Context: last year LaLiga (top-level Spanish football league) obtained a court order compelling Spanish ISPs to block certain IPs during football matches, as those IPs have been associated with illegal streams of live matches. Many of those IPs are shared Cloudflare IPs, with the result being many legitimate sites become unavailable in Spain during LaLiga matches
Personally, myself I have been greatly impacted by this measures. Several services of mine were unavailable because LaLiga said so. No notification, no justification, they block and that's all. It has been a shame since the beginning.
It was. La Liga isn’t satisfied with the response time of Cloudflare. Cloudflare would not commit to content being taken down during while the match is still going.
La Liga wants to be able to point to a URL hosted by Cloudflare and demand it taken down that instant while the match is still on. It would require dedicated staff at Cloudflare to deal with La Liga stream takedowns.
Presumably the Cloudflare network resources in question were not located in Spain and thus not under Spanish jurisduction. Or even if they were, it may be procedurally simpler for the Spanish government to compel ISPs to block IPs.
On the one hand, I would tend to agree that making things painful enough might force people to stop ignoring and improve things. On the other, after seeing waves hands at everything since 2016 makes me very skeptical of accelerationism: sometimes things just get worse and worse, there's no bottom to bounce from. Or maybe we just never really hit rock bottom?
Given much of the internet today, I'm not sure if a pan-EU level blocklist on all of cloudflare (damaging as that would be) would even be worse than the status-quo, let alone rock bottom.
The bottom is just so much farther down than we remember. Tremendous progress was made in the 20th century, particularly in the aftermath of WWII, and we've kind of just been coasting on it for 50 years.
What other provider than Cloudflare is out there that offers the things Cloudflare does? Why are people not already switching to them if they are available?
Telefonica, the telecom company who bought the rights of LaLiga and btained the judgement against cloudflare IPs, sells some of those services through its business services branch.
One of the things that so often gets lost in politics is the concept of a stopping principle. If you know you want to do X, be it "enforce traffic tickets", "spend money chasing drug trafficking", or anything else, you really ought to be able to articulate some sort of stopping principle where you stop pouring the resources in. Maybe the problem is adequately solved. Maybe the further resources don't justify the tiny incremental change. Maybe the intrusion on liberty starts to overwhelm the benefits. Something. Otherwise you just end up going farther and farther down the road with no idea when to stop.
These IP blocks don't seem to come with a stopping principle. They were large and growing, and inevitably more and more entities were going to say "Hey, if that company is large enough to flip the switch to protect their assets then I'm large enough for that too!" and the obvious and inevitable stopping point was 100% blockage.
Taken to its logical conclusion, and I do mean "logical" and not "rhetorically overblown for effect", this comes perilously close to just declaring that the value of the Internet is so net negative due to piracy that it should just be shut down in Spain. If that's true during certain sports matches it's already not far from being true for lots of other things too. This was leading in an obviously-economically-untenable direction.
1000%
I got legit Cloudflare Workers Anycast IPs that I was using for websockets blocked.
I also got blocked from using RustDesk.
It's been crazy. As this happens intermittently. I had to set up a tailscale exit node in one of my servers to circumvent this crap. I lost several days and called Vodafone (ISP) to understand what was going on.
I suffer from LaLiga's filter, but I am more interested if it'll help with latency/speed. Have you noticed any different when using WARP vs. without it regarding Internet speed?
I'm interested in how those conversations went between the LaLiga and Cloudflare that convinced them to do this. I know I'm not Cloudflare, but if a company (any company) came to me demanding blocking IP ranges according the their schedule that would require a bunch of work on my end to make it happen, there's going to be a lot of push back. It'd take a dump truck load of money to make that happen.
No conversation at all needed to happen. LaLiga got a court order. The order specifically stated that if LaLiga flag your IP address, the internet providers in Spain must block it during the match. Cloudflare have nothing to do with it.
Who could have forseen, that LaLiga would end up abusing this system!?
That's not how this worked. Cloudflare was not involved at all. Spanish ISPs were ordered by Spanish courts to block their customers from accessing specific IP addresses.
