All posts by Matthew Prince

Terminating Service for 8Chan

Post Syndicated from Matthew Prince original https://blog.cloudflare.com/terminating-service-for-8chan/

The mass shootings in El Paso, Texas and Dayton, Ohio are horrific tragedies. In the case of the El Paso shooting, the suspected terrorist gunman appears to have been inspired by the forum website known as 8chan. Based on evidence we’ve seen, it appears that he posted a screed to the site immediately before beginning his terrifying attack on the El Paso Walmart killing 20 people.

Unfortunately, this is not an isolated incident. Nearly the same thing happened on 8chan before the terror attack in Christchurch, New Zealand. The El Paso shooter specifically referenced the Christchurch incident and appears to have been inspired by the largely unmoderated discussions on 8chan which glorified the previous massacre. In a separate tragedy, the suspected killer in the Poway, California synagogue shooting also posted a hate-filled “open letter” on 8chan. 8chan has repeatedly proven itself to be a cesspool of hate.

8chan is among the more than 19 million Internet properties that use Cloudflare’s service. We just sent notice that we are terminating 8chan as a customer effective at midnight tonight Pacific Time. The rationale is simple: they have proven themselves to be lawless and that lawlessness has caused multiple tragic deaths. Even if 8chan may not have violated the letter of the law in refusing to moderate their hate-filled community, they have created an environment that revels in violating its spirit.

We do not take this decision lightly. Cloudflare is a network provider. In pursuit of our goal of helping build a better internet, we’ve considered it important to provide our security services broadly to make sure as many users as possible are secure, and thereby making cyberattacks less attractive — regardless of the content of those websites.  Many of our customers run platforms of their own on top of our network. If our policies are more conservative than theirs it effectively undercuts their ability to run their services and set their own policies. We reluctantly tolerate content that we find reprehensible, but we draw the line at platforms that have demonstrated they directly inspire tragic events and are lawless by design. 8chan has crossed that line. It will therefore no longer be allowed to use our services.

What Will Happen Next

Unfortunately, we have seen this situation before and so we have a good sense of what will play out. Almost exactly two years ago we made the determination to kick another disgusting site off Cloudflare’s network: the Daily Stormer. That caused a brief interruption in the site’s operations but they quickly came back online using a Cloudflare competitor. That competitor at the time promoted as a feature the fact that they didn’t respond to legal process. Today, the Daily Stormer is still available and still disgusting. They have bragged that they have more readers than ever. They are no longer Cloudflare’s problem, but they remain the Internet’s problem.

I have little doubt we’ll see the same happen with 8chan. While removing 8chan from our network takes heat off of us, it does nothing to address why hateful sites fester online. It does nothing to address why mass shootings occur. It does nothing to address why portions of the population feel so disenchanted they turn to hate. In taking this action we’ve solved our own problem, but we haven’t solved the Internet’s.

In the two years since the Daily Stormer what we have done to try and solve the Internet’s deeper problem is engage with law enforcement and civil society organizations to try and find solutions. Among other things, that resulted in us cooperating around monitoring potential hate sites on our network and notifying law enforcement when there was content that contained an indication of potential violence. We will continue to work within the legal process to share information when we can to hopefully prevent horrific acts of violence. We believe this is our responsibility and, given Cloudflare’s scale and reach, we are hopeful we will continue to make progress toward solving the deeper problem.

Rule of Law

We continue to feel incredibly uncomfortable about playing the role of content arbiter and do not plan to exercise it often. Some have wrongly speculated this is due to some conception of the United States’ First Amendment. That is incorrect. First, we are a private company and not bound by the First Amendment. Second, the vast majority of our customers, and more than 50% of our revenue, comes from outside the United States where the First Amendment and similarly libertarian freedom of speech protections do not apply. The only relevance of the First Amendment in this case and others is that it allows us to choose who we do and do not do business with; it does not obligate us to do business with everyone.

Instead our concern has centered around another much more universal idea: the Rule of Law. The Rule of Law requires policies be transparent and consistent. While it has been articulated as a framework for how governments ensure their legitimacy, we have used it as a touchstone when we think about our own policies.

