Nearly every website today seems to be hosted behind Cloudflare which is really concerning for the future of privacy on the internet.
Cloudflare no doubt logs, stores, and correlates network telemetry that can be used for a wide array of deanonymization attacks. Not only that, but Cloudflare acts as a man-in-the-middle for all encrypted traffic which means that not even TLS will prevent Cloudflare from snooping on you. Their position across the internet also lends them the ability to conduct netflow and traffic correlation attacks.
Even my proposed solution to use archive.org as a proxy is not a valid solution since I found out today that archive.org is also hosted behind Cloudflare… edit: i was wrong
So what options do we even have? What privacy concerns did I miss, and are there any workaround solutions?
What do you mean by “at those levels”? You seem to imply Cloudflare’s abuse is not vastly harmful.
CF ruins Tor, VPNs, discriminates against poor people behind CGNAT, and people who look like bots because they don’t load images. You don’t even get basic protection from IP disclosure. CF sees all traffic on most of their sites, including usernames and unhashed passwords. The OP’s demand is reasonable. The demand that everyone partake in such reckless disclosure to a single gatekeeper running a private walled-garden is not reasonable. Cloudflare has removed the minimum baseline of security that everyone used to have and failed to achieve even a low level of privacy.