative In Support of Section 230

    Internet Companies Launch Initiative In Support of Section 230

    Some of the most prominent internet companies have formed the Internet Works coalition to promote Section 230, a key internet law.

    Section 230 of the Communications Decency Act gives companies immunity for content users upload or post on their sites. As a result, companies like Facebook, Twitter and others cannot be held legally liable for an offensive post, picture or the like.

    In recent years Section 230 has come under fire, culminating in President Trump threatening to veto a defense spending bill unless Section 230 is revoked. While President-elect Biden has not weighed in on Section 230 directly, his former top tech advisor has said its time for changes to the law, throwing in question the law’s status even with a change of administration.

    Internet Works, however, is working to help educate lawmakers about the role of the law. Automattic (maker of WordPress), Cloudflare, Dropbox, eBay, Etsy, Glassdoor, GoDaddy, Medium, Nextdoor, Patreon, Pinterest, Reddit, Snap Inc., Tripadvisor, Vimeo and the Wikimedia Foundation are all members of the coalition.

    “These well-known internet companies and nonprofits launched Internet Works to elevate the voice of stakeholders across the digital economy and work with policymakers to preserve the benefits of Section 230, the foundational internet law that enables the United States to lead the world in innovation and robust job growth in the technology sector,” said Josh Ackil, Spokesperson for Internet Works. “Internet Works members rely on CDA 230 to make their platforms safe for users and support free expression. This coalition brings new voices and diverse perspectives to Washington’s current Section 230 debate, which too often focuses on the largest internet platforms.”

    The wide range of companies making up the coalition illustrates the far-reaching impact of Section 230. While many think of social media platforms as the primary beneficiaries of the law, companies like Dropbox also benefit. As a cloud storage provider, should Dropbox be liable for whatever a customer chooses to use that storage for? If Dropbox should be liable, then what measures should they be expected to take to verify the content they host? What privacy protections will customers be able to expect, or not expect, as a result of those measures?

    Whatever happens with Section 230, it’s clear there are significant challenges to addressing the problems of a modern internet.

  • Cloudflare, Apple and Fastly Create Improved, Private DNS

    Cloudflare, Apple and Fastly Create Improved, Private DNS

    Engineers from Cloudflare, Apple and Fastly have worked together to create an improved DNS protocol that protects user privacy.

    DNS is the backbone of the internet, responsible for mapping domain names (such as WebProNews.com) to the IP addresses where the site and its content resides. Unfortunately, because the internet was conceived and designed at a time when security was not a big concern, DNS queries are sent in clear text. This means it is relatively easy to intercept DNS traffic and see what site a person is trying to reach, as well as the IP address of the device they’re using.

    There have been attempts to address this security issue, including DNS over HTTPS (DoH) and DNS over TLS (DoT). Both of these upgrades, however, rely on an ISP, or similar company, responsible for resolving the DNS queries. As a result, there is still a potential trust issue, as the DNS resolving entity can still see the DNS queries.

    This is where Cloudflare, Apple and Fastly’s work comes into play. The three companies have announced the creation a new protocol: Oblivious DNS over HTTPS (ODoH). This new protocol is designed to separate the client from the DNS resolver, providing total privacy and anonymity.

    “ODoH is a revolutionary new concept designed to keep users’ privacy at the center of everything,” says Michael Glynn, Vice President, Digital Automated Innovation, PCCW Global. “Our ODoH partnership with Cloudflare positions us well in the privacy and ‘Infrastructure of the Internet’ space. As well as the enhanced security and performance of the underlying PCCW Global network, which can be accessed on-demand via Console Connect, the performance of the proxies on our network are now improved by Cloudflare’s 1.1.1.1 resolvers. This model for the first time completely decouples client proxy from the resolvers. This partnership strengthens our existing focus on privacy as the world moves to a more remote model and privacy becomes an even more critical feature.”

    ODoH is an important step forward in privacy and security, and will hopefully see fast and widespread adoption.

  • Comcast Joins Mozilla’s Secure Browsing Initiative

    Comcast Joins Mozilla’s Secure Browsing Initiative

    Comcast has become the first ISP to join Mozilla’s initiative and “provide Firefox users with private and secure encrypted Domain Name System (DNS) services through Mozilla’s Trusted Recursive Resolver (TRR) Program.”

    Mozilla has been one of the companies on the forefront of protecting user privacy. One of the areas they have been focusing on is encrypting DNS traffic, which helps protect browsing activity from collection, interception or manipulation. For this to work, however, it requires partner companies to agree to standard rules about how data is collected, protected and used.

    While companies like Cloudflare and NextDNS have signed on to Mozilla’s TRR Program, Comcast is the first ISP to sign on.

    “We’re proud to be the first ISP to join with Mozilla to support this important evolution of DNS privacy. Engaging with the global technology community gives us better tools to protect our customers, and partnerships like this advance our mission to make our customers’ internet experience more private and secure,” said Jason Livingood, Vice President, Technology Policy and Standards at Comcast Cable.

    “Comcast has moved quickly to adopt DNS encryption technology and we’re excited to have them join the TRR program,” said Eric Rescorla, Firefox CTO. “Bringing ISPs into the TRR program helps us protect user privacy online without disrupting existing user experiences. We hope this sets a precedent for further cooperation between browsers and ISPs.”

    This is good news for Comcast and Firefox users. Hopefully Comcast won’t be the last ISP to sign on with Mozilla’s TRR Program.

  • Cloud Company CloudFlare Acquires Browser Company S2 Systems

    Cloud Company CloudFlare Acquires Browser Company S2 Systems

    BizJournal is reporting that CloudFlare, after recently raising $525 million in its IPO, has purchased S2 Systems.

    CloudFlare is a web infrastructure and security company and “is one of the world’s largest networks.” The CloudFlare service “protects websites from all manner of attacks, while simultaneously optimizing performance.” CloudFlare allows websites to scale with demand and ensures high performance with data centers in 200 cities around the world.

    S2 creates browser isolation technology. This is a relatively new approach to browser security “that allows customers to launch browser code in the cloud rather than users’ devices. This technology is designed to be more secure.” As a result, if there is malicious code, the customer’s computers are insulated from the potential attack.

    The purchase is a logical addition to CloudFlare’s suite of security tools, and the company had been looking for some time at adding the capability. According to BizJournal, the company had approached a number of startups, as well as Symantec, to explore different options. S2 was the only one that the right blend of performance and security.

    “They have a similar culture and outlook as us. We have an engineering-driven culture where we like to tackle big hard tasks. I think that resonated with S2. We also are interested in making the Internet more accessible to the other half of the world who does not have it. This is part of our larger vision that we share,” CEO Matthew Prince told BizJournal’s Dawn Kawamoto.

    In spite of this acquisition, Prince said the company does not plan to go on a purchasing spree, preferring home-grown solutions.