We have been successful because we have a very effective technological solution that provides security, performance, and reliability in an affordable and easy-to-use way. As a result of that, a huge portion of the Internet now sits behind our network. 10% of the top million, 17% of the top 100,000, and 19% of the top 10,000 Internet properties use us today. 10% of the Fortune 1,000 are paying Cloudflare customers.

Cloudflare is not a government. While we’ve been successful as a company, that does not give us the political legitimacy to make determinations on what content is good and bad. Nor should it. Questions around content are real societal issues that need politically legitimate solutions. We will continue to engage with lawmakers around the world as they set the boundaries of what is acceptable in their countries through due process of law. And we will comply with those boundaries when and where they are set.

Europe, for example, has taken a lead in this area. As we’ve seen governments there attempt to address hate and terror content online, there is recognition that different obligations should be placed on companies that organize and promote content — like Facebook and YouTube — rather than those that are mere conduits for that content. Conduits, like Cloudflare, are not visible to users and therefore cannot be transparent and consistent about their policies.

The unresolved question is how should the law deal with platforms that ignore or actively thwart the Rule of Law? That’s closer to the situation we have seen with the Daily Stormer and 8chan. They are lawless platforms. In cases like these, where platforms have been designed to be lawless and unmoderated, and where the platforms have demonstrated their ability to cause real harm, the law may need additional remedies. We and other technology companies need to work with policy makers in order to help them understand the problem and define these remedies. And, in some cases, it may mean moving enforcement mechanisms further down the technical stack.

Our Obligation

Cloudflare’s mission is to help build a better Internet. At some level firing 8chan as a customer is easy. They are uniquely lawless and that lawlessness has contributed to multiple horrific tragedies. Enough is enough.

What’s hard is defining the policy that we can enforce transparently and consistently going forward. We, and other technology companies like us that enable the great parts of the Internet, have an obligation to help propose solutions to deal with the parts we’re not proud of. That’s our obligation and we’re committed to it.

Unfortunately the action we take today won’t fix hate online. It will almost certainly not even remove 8chan from the Internet. But it is the right thing to do. Hate online is a real issue. Here are some organizations that have active work to help address it:

Our whole Cloudflare team’s thoughts are with the families grieving in El Paso, Texas and Dayton, Ohio this evening.

Project Galileo: Lessons from 5 years of protecting the most vulnerable online

Post Syndicated from Matthew Prince original https://blog.cloudflare.com/project-galileo-fifth-anniversary/

Project Galileo: Lessons from 5 years of protecting the most vulnerable online

Today is the 5th anniversary of Cloudflare’s Project Galileo. Through the Project, Cloudflare protects—at no cost—nearly 600 organizations around the world engaged in some of the most politically and artistically important work online. Because of their work, these organizations are attacked frequently, often with some of the fiercest cyber attacks we’ve seen.

Project Galileo: Lessons from 5 years of protecting the most vulnerable online

Since it launched in 2014, we haven’t talked about Galileo much externally because we worry that drawing more attention to these organizations may put them at increased risk. Internally, however, it’s a source of pride for our whole team and is something we dedicate significant resources to. And, for me personally, many of the moments that mark my most meaningful accomplishments were born from our work protecting Project Galileo recipients.

The promise of Project Galileo is simple: Cloudflare will provide our full set of security services to any politically or artistically important organizations at no cost so long as they are either non-profits or small commercial entities. I’m still on the distribution list that receives an email whenever someone applies to be a Project Galileo participant, and those emails remain the first I open every morning.

Project Galileo: Lessons from 5 years of protecting the most vulnerable online

The Project Galileo Backstory

Five years ago, Project Galileo was born out of a mistake we made. At the time, Cloudflare’s free service didn’t include DDoS mitigation. If a free customer came under attack, our operations team would generally stop proxying their traffic. We did this to protect our own network, which was much smaller than it is today.

Usually this wasn’t a problem. Most sites that got attacked at the time were companies or businesses that could pay for our services.

Every morning I’d receive a report of the sites that were kicked off Cloudflare the night before. One morning in late February 2014 I was reading the report as I walked to work. One of the sites listed as having been dropped stood out as familiar but I couldn’t place it.

