MITM on forum.qbittorrent.org

[spirillen]

qBittorrent & operating system versions

I don't know what servers you have setup, bit CloudFlare are among other using nginx to harvest your first, second and third born child

What is the problem?

Your web forum is attacked by MITM

Steps to reproduce

See above

Additional context

Your website is insecure and unencrypted and all data is harvested by CloudFlare and this mean ALL visitors data and not only tracking cookies and other sites they visited, is is also including login/password, cc etc.

Log(s) & preferences file(s)

None

[spirillen]

Your other domain is also under MITM attack

https://www.qbittorrent.org/?__cf_chl_rt_tk=_mH9864zIUbbhmAxu5_2ZpfTa0V.5ohH2tm11Xdbso0-1705158631-0-gaNycGzNC5A

This means nobody:nobody can read your websites...

Becarful out there, all your online attivities are collected by CloudFlare if you visit any of these domains

[ex-hentai]

Hi, sir. I noticed that you are using liberapay.com and ko-fi.com to receive donations, and both of the sites are hosted under CloudFlare. From what you are trying to state, that all your money is being collected by CloudFlare.

[sledgehammer999]

@spirillen In all seriousness, I don't understand the problem the way you describe it. Can you explain the issue more and better?

[spirillen]

Do you even know how HTTPS works?

Do you? Do you even know that CloudFlare are decrypting the connection before parsing it a long to what ever backend? encrypted or not?

---

In all seriousness, I don't understand the problem the way you describe it

No?? really?

That scares me a lot, TBH, if a connection is decrypted, is the line then encrypted? are data then secured by end-to-end encryption, securing you data between you and the domain?

You should the read these two articles on !W

• https://en.wikipedia.org/wiki/Man-in-the-middle_attack
• https://en.wikipedia.org/wiki/Meet-in-the-middle_attack

---

using liberapay.com and ko-fi.com

Couldn't agree more with you @ex-hentai bit do you know of an alternative?

[sledgehammer999]

@spirillen I know what MITM attack is. I don't understand what is it that you show in the url/screenshot. Is your whole issue that we use cloudflare?

[spirillen]

that CF censoring everybody me included and yes, I'm not going to give them any of my data.

CG is blacklisted here, so can only access via tor, but that is just as censored as anyone else.

Conclusion: Yes You have a big issue by using CF, the are blocking access to your sites in mire than one way.

[stevefan1999-personal]

that CF censoring everybody me included and yes, I'm not going to give them any of my data.

CG is blacklisted here, so can only access via tor, but that is just as censored as anyone else.

Conclusion: Yes You have a big issue by using CF, the are blocking access to your sites in mire than one way.

We have no direct evidence CF is unpacking packets and performing MITM/Replay attacks. For me, a long-standing CF customer, also have the option to have my TLS connection on my own endpoint with my own CA, proxied, which is the Flexible Mode.

There are at least no offloading from the server side to client side unless they also store both side TLS state on the proxy as well but that would take a lot of resource to do so, so I doubt they will.

If you really care that much about privacy, stop using GitHub because this is a Microsoft-controlled entity. And Microsoft is known to be one of the worst privacy offender in the tech industry.

So, either soak yourself in multiple layers of SOCKS proxy, go use QubesOS and hide yourself over in The Onion Network or I2P, or simply go off the grid. Both have their own respective price to pay but at least those choices are not so hypocritic as you do right here.

[sledgehammer999]

Tor users having issues with CloudFlare is a known issue, because of the ddos protection it offers.

This has nothing to do with a MITM attack and I am closing it as invalid.