We actually had to revert our rollout of CF Workers because enough of our users were in Spain and couldn’t access endpoints at seemingly arbitrary times (due to the matches)
They are only seemingly arbitrary to people that are not actually paying attention. Now that people are, the blocks are known in advance to those that look at a the schedule. Sure, it sucks to have to build this into your own schedule, but that's better than it happening "unexpectedly". You could do something crazy like import these times into your own calendar with reminders.
Absolutely ridiculous to make people do that. What you're proposing is not a real solution. The real solution is to not block wide IP ranges at the random desire of some private football league.
I understand organizations as LaLiga wanting more money but massive IP blockage seems quite unfair, effective maybe but unfair so this news does not come as a surprise.
Who says it's effective? The pirate streams still go up every game, as far as people report here. They can just change their ips or hosts occasionally.
It's the honest businesses who probably won't go through the effort of evading the block every time.
I'm torn on this. It always should have gone through the courts, but the fact is that cloudflare are providing access to illegal content and not doing anything about it.
They were left with two choices if Cloudflare refuse to act. Either accept it (oh well, too big to fail), or block them.
I dislike what is happening but I kind of like that they don't care about the size of Cloudflare and hold them as accountable as they would a small hosting company in Belarus. Blocking entire ranges due to illegal content isn't exactly new, the scale is new.
Again though, I really dislike that it isn't going through the legal system
> the fact is that cloudflare are providing access to illegal content
Why make CloudFlare ultimately responsible though? There are lots of companies between users and the servers providing pirated content. Cloudflare is just one step in the whole chain. Why not eg block Google Chrome?
In any case, blocking Cloudflare was a stupid thing to do. Especially because it didn't anything to solve the actual problem.
Because they own the IPs that pirates are connecting to which makes it relevant for those IPs to be blocked. They are the easiest IPs to find since you can just resolve the domain of the piracy site.
It's unreasonable to expect cloudflare etc to be able to proactively identify legal vs illegal streams. The companies who own the copyrights can't even get that right much less a third party that has no idea if a stream is licensed.
Cloudflare can assign IPs based off customer reputation. High risk customers get high risk IPs. This way legitimate businesses stay on IPs that don't get blacklisted and sketchier businesses go on high risk IPs before they potentially get banned.
How much of a responsibility should the provider have to scan what they're hosting and proactively make a judgment on whether they should block it or not?
What you need is some form of - European - megacorp getting hurt by this and going after LaLiga for a ridiculously huge, LaLiga-destroying amount of money.
Context: last year LaLiga (top-level Spanish football league) obtained a court order compelling Spanish ISPs to block certain IPs during football matches, as those IPs have been associated with illegal streams of live matches. Many of those IPs are shared Cloudflare IPs, with the result being many legitimate sites become unavailable in Spain during LaLiga matches
https://cybernews.com/news/spain-laliga-streaming-piracy-cam...
Personally, myself I have been greatly impacted by this measures. Several services of mine were unavailable because LaLiga said so. No notification, no justification, they block and that's all. It has been a shame since the beginning.
Maybe someone can explain, but I don't understand why such an order isn't applied to cloudflare themselves?
It was. La Liga isn’t satisfied with the response time of Cloudflare. Cloudflare would not commit to content being taken down during while the match is still going.
La Liga wants to be able to point to a URL hosted by Cloudflare and demand it taken down that instant while the match is still on. It would require dedicated staff at Cloudflare to deal with La Liga stream takedowns.
Presumably the Cloudflare network resources in question were not located in Spain and thus not under Spanish jurisduction. Or even if they were, it may be procedurally simpler for the Spanish government to compel ISPs to block IPs.
The state hasn't setup processes to enable that. It will happen
I fervently hope that no one manages to obtain a similar judgment at the pan-EU level, that would be a disaster.
I actually hope they do. this will force a proper reckoning about the situation and maybe a proper fix.
On the one hand, I would tend to agree that making things painful enough might force people to stop ignoring and improve things. On the other, after seeing waves hands at everything since 2016 makes me very skeptical of accelerationism: sometimes things just get worse and worse, there's no bottom to bounce from. Or maybe we just never really hit rock bottom?