I tried to pull up the site on my phone but it was offline, presumably because we were no longer shielding the site from attack. Still curious, I did a quick search and found a Wikipedia page describing the site. It was an independent newspaper in Ukraine and had been covering the ongoing Russian invasion of Crimea.

I felt sick.

When Nation States Attack

What we later learned was that this publication had come under a significant attack, most likely directly from the Russian government. The newspaper had turned to Cloudflare for protection. Their IT director actually tried to pay for our higher tier of service but the bank tied to the publication’s credit card had had its systems disrupted by a cyber attack as well and the payment failed. So they’d signed up for the free version of Cloudflare and, for a while, we mitigated the attack.

The attack was large enough that it triggered an alert in our Network Operations Center (NOC). A member of our Systems Reliability Engineering (SRE) team who was on call investigated and found a free customer being pummeled by a major attack. He followed our run book and triggered a FINT — which stands for “Fail Internal” — directing traffic from the site directly back to its origin rather than passing through Cloudflare’s protective edge. Instantly the site was overwhelmed by the attack and, effectively, fell off the Internet.

Broken Process

I should be clear: the SRE didn’t do anything wrong. He followed the procedures we had established at the time exactly. He was a great computer scientist, but not a political scientist, so didn’t recognize the site or understand its importance due to the situation at the time in Crimea and why a newspaper covering it may come under attack. But, the next morning, as I read the report on my walk in to work, I did.

Cloudflare’s mission is to help build a better Internet. That day we failed to live up to that mission. I knew we had to do something.

Politically or Artistically Important?

It was relatively easy for us to decide to provide Cloudflare’s security services for free to politically or artistically important non-profits and small commercial entities. We were confident that we could stand up to even the largest attacks. What we were less confident about was our ability to determine who was “politically or artistically important.”

While Cloudflare runs infrastructure all around the world, our team is largely based in San Francisco, Austin, London, and Singapore. That certainly gives us a viewpoint, but it isn’t a particularly globally representative viewpoint. We’re also a very technical organization. If we surveyed our team to determine what organizations deserved protection we’d no-doubt identify a number of worthy organizations that were close to home and close to our interests, but we’d miss many others.

We also worried that it was dangerous for an infrastructure provider like Cloudflare to start making decisions about what content was “good.” Doing so inherently would imply that we were in a position to make decisions about what content was “bad.” While moderating content and curating communities is appropriate for some more visible platforms, the deeper you go into Internet infrastructure, the less transparent, accountable, and consistent those decisions inherently become.

Turning to the Experts

So, rather than making the determination of who was politically or artistically important ourselves, we turned to civil society organizations that were experts in exactly that. Initially, we partnered with 15 organizations, including:

  • Access Now
  • American Civil Liberties Union (ACLU)
  • Center for Democracy and Technology (CDT)
  • Centre for Policy Alternatives
  • Committee to Protect Journalists (CPJ)
  • Electronic Frontier Foundation (EFF)
  • Engine Advocacy
  • Freedom of the Press Foundation
  • Meedan
  • Mozilla
  • Open Tech Fund
  • Open Technology Institute

We agreed that if any partner said that a non-profit or small commercial entity that applied for protection was “politically or artistically important” then we would extend our security services and protect them, no matter what.

With that, Project Galileo was born. Nearly 600 organizations are currently being protected under Project Galileo. We’ve never removed an organization from protection in spite of occasional political pressure as well as frequent extremely large attacks.

Organizations can apply directly through Cloudflare for Project Galileo protection or can be referred by a partner. Today, we’ve grown the list of partners to 28, adding:

  • Anti-Defamation League
  • Amnesty International
  • Business & Human Rights Resource Centre
  • Council of Europe
  • Derechos Digitales
  • Fourth Estate
  • Frontline Defenders
  • Institute for War & Peace Reporting (IWPR)
  • LION Publishers
  • National Democratic Institute (NDI)
  • Reporters Sans Frontières
  • Social Media Exchange (SMEX)
  • Sontusdatos.org
  • Tech Against Terrorism
  • World Wide Web Foundation
  • X-Lab

Cloudflare’s Mission: Help Build a Better Internet

Some companies start with a mission. Cloudflare was not one of those companies. When Michelle, Lee, and I started building Cloudflare it was because we thought we’d identified a significant business opportunity. Truth be told, I thought the idea of being “mission driven” was kind of hokum.

