Checking the security of your browser
One of the things that draws me to the indieweb - to blogging, RSS feeds and old fashioned webrings - is that it feels like a small piece of the old Internet that is long gone. A slice of nostalgia.
Of course it's just LARPing in a way. The static sites with perfect SEO, fully knowing the success of the Internet and the possibility of making money here, can have nothing in common with the old Internet that felt niche and, in a way, pointless. But it's nice to pretend.
However there's one thing that irks me, and it's inviting big tech to our indieweb party. When logging into Bear (and, let's be honest, Bear isn't alone here. Mataroa does the same and I'm sure they all do) I get the "checking the security of your browser" message, and because I use GrapheneOS that's quite a worrying message because 10% of the sites fail me and so I'm not invited to the party[1].
What does it mean, to check the securty of my browser? If my browser is somehow insecure (whatever that means), does that affect the website? Can my insecure browser somehow cause security issues for the server? If so, they have bigger problems.
What I suspect it means is that they believed Cloudflare's marketing that you will be instantly DDoSed off the Internet if you don't route all traffic through them. If you don't give Cloudflare your SSL key and let them be able to decrypt all of your traffic, if you don't let them fingerprint all of your users and turn away the ones with, ironically, better security and privacy, well then you'll be crawled so hard your site will die.
And that's their job - they now provide a pre-scraped version of your site to whoever might need it so that people need not bother read your site at all.
These blogs are text and assets. They are static. Sure, there is a login page that could be brute-forced, but really this is a problem that could be solved without contributing to the centralisation of the Internet. I get it, I do, but the indieweb being behind Cloudflare is just so disappointing.
[1] This is only set to get worse by the way. Soon browsing on your computer will require you to scan a QR code on an "approved device"