Given much of the internet today, I'm not sure if a pan-EU level blocklist on all of cloudflare (damaging as that would be) would even be worse than the status-quo, let alone rock bottom.
The bottom is just so much farther down than we remember. Tremendous progress was made in the 20th century, particularly in the aftermath of WWII, and we've kind of just been coasting on it for 50 years.
Accelerationism was always a terrible idea.
Eventually, some apparatchik will try to access pornhub during a sports match and fail, it'll resolve the issue quickly
At that scale, it might make Cloudflare customers reconsider their affiliations. It might not be as terrible.
By affecting only Spain, the impact is too small for most websites to care.
What other provider than Cloudflare is out there that offers the things Cloudflare does? Why are people not already switching to them if they are available?
Telefonica, the telecom company who bought the rights of LaLiga and btained the judgement against cloudflare IPs, sells some of those services through its business services branch.
To say that Telefonica offers even remotely the same services and features that Cloudflare does is a lie at best.
Akamai is the OG Cloudflare, just not as cool.
Yes, trusting Cloudflare to be the arbiter of the internet will work out great.
Just as trying to make social media be the arbiter of speech...
If they compelled Cloudflare to do so, what makes you think they couldn't compel whatever provider those customers then switch to?
One of the things that so often gets lost in politics is the concept of a stopping principle. If you know you want to do X, be it "enforce traffic tickets", "spend money chasing drug trafficking", or anything else, you really ought to be able to articulate some sort of stopping principle where you stop pouring the resources in. Maybe the problem is adequately solved. Maybe the further resources don't justify the tiny incremental change. Maybe the intrusion on liberty starts to overwhelm the benefits. Something. Otherwise you just end up going farther and farther down the road with no idea when to stop.
These IP blocks don't seem to come with a stopping principle. They were large and growing, and inevitably more and more entities were going to say "Hey, if that company is large enough to flip the switch to protect their assets then I'm large enough for that too!" and the obvious and inevitable stopping point was 100% blockage.
Taken to its logical conclusion, and I do mean "logical" and not "rhetorically overblown for effect", this comes perilously close to just declaring that the value of the Internet is so net negative due to piracy that it should just be shut down in Spain. If that's true during certain sports matches it's already not far from being true for lots of other things too. This was leading in an obviously-economically-untenable direction.
Finally. The situation is ridiculous and afaik it really didn't do anything to solve the piracy problem.
1000% I got legit Cloudflare Workers Anycast IPs that I was using for websockets blocked.
I also got blocked from using RustDesk.
It's been crazy. As this happens intermittently. I had to set up a tailscale exit node in one of my servers to circumvent this crap. I lost several days and called Vodafone (ISP) to understand what was going on.
That's when I read Reddit and saw that crap.
I don't think RustDesk was hit by this. If you weren't able to access it two weeks ago, it was due to an outage on their end: https://github.com/rustdesk/uptime/issues/53
I’m suprised no one has sued over it, some sort of class action.
Who would you sue? The courts?
Love the hypocrisy (my IP is blocked):
403 ERROR The request could not be satisfied. Generated by cloudfront (CloudFront)
Finally. For anyone affected by this, I have been using Clouflare WARP successfully to bypass this block.
I hadn't heard about Cloudflare WARP. Found this Reddit thread with questions/comments I also had, https://www.reddit.com/r/CloudFlare/comments/ldejnt/how_is_c..., and also what I think is CF's main website for WARP info, https://one.one.one.one/ (which I must confess I had never head even though I use 1.1.1.1).
I suffer from LaLiga's filter, but I am more interested if it'll help with latency/speed. Have you noticed any different when using WARP vs. without it regarding Internet speed?
Thanks!
I'm interested in how those conversations went between the LaLiga and Cloudflare that convinced them to do this. I know I'm not Cloudflare, but if a company (any company) came to me demanding blocking IP ranges according the their schedule that would require a bunch of work on my end to make it happen, there's going to be a lot of push back. It'd take a dump truck load of money to make that happen.
No conversation at all needed to happen. LaLiga got a court order. The order specifically stated that if LaLiga flag your IP address, the internet providers in Spain must block it during the match. Cloudflare have nothing to do with it.
