Standing up for the open Internet: why we appealed Italy’s “Piracy Shield” fine

At Cloudflare, our mission is to help build a better Internet. Usually, that means rolling out new services to our millions of users or defending the web against the world’s largest cyber attacks. But sometimes, building a better Internet requires us to stand up against laws or regulations that threaten its fundamental architecture.

Last week, Cloudflare continued its legal battle against "Piracy Shield,” a misguided Italian regulatory scheme designed to protect large rightsholder interests at the expense of the broader Internet. After Cloudflare resisted registering for Piracy Shield and challenged it in court, the Italian communications regulator, AGCOM, fined Cloudflare a staggering €14 million (~$17 million). We appealed that fine on March 8, and we continue to challenge the legality of Piracy Shield itself. 

While the fine is significant, the principles at stake are even larger. This case isn't just about a single penalty; it’s about whether a handful of private entities can prioritize their own economic interests over those of Internet users by forcing global infrastructure providers to block large swaths of the Internet without oversight, transparency, or due process.

What is Piracy Shield?

To understand why we are fighting this, it’s necessary to take a step back Continue reading

netlab Graphs with Multi-Access Links

A netlab user wanted to create a nice-looking topology graph from a simple topology connecting a few devices to a broadcast (multi-access) link. I don’t have his exact topology, so we’ll use this one (skipping the details like setting device types)

nodes: [ r1, r2, h1, h2 ]

links:
- r1-r2
- interfaces: [ r1, r2, h1, h2 ]

This is what GraphViz generates based on netlab’s description of the lab topology:

Read more …

Profil Wu Jingyu, Atlet Taekwondo Tiongkok Paling Dominan di Olimpiade

Wu Jingyu dikenal sebagai atlet taekwondo Tiongkok paling sukses sepanjang sejarah. Ia membangun reputasi global melalui kecepatan, ketepatan, dan mental juara. Selain itu, Wu Jingyu menginspirasi generasi muda lewat dedikasi dan konsistensi. Oleh karena itu, namanya selalu muncul dalam pembahasan taekwondo dunia.

Sejak awal karier, Wu Jingyu menunjukkan bakat luar biasa. Ia berlatih keras dan fokus pada detail teknik. Dengan demikian, ia mampu bersaing di level internasional. Bahkan, ia mendominasi kelas -49 kg putri selama bertahun-tahun.

Profil Singkat Wu Jingyu

Wu Jingyu lahir di Jingdezhen, Jiangxi, pada 23 Maret 1987. Ia mulai mengenal taekwondo sejak usia remaja. Selanjutnya, ia bergabung dengan sistem pelatnas Tiongkok. Di sana, ia menempa kemampuan fisik dan mental secara intensif.

Sebagai atlet, Wu Jingyu terkenal disiplin. Ia menjaga kondisi fisik, pola makan, dan fokus mental. Oleh sebab itu, performanya tetap stabil dalam tekanan tinggi. Selain itu, ia selalu mempelajari gaya lawan sebelum bertanding.

Perjalanan Karier Internasional

Karier internasional Wu Jingyu berkembang pesat. Ia meraih gelar dunia dan Olimpiade secara konsisten. Dengan kata lain, Continue reading

Honda Prelude: Coupe Legendaris dengan Performa dan Desain Ikonik

Honda Prelude merupakan coupe legendaris yang mencerminkan inovasi, performa, dan karakter sporty khas Honda. Sejak awal kemunculannya, mobil ini langsung menarik perhatian penggemar otomotif dunia. Selain itu, Honda Prelude menghadirkan keseimbangan antara kenyamanan, teknologi, dan pengendalian presisi. Oleh karena itu, banyak kolektor hingga pecinta JDM masih memburunya hingga sekarang.

Sejarah Honda Prelude yang Menginspirasi

Honda pertama kali memperkenalkan Honda Prelude pada tahun 1978. Saat itu, Honda ingin menciptakan coupe sporty dengan teknologi modern. Selanjutnya, Prelude berkembang melalui lima generasi berbeda. Setiap generasi membawa peningkatan desain, mesin lebih bertenaga, dan fitur canggih.

Selain itu, Prelude menjadi pelopor teknologi four wheel steering pada era 1980-an. Teknologi ini meningkatkan stabilitas saat menikung. Oleh sebab itu, Honda Prelude dikenal sebagai mobil yang menyenangkan untuk dikendarai. Bahkan, banyak jurnalis otomotif memuji keseimbangan sasisnya.

Desain Eksterior yang Sporty dan Elegan

Dari segi visual, Honda Prelude selalu tampil menawan. Garis bodinya terlihat aerodinamis dan tegas. Selain itu, lampu depan pop-up pada Continue reading

Worth Reading 031526


As malicious domains continue to pose a threat across the Internet, security professionals are left to consider the measures that can effectively defend their organizations from these threats.

 


Right now, a growing chorus is treating India’s “lock and suspend” approach as a success story and a model for the world.

 


On the last day of December 2016 there was a brief hiccup as the world’s clocks adjusted their time according to the Coordinated Universal Time (UTC) standard by adding an extra second to the last minute of the 31st of December.