I clearly remember the day that changed for me. The director of one of the Project Galileo partners called me to say that he had three journalists who had received protection under Project Galileo that were visiting San Francisco and asked if it would be okay to bring them by our office. I said sure and carved out a bit of time to meet with them.

The three journalists turned out to all be covering alleged government corruption in their home countries. One was from Angola, one was from Ethiopia, and they wouldn’t tell me the name or home country of the third because he was “currently being hunted by death squads.” All three of them hugged me. One had tears in his eyes. And then they proceeded to tell me about how they couldn’t do their work as journalists without Cloudflare’s protection.

There are incredibly brave people doing important work and risking their lives around the world. Some of them use the Internet to reach their audience. Whether it’s African journalists covering alleged government corruption, LGBTQ communities in the Middle East providing support, or human rights workers in repressive regimes, unfortunately they all face the risk that the powerful forces that oppose them will use cyber attacks to silence them.

I’m proud of the work we’ve done through Project Galileo over the last five years lending the full weight of Cloudflare to protect these politically and artistically important organizations. It has defined our mission to help build a better Internet.

While we respect the confidentiality of the organizations that receive support under the Project, I’m thankful that a handful have allowed us to tell their stories. I encourage you to read about our newest recipients of the Project:

And, finally, if you know of an organization that needs Project Galileo’s protection, please let them know we’re here and happy to help.

Project Galileo: Lessons from 5 years of protecting the most vulnerable online

Introducing Warp: Fixing Mobile Internet Performance and Security

Post Syndicated from Matthew Prince original https://blog.cloudflare.com/1111-warp-better-vpn/

Introducing Warp: Fixing Mobile Internet Performance and Security

Introducing Warp: Fixing Mobile Internet Performance and Security

April 1st is a miserable day for most of the Internet. While most days the Internet is full of promise and innovation, on “April Fools” a handful of elite tech companies decide to waste the time of literally billions of people with juvenile jokes that only they find funny.

Cloudflare has never been one for the traditional April Fools antics. Usually we just ignored the day and went on with our mission to help build a better Internet. Last year we decided to go the opposite direction launching a service that we hoped would benefit every Internet user: 1.1.1.1.

The service’s goal was simple — be the fastest, most secure, most privacy-respecting DNS resolver on the Internet. It was our first attempt at a consumer service. While we try not to be sophomoric, we’re still geeks at heart, so we couldn’t resist launching 1.1.1.1 on 4/1 — even though it was April Fools, Easter, Passover, and a Sunday when every media conversation began with some variation of: “You know, if you’re kidding me, you’re dead to me.”

No Joke

We weren’t kidding. In the year that’s followed, we’ve been overwhelmed by the response. 1.1.1.1 has grown usage by 700% month-over-month and appears likely to soon become the second-largest public DNS service in the world — behind only Google (which has twice the latency, so we trust we’ll catch them too someday). We’ve helped champion new standards such as DNS over TLS and DNS over HTTPS, which ensure the privacy and security of the most foundational of Internet requests. And we’ve worked with great organizations like Mozilla to make it so these new standards could be easy to use and accessible to anyone anywhere.

Introducing Warp: Fixing Mobile Internet Performance and Security

On 11/11 — yes, again, geeky — we launched Cloudflare’s first mobile app. The 1.1.1.1 App allowed anyone to easily take advantage of the speed, security, and privacy of the 1.1.1.1 DNS service on their phone. Internally, we had hoped that at least 10,000 people would use the app. We ended up getting a lot more than that. In the months that followed, millions of Android and iOS users have installed the app and now experience a faster, more secure, and more private Internet on their phones.

Super Secret Plan

Truth be told, the 1.1.1.1 App was really just a lead up to today. We had a plan on how we could radically improve the performance, security, and privacy of the mobile Internet well beyond just DNS. To pull it off, we needed to understand the failure conditions when a VPN app switched between cellular and WiFi, when it suffered signal degradation, tried to register with a captive portal, or otherwise ran into the different conditions that mobile phones experience in the field.

