The glossary entry on warrant canaries is dated December 2020, but there is a more recent canary list in their 2022 transparency report (<a href="https://www.cloudflare.com/en-au/transparency/" rel="nofollow noreferrer">https://www.cloudflare.com/en-au/transparency/</a>) with the same 6 items in it.<p>Bizarre they appear to have skipped the H2 2022 transparency report unless I’m missing something
Maybe I’m just getting old and distracted, but I feel like CloudFlare went from “whoa some HN pros are doing great CDN work with some serious chops and an underdog work ethic” to “is it possible to never connect to them” like, really fast.
I love cloudflare, but honestly I assumed they WERE the CIA/FBI not just compromised by them. It would be the perfect front company for the government.
Warrant canaries are largely believed to be unworkable. Ie federal lawyers are going to say "cute, but no, you cannot disclose that we warranted you in this or any other way."
Is there a point to a company as large as Cloudflare even having a warrant canary? Half the internet goes through their servers. <i>Of course</i> the US government had or has hooks in them for something or other.
What is the language around the non-disclosure order? There seems to be speculation that a warrant canary would be construed the same as a disclosure, but are you required to not inform the concerned party, or required to not disclose law enforcement contacting you at all?<p>From a practical perspective I don't imagine that cloudflare removing a canary could give any one organization a signal - I don't know what the bar for a 'disclosure' is but informally I would not consider it a targeted specific warning.<p>EDIT: the other component I am curious about is duration, there is still utility in the canary even if it comes late, future users will know that there was a compromise and that further ones are likely, right?
It's weird to me people think warrants are still used.<p>No warrant is needed by any government agent to read your email that is over six months old and the major providers just give them a backdoor so as not to waste any time/money with requests.<p>Who is going to stop them from doing that with anything else? The supreme court? Good luck with that belief system. You think the NSA ever stopped just because they were discovered? Or did they just switch to "try to stop us".
So what's stopping these people that claim to be so righteous by using canaries from lying to you? Anyhow the ISPs and internet backbones are all tapped as many whistle-blowers have already revealed.