 


For the past decade, Docker has provided a robust solution for building, shipping, and sharing applications. But behind its simple “build and run” workflow lie many years of complex technical challenges.

 


AI assistants that produce drawings and other output that looks like evidence reduce questioning without increasing correctness.

Network Device Telemetry Protocols with Dinesh Dutt

Whenever I’m ranting about vendors changing their data models or APIs with every other release, there is inevitably a vendor engineer chiming in, saying, “Life would be so much better if the customers wouldn’t insist on doing screen scraping for the last 50 years.”

While some of that screen scraping is pure inertia, we sometimes have good reasons to do it rather than use protocols like NETCONF, gNMI, or protobufs. In Episode 205 of Software Gone Wild, I’m discussing some of those reasons and exploring the gap between vendor theory and reality with Dinesh Dutt, who is unlucky enough to have become the world’s foremost expert on crappy network telemetry.

Listen to the podcast

From legacy architecture to Cloudflare One

For a network engineer, the cutover weekend is often the most stressful 48 hours of their career. Imagine a 30,000-user organization attempting to flip 1,000+ legacy applications from fragmented VPNs to a new architecture in a single window. The stakes are immense: a single misconfigured firewall rule or a timed-out session can halt essential services and lead to operational gridlock.

This "big bang" migration risk is the single greatest barrier to Zero Trust adoption. Organizations often feel trapped between an aging, vulnerable infrastructure and a migration process that feels too risky to attempt.

Cloudflare and Technology Solutions Provider CDW are changing this narrative. We believe that a successful transition to SASE (Secure Access Service Edge) shouldn't feel like a leap into the dark. By combining Cloudflare’s global Zero Trust platform with CDW’s experience navigating the industry’s most complex deployment failures, we provide the strategic roadmap to de-risk the journey. We don't just move your "plumbing" — we ensure your legacy debt is transformed into a modern, agile security posture without the downtime.

Leveraging partner expertise to avoid migration traps

Traditional migrations often fail because they treat the network as simple plumbing rather than a complex ecosystem of applications. Without a Continue reading

LIU010: Personal, Technical, and Slightly Unhinged: Listener Q&A

Kevin and Alexis take a break from their regular interviews to answer your questions! Join them for an unfiltered, wide-ranging discussion including the value of certifications, online learning pros and cons, how networking engineering jobs are changing, how to maintain a healthy work-life balance, and more. AdSpot Sponsor: Statseeker Statseeker gives engineers near real-time performance... Read more »

NetFlow/sFlow Monitoring in AI Environments

aadIf you’ve spent time supporting AI infrastructure, whether that’s a GPU training cluster, a fleet of inference nodes, or a multi-tenant model serving platform, you’ve probably noticed something: the network telemetry tools that served you well in a traditional data center feel slightly out of place here. Not useless. Just not quite designed for this.

The traffic patterns are different. The failure modes are different. The things you need to catch early are different. And if you’re running NetFlow or sFlow collection – which you should be – understanding where that data genuinely helps versus where you’re looking at the wrong instrument is the difference between a useful monitoring stack and a false sense of coverage.

Why AI Traffic Is Different

Most of the networking intuition you’ve built over a career was forged on north-south traffic – clients reaching services, users reaching the internet, workloads reaching storage. Even in modern microservices environments with heavy east-west traffic, flows are relatively short-lived, heterogeneous in size, and largely TCP-based with normal congestion dynamics.

AI training breaks most of those assumptions simultaneously.

A distributed training job across a GPU cluster is synchronous in a way that most networked workloads are not. Every GPU in Continue reading

IPv4 ECMP Works on Arista cEOS Release 4.35.2F

When I wrote about the anycast-ECMP-in-MPLS behavior in 2011, I had to use Cisco IOS to prove that ECMP worked, since Arista cEOS (running the Linux kernel for IP forwarding) didn’t install more than one equal-cost path into the Linux forwarding table.

Arista cEOS got better in the meantime; IPv4 ECMP works like a charm on cEOS release 4.35.02F. With the same lab topology I’d used in 2021, I was able to see the traffic spread across multiple nodes:

Read more …

Announcing Cloudflare Account Abuse Protection: prevent fraudulent attacks from bots and humans

Today, Cloudflare is introducing a new suite of fraud prevention capabilities designed to stop account abuse before it starts. We've spent years empowering Cloudflare customers to protect their applications from automated attacks, but the threat landscape has evolved. The industrialization of hybrid automated-and-human abuse presents a complex security challenge to website owners. Consider, for instance, a single account that’s accessed from New York, London, and San Francisco in the same five minutes. The core question in this case is not “Is this automated?” but rather “Is this authentic?” 

Website owners need the tools to stop abuse on their website, no matter who it’s coming from.

During our Birthday Week in 2024, we gifted leaked credentials detection to all customers, including everyone on a Free plan. Since then, we've added account takeover detection IDs as part of our bot management solution to help identify bots attacking your login pages. 

Now, we’re combining these powerful tools with new ones. Disposable email check and email risk help you enforce security preferences for users who sign up with throwaway email addresses, a common tactic for fake account creation and promotion abuse, or whose emails are deemed risky based on email patterns Continue reading

1 2 3 4 3,855