More on that in a second. First, let’s all acknowledge that the mobile Internet could be so much better than it is today. TCP, the foundational protocol of the Internet, was never designed for a mobile environment. It literally does the exact opposite thing it should when you’re trying to surf the Internet on your phone and someone nearby turns on the microwave or something else happens that causes packet loss. The mobile Internet could be so much better if we just upgraded its underlying protocols. There’s a lot of hope for 5G, but, unfortunately, it does nothing to solve the fact that the mobile Internet still runs on transport protocols designed for a wired network.

Beyond that, our mobile phones carry some of our most personal communications. And yet, how confident are you that they are as secure and private as possible? While there are mobile VPNs that can ensure traffic sent from your phone through the Internet is encrypted, let’s be frank — VPNs suck, especially on mobile. They add latency, drain your battery, and, in many cases, are run by companies with motivations that are opposite to actually keeping your data private and secure.

Announcing 1.1.1.1 with Warp

Introducing Warp: Fixing Mobile Internet Performance and Security

Today we’re excited to announce what we began to plan more than two years ago: the 1.1.1.1 App with Warp performance and security technology. We built Warp from the ground up to thrive in the harsh conditions of the modern mobile Internet. It began with our acquisition of Neumob in November 2017. At the time, our CTO, John Graham-Cumming, wrote about how Neumob was part of our “Super Secret Master Plan.” At the time he wrote:

“Ultimately, the Neumob software is easily extended to operate as a ‘VPN’ for mobile devices that can secure and accelerate all HTTP traffic from a mobile device (including normal web browsing and app API calls). Most VPN software, frankly, is awful. Using a VPN feels like a step backwards to the dial up era of obscure error messages, slow downs, and clunky software. It really doesn’t have to be that way.”

That’s the vision we’ve been working toward ever since: extending Cloudflare’s global network — now within a few milliseconds of the vast majority of the world’s population — to help fix the performance and security of the mobile Internet.

A VPN for People Who Don’t Know What V.P.N. Stands For

Technically, Warp is a VPN. However, we think the market for VPNs as it’s been imagined to date is severely limited. Imagine trying to convince a non-technical friend that they should install an app that will slow down their Internet and drain their battery so they can be a bit more secure. Good luck.

Introducing Warp: Fixing Mobile Internet Performance and Security

We built Warp because we’ve had those conversations with our loved ones too and they’ve not gone well. So we knew that we had to start with turning the weaknesses of other VPN solutions into strengths. Under the covers, Warp acts as a VPN. But now in the 1.1.1.1 App, if users decide to enable Warp, instead of just DNS queries being secured and optimized, all Internet traffic is secured and optimized. In other words, Warp is the VPN for people who don’t know what V.P.N. stands for.

Secure All the Traffic…

This doesn’t just apply to your web browser but to all apps running on your phone. Any unencrypted connections are encrypted automatically and by default. Warp respects end-to-end encryption and doesn’t require you to install a root certificate or give Cloudflare any way to see any encrypted Internet traffic we wouldn’t have otherwise.

Unfortunately, a lot of the Internet is still unencrypted. For that, Warp automatically adds encryption from your device to the edge of Cloudflare’s network — which isn’t perfect, but is all other VPNs do and it does address the largest threats typical Internet users face. One silver lining is that if you browse the unencrypted Internet through Warp, when it’s safe to do so, Cloudflare’s network can cache and compress content to improve performance and potentially decrease your data usage and mobile carrier bill.

…While Making It Faster and More Reliable

Security is table stakes. What really distinguishes Warp is performance and reliability. While other VPNs slow down the Internet, Warp incorporates all the work that the team from Neumob has done to improve mobile Internet performance. We’ve built Warp around a UDP-based protocol that is optimized for the mobile Internet. We also leveraged Cloudflare’s massive global network, allowing Warp to connect with servers within milliseconds of most the world’s Internet users. With our network’s direct peering connections and uncongested paths we can deliver a great experience around the world. Our tests have shown that Warp will often significantly increase Internet performance. Generally, the worse your network connection the better Warp should make your performance.

