felaktig.[info]

As seen on reddit. CloudFlare's 1.1.1.1 public DNS manually manipulates the .org zone for its users, setting a scary precedent.

This is a list I wrote about a year ago, but it's still accurate:

• It's not really free. It's like a drug dealer “First ones free”.
• Shared SSL certificates
• Forced to use Comodo for SSL. Comodo's CEO is a sleazebag.
• Can't use Let's Encrypt for SSL
• Can't use your own SSL
• Decrypts SSL traffic, breaking End-To-End Encryption.
• Cooperates with tyrannical governments
• Provides services to terrorists, child pornographers, and so on
• Has no “vetting” process for new customers
• Does not protect your website from hacking
• Doesn't provide any value to 99% of websites
• Cloudflare's CEO is an ego-maniac who believes he controls the entire internet.

More details on SSL decryption:

Keyless SSL requires that Cloudflare decrypt, inspect and re-encrypt traffic > for transmission back to a customer’s origin.''

Source: https://www.cloudflare.com/ssl/keyless-ssl/

By doing that, Cloudflare is violating the trust between users and server operators and making the SSL certificate itself worthless. A website cannot be considered “Secure” if the traffic is decrypted by a man in the middle.