Who could have forseen, that LaLiga would end up abusing this system!?
Cloudflare are very much pushing back: https://www.laliga.com/en-GB/news/official-statement-in-rela...
I thought the government just forced their ISPs to block. Was CF involved at all?
It wasn’t a conversation. It was a court order.
That's not how this worked. Cloudflare was not involved at all. Spanish ISPs were ordered by Spanish courts to block their customers from accessing specific IP addresses.
Cloudflare are apparently not involved. It's an order against local ISPs to block Cloudflare.
hope that doesn't end on "monitoring the situation" and doing nothing. entire cloudflare IP blocks are being blocked, even on work days
We actually had to revert our rollout of CF Workers because enough of our users were in Spain and couldn’t access endpoints at seemingly arbitrary times (due to the matches)
They are only seemingly arbitrary to people that are not actually paying attention. Now that people are, the blocks are known in advance to those that look at a the schedule. Sure, it sucks to have to build this into your own schedule, but that's better than it happening "unexpectedly". You could do something crazy like import these times into your own calendar with reminders.
Absolutely ridiculous to make people do that. What you're proposing is not a real solution. The real solution is to not block wide IP ranges at the random desire of some private football league.
Your customers should be proper Spaniards and be watching the match, hence not noticing the downtime! /s
Your answer is better than mine
Great, this means Telefonica reliability goes from zero nines to still below zero nines.
Joining a select club that includes GitHub and Anthropic yay
Nah, those two have a proud one nine of reliability. It just feels like it must be less when you eat every single outage to your face.
The lofty .88889
So politically speaking how influential is LaLiga compared to other nation's football leagues, or America's largest sports leagues?
I understand organizations as LaLiga wanting more money but massive IP blockage seems quite unfair, effective maybe but unfair so this news does not come as a surprise.
Who says it's effective? The pirate streams still go up every game, as far as people report here. They can just change their ips or hosts occasionally.
It's the honest businesses who probably won't go through the effort of evading the block every time.
It's been going on for a while, but a couple of weeks ago they announced it would be expanded to other sports, that's probably why
I'm torn on this. It always should have gone through the courts, but the fact is that cloudflare are providing access to illegal content and not doing anything about it. They were left with two choices if Cloudflare refuse to act. Either accept it (oh well, too big to fail), or block them.
I dislike what is happening but I kind of like that they don't care about the size of Cloudflare and hold them as accountable as they would a small hosting company in Belarus. Blocking entire ranges due to illegal content isn't exactly new, the scale is new.
Again though, I really dislike that it isn't going through the legal system
> the fact is that cloudflare are providing access to illegal content
Why make CloudFlare ultimately responsible though? There are lots of companies between users and the servers providing pirated content. Cloudflare is just one step in the whole chain. Why not eg block Google Chrome?
In any case, blocking Cloudflare was a stupid thing to do. Especially because it didn't anything to solve the actual problem.
Because they own the IPs that pirates are connecting to which makes it relevant for those IPs to be blocked. They are the easiest IPs to find since you can just resolve the domain of the piracy site.
It's unreasonable to expect cloudflare etc to be able to proactively identify legal vs illegal streams. The companies who own the copyrights can't even get that right much less a third party that has no idea if a stream is licensed.
Cloudflare can assign IPs based off customer reputation. High risk customers get high risk IPs. This way legitimate businesses stay on IPs that don't get blacklisted and sketchier businesses go on high risk IPs before they potentially get banned.
It did go through the legal system. That’s what forces the block.
How much of a responsibility should the provider have to scan what they're hosting and proactively make a judgment on whether they should block it or not?
It is insane that you could block access to hundreds of sites just because some people decided to watch an ilegal stream.
What you need is some form of - European - megacorp getting hurt by this and going after LaLiga for a ridiculously huge, LaLiga-destroying amount of money.
Play stupid games... win stupid prizes.
The judicial, nation-wide blocks on CDN IPs is absurd and should have never been allowed.
That shows the power of the Spanish FA and Telefonica together.
An IT peon at La Liga has the chance to do the funniest thing …