Introducing Warp: Fixing Mobile Internet Performance and Security

And reliability is improved as well. While Warp can’t eliminate mobile dead spots, the protocol is designed to recover from loss faster. That makes that spot where your phone loses signal on the train when you’re commuting in from work a bit less annoying.

We also knew it was critical that we ensure Warp doesn’t meaningfully increase your battery usage. We built Warp around WireGuard, a modern, efficient VPN protocol that is much more efficient than legacy VPN protocols. We’ve also worked to minimize any excess use of your phone’s radio through retransmits which, if you’ve ever been somewhere with spotty mobile coverage, you know can heat up your phone and quickly burn through your phone’s battery. Warp is designed to minimize that.

How Much Does It Cost?

Finally, we knew that if we really wanted Warp to be something that all our less-technical friends would use, then price couldn’t be a barrier to adoption. The basic version of Warp is included as an option with the 1.1.1.1 App for free.

We’re also working on a premium version of Warp — which we call Warp+ — that will be even faster by utilizing Cloudflare’s virtual private backbone and Argo technology. We will charge a low monthly fee for those people, like many of you reading this blog, who want even more speed. The cost of Warp+ will likely vary by region, priced in a way that ensures the fastest possible mobile experience is affordable to as many people as possible.

When John hinted more than two years ago that we wanted to build a VPN that didn’t suck, that’s exactly what we’ve been up to. But it’s more than just the technology, it’s also the policy of how we’re going to run the network and who we’re going to make the service accessible to.

What’s the Catch?

Let’s acknowledge that many corners of the consumer VPN industry are really awful so it’s a reasonable question whether we have some ulterior motive. That many VPN companies pretend to keep your data private and then sell it to help target you with advertising is, in a word, disgusting. That is not Cloudflare’s business model and it never will be. The 1.1.1.1 App with Warp will continue to have all the privacy protections that 1.1.1.1 launched with, including:

1. We don’t write user-identifiable log data to disk;

2. We will never sell your browsing data or use it in any way to target you with advertising data;

3. Don’t need to provide any personal information — not your name, phone number, or email address — in order to use the 1.1.1.1 App with Warp; and

4. We will regularly hire outside auditors to ensure we’re living up to these promises.

This Sounds Too Good To Be True

That’s exactly what I thought when I read about the launch of Gmail exactly 15 years ago today. At the time it was hard to believe an email service could exist with effectively no storage cap or fees. What I didn’t understand at the time was that Google had done such a good job figuring out how to store data cheaply and efficiently that what seemed impossible to the rest of the world seemed like a no-brainer to them. Of course, advertising is Google’s business model, it’s not Cloudflare’s, so it’s not a perfect analogy.

There are few companies that have the breadth, reach, scale, and flexibility of Cloudflare’s network. We don’t believe there are any such companies that aren’t primarily motivated by selling user data or advertising. We realized a few years back that providing a VPN service wouldn’t meaningfully change the costs of the network we’re already running successfully. That meant if we could pull off the technology then we could afford to offer this service.

Hokey as it sounds, the primary reason we built Warp is that our mission is to help build a better Internet — and the mobile Internet wasn’t as fast or secure as it could be and VPNs all suck. Time and time again we’ve watched people sit around and talk about how the Internet could be better if someone would just act. We’re in a position to act, and we’ve acted. We made encryption free for all our customers and doubled the size of the encrypted web in the process, we’ve pushed the adoption of IPv6, we’ve made DNSSEC easy, and we were the first to turn HTTP/2 up at scale.

This is our nature: find the biggest problems on the Internet and do the right thing to solve them. And, if you look at the biggest problem on the Internet today, it’s that the mobile web is too insecure and too slow, and current VPN solutions come with massive performance penalties and, worse, often don’t respect users’ privacy.

Once we realized that building Warp was technically and financially possible, it really became a no-brainer for us. At Cloudflare we strive to build technologies for the entire Internet, not just the handful of fellow techies in Silicon Valley who find April Fools shenanigans amusing. Helping build a better Internet is what motivates the sort of great, empathetic, principled, and curious engineers we hire at Cloudflare.

