💡 Summary

Domain is unavailable (MITM) Unencrypted/decrypted by third party and it is encoring who have non-free access to the contents of your domain.

🥰 Expected Behavior

END to END encrypted connection as implied, it should be encrypted by certificate and not eardropping by MITM, that fingerprint and PII registration.

🤬 Actual Behavior

The false certificate simulates a secure connection, but the connection is NOT secure.

The MITM censoring fingerprinting secured browsers/Connection from accessing the domain

The MITM Are decrypting the connection (MITM), collect PII data whitout warning or any other kind of information about this to the visitor.

📝 Steps to Reproduce

1. Try visit https://misskey-hub.net/
2. You are cencored (Blocked) by MITM
3. MITH tries to fingerprint you, to collect PII data, without asking or informing the visitor about this (GDPR violation)

💻 Environment

* Model and OS of the device(s): Any
* Browser: Any with privacy in mind, such as Firefor-ESR (+ Tor browser)

(For developer) Do you want to address this bug yourself?

• Yes, I will patch the bug myself and send a pull request

This website is provided via Cloudflare and Vercel, at which point we have no control over the privacy practices of our visitors (please let me know if I'm misinterpreting your point).

The false certificate simulates a secure connection, but the connection is NOT secure.

misskey-hub.net is certificated by Let's Encrypt E1 which is certificated by ISRG Root X2.
I think it's not a false certificate.
For modern devices, ISRG Root X2 or ISRG Root X1 (which signs ISRG Root X2) is pre-installed but may not installed for older devices (OSes).

Could you provide more information about why do you think misskey-hub is using false certificate and why do you think it's possible to MITM attack?

This website is provided via Cloudflare (MITM) and Vercel, at which point we have no control over the privacy practices of our visitors (please let me know if I'm misinterpreting your point).

You are on the right path my young padawan :) , I'm looking for public available documentation, that I either can open locally from a secure and safe source or a secured public server.

Right now I can't access misskey.io as well as it is insecure and CENSORS be browser

It is of course not up to me, whether you would like to have any admins to be able to access the documentation you have spent a lot of hours building, as of right now, they are all blocked by CrimeFlare.

misskey-hub.net is certificated by Let's Encrypt E1 which is certificated by ISRG Root X2.

We agree that CrimeFlare as the MITM agent have decrypted and then tapped all information and then "encrypted" it with a E1 which is certificated by ISRG Root X2 simulated key, as they do NOT hold your private key??
then connection is then untrustworthy to any as it is not signed by your private key.

For modern devices, ISRG Root X2 or ISRG Root X1

Have nothing to do with the case. You connection have been violated by decryption by Crimeflare.

Could you provide more information about why do you think misskey-hub is using false certificate and why do you think it's possible to MITM attack?

Have you ever understood what crimeflare is?? or how they are generating there income by giving away "free" services??
Do you know what CloudFlare is and operates there MITM-Proxy?

Remeber when you can't see the price, it is because it is in your back.

So Please read up on CrimeFlare before asking your next question regarding this privacy invasive microbe that is listening to more than 80% of the entire internet traffic to collect every data about YOU as they are the single larges MITM-proxy

CloudFlare is a HUGE threat against hour privacy and democracy, take it serious, they are acting in the dark, selling you lies about secure connection, while they DO decrypt all traffic to collect your PII data.

• https://web.archive.org/web/20201128114348/https://www.cloudflare.com/insights/
• https://kb.mypdns.org/articles/MTX-A-73/CloudFlare

Anyone who know where to obtain free public versions of misskey-hub.net && misskey.io to build a API tool to delete well known spammers and other suspended account

• misskey-dev/misskey#11942 (comment) (Ad 6)
• https://forum.misskey.io/d/15-more-federation-moderation-and-security-features also MITM infected by cloudflare ⚠️

You are free to think Cloudflare is unreliable, but I think that is not what misskey-dev people think.
I do know that Cloudflare contributes significantly to this site, at least for DDoS protection. I also know that not a few services use Cloudflare.

If you would like to view the documentation on this site but hate being blocked by Cloudflare, you should be able to just fork/clone this repository and build it yourself following the license of this repository; AGPL-3.0 license.

To @u1-liquid, @Npepperlinux and @Sayamame-beans

You should really read up on what cloudflare is, but you are probably also in denial of what google and amazon is and how they are operating to track you down and strip you for ever last PII data.

Just sad, that people who indicates they are about privacy, no nothing about this topic.