Ok, Sure, But You’re Still a Profit-Seeking Company

Fair enough, and we think that the 1.1.1.1 App with Warp will be a good business for us. There are three primary ways this makes financial sense. The first, and most direct, is the aforementioned Warp+ premium service that you can upgrade to for even faster performance. Cloudflare launched our B2B service with a freemium model and it’s worked extremely well for us. We understand freemium and we are excited to extend our experience with it into the consumer space.

Introducing Warp: Fixing Mobile Internet Performance and Security

Second, we think there’s an exciting opportunity in the enterprise VPN space. While companies require their employees to install and use VPNs, even the next generation of cloud VPNs are pretty terrible. Their client software slows everything down and drains your battery. We think the best way to build the best enterprise VPN is to first build the best consumer VPN and let millions of users kick the tires. Imagine if you actually looked forward to logging in to your corporate VPN. If you’re a company interested in working closely to realize that dream, don’t hesitate to reach out and we’ll let you in on our roadmap.

Finally, Cloudflare’s core business is about making our customers content and applications on the Internet fast and secure. While we strive for Warp to make the entire Internet fast, Cloudflare-powered sites and apps will be even faster still. By having software running on both sides of an Internet connection we can make significant optimizations that wouldn’t otherwise be possible. Going forward, we plan to add local device differential compression (think Railgun on your phone), more advanced header compression, intelligently adaptive congestion control, and multipath routing. All those things are easier to provide when someone is accessing a Cloudflare customer through their phone running Warp. So the more people who install Warp, the more valuable Cloudflare’s core services become.

How Do I Sign Up?

We wanted to roll out Warp to the entire Internet on April 1, 2019 with no strings attached. Our Site Reliability Engineering team vetoed that idea. They reminded us that even Google, when they launched Gmail (also on April 1), curated the list of who could get on when. And, listening to them, that clearly makes sense. We want to make sure people have a great experience and our network scales well as we onboard everyone.

Truth be told, we’re also not quite ready. While our team has been working for months to get the new 1.1.1.1 App with Warp ready to launch, including working through the final hours before the launch, we just made the call that there are still too many edge cases that we’re not proud of to start rolling it out to users. Nothing we can’t solve, but it’s going to take a bit longer than we’d hoped. The great thing about a hard deadline like April 1 is that it motivates a team — and our whole team has been doing great work to get this ready — the challenging thing is that you can’t move it.

So, beginning today, what you can do is claim your place in line to be among the first to get Warp. If you already have the 1.1.1.1 App on your phone, you can update it through the Apple App Store or the Google Play Store. If you don’t yet have the 1.1.1.1 App you can download it for free from Apple or Google. Once you’ve done that you’ll see an option to claim your place in line for Warp. As we start onboarding people, your position in line will move up. When it’s your turn we’ll send you a notification and you’ll be able to enable Warp to experience a faster, more secure, more private Internet for yourself.

Introducing Warp: Fixing Mobile Internet Performance and Security

And, don’t worry, if you’d like to keep using the 1.1.1.1 App for DNS performance and security only, that will remain the default for free for anyone who’s already installed it. And, for future installs, you’ll always be able to downgrade to that option for free if, for whatever reason, you don’t want the benefits of Warp.

We expect that we’ll begin inviting people on the waitlist to try Warp over the coming weeks. And, assuming demand stays within our forecasts, hope to have it available to everyone on the waitlist by the end of July.

Helping Build a Better Internet

At Cloudflare our mission is to help build a better Internet. We take that mission very seriously, even on days when the rest of the tech industry is joking around. We’ve lived up to that mission for a significant portion of the world’s content creators. Our whole team is proud that today, for the first time, we’ve extended the scope of that mission meaningfully to the billions of other people who use the Internet every day.

Click to get your place in line for the 1.1.1.1 App with Warp for Apple’s iOS or Google’s Android.

Click here to learn about engineering jobs at Cloudflare.

And, yes, desktop versions are coming soon

Introducing Warp: Fixing Mobile Internet Performance and Security