First, let’s set aside the separate question of whether monopolies are bad. They are not good but that’s not the issue here.

As to architecture:

Cloudflare has had some outages recently. However, what’s their uptime over the longer term? If an individual site took on the infra challenges themselves, would they achieve better? I don’t think so.

But there’s a more interesting argument in favour of the status quo.

Assuming cloudflare’s uptime is above average, outages affecting everything at once is actually better for the average internet user.

It might not be intuitive but think about it.

How many Internet services does someone depend on to accomplish something such as their work over a given hour? Maybe 10 directly, and another 100 indirectly? (Make up your own answer, but it’s probably quite a few).

If everything goes offline for one hour per year at the same time, then a person is blocked and unproductive for an hour per year.

On the other hand, if each service experiences the same hour per year of downtime but at different times, then the person is likely to be blocked for closer to 100 hours per year.

It’s not really bad end user experience that every service uses cloudflare. It’s more-so a question of why is cloudflare’s stability seeming to go downhill?

And that’s a fair question. Because if their reliability is below average, then the value prop evaporates.

I think the parent post made a different argument:

- Centralizing most of the dependency on Cloudflare results in a major outage when something happens at Cloudflare, it is fragile because Cloudflare becomes the single point of failure. Like: Oh Cloudflare is down... oh, none of my SaaS services work anymore.

- In a world where this is not the case, we might see more outages, but they would be smaller and more contained. Like: oh, Figma is down? fine, let me pickup another task and come back to Figma once it's back up. It's also easier to work around by having alternative providers as a fallback, as they are less likely to share the same failure point.

As a result, I don't think you'll be blocked 100 hours a year in scenario 2. You may observe 100 non-blocking inconveniences per year, vs a completely blocking Cloudflare outage.

And in observed uptime, I'm not even sure these providers ever won. We're running all our auxiliary services on a decent Hetzner box with a LB. Say what you want, but that uptime is looking pretty good compared to any services relying on AWS (Oct 20, 15 hours), Cloudflare (Dec 5 (half hour), Nov 18 (3 hours)). Easier to reason about as well. Our clients are much more forgiving when we go down due to Azure/GCP/AWS/Cloudflare vs our own setup though...

The point is that it doesn’t matter. A single site going down has a very small chance of impacting a large number of users. Cloudflare going down breaks an appreciable portion of the internet.

If Jim’s Big Blog only maintains 95% uptime, most people won’t care. If BofA were at 95%.. actually same. Most of the world aren’t BofA customers.

If Cloudflare is at 99.95% then the world suffers

It's like saying that Chipotle having X% chance of tainted food is worse than local burrito places having 2*X% chance of tainted food. It's true in the lens that each individual event affects more people, but if you removed that Chipotle and replaced with all local, the total amount of illness is still strictly higher, it's just tons of small events that are harder to write news articles about.

I think the question then is how much of the Internet has fungible alternatives such that uncorrelated downtime can meaningfully be less impact. If you have a "to buy" shopping list, the existence of alternative shopping list products doesn't help you, when the one you use is down it's just down, the substitutes cannot substitute on short notice. Obviously for some things there's clear substitutes though, but actually I think "has fungible alternatives" is mostly correlated with "being down for 30 minutes doesn't matter", it seems that the things where you want the one specific site are the ones where availability matters more.

A better analogy is that if the restaurant you'll be going to is unexpectedly closed for a little while, you would do an after-dinner errand before dinner instead and then visit the restaurant a bit later. If the problem affects both businesses (like a utility power outage) you're stuck, but you can simply rearrange your schedule if problems are local and uncorrelated.

Just because CF is up doesnt mean the site is

There are likely emergency services dependent on Cloudflare at this point, so I’m only semi serious.

So at this point no, the world can most definitely not “just live without the Internet”. And emergency services aren’t the only important thing that exists to the extent that anything else can just be handwaved away.

if the world suffers, those doing the "suffering" needs to push that complaint/cost back up the chain - to the website operator, which would push the complaint/cost up to cloudflare.

The fact that nobody did - or just verbally complained without action - is evidence that they didn't really suffer.

In the mean time, BofA saved cost in making their site 99.95% uptime themselves (presumably cloudflare does it cheaper than they could individually). So the entire system became more efficient as a result.

What an utterly clueless claim. You're literally posting in a thread with nearly 500 posts of people complaining. Taking action takes time. A business just doesn't switch cloud providers overnight.

I can tell you in no uncertain terms that there are businesses impacted by Cloudflare's frequent outages that started work shedding their dependency on Cloudflare's services. And it's not just because of these outages.

How? If Github is down how many people are affected? Google?

> Jim’s Big Blog only maintains 95% uptime, most people won’t care

Yeah, and in the world with Cloudflare people don't care if Jim's Blog is down either. So Cloudflare doesn't make things worse.

Putting Cloudflare in front of a site doesn't mean that site's backend suddenly never goes down. Availability will now be worse - you'll have Cloudflare outages* affecting all the sites they proxy for, along with individual site back-end failures which will of course still happen.

* which are still pretty rare

The problem with pursuing efficiency as the primary value prop is that you will necessarily end up with a brittle result.

This is a simplistic opinion. Claiming services like Cloudflare are modeled as single points of failure is like complaining that your use of electricity to power servers is a single point of failure. Cloudflare sells a global network of highly reliable edge servers running services like caching, firewall, image processing, etc. And more importas a global firewall that protects services against global distributed attacks. Until a couple of months ago, it was unthinkable to casual observers that Cloudflare was such an utter unreliable mess.

It may have been unthinkable to some casual observers that creating a giant single point of failure for the internet was a bad idea but it was entirely thinkable to others.

I’m tired of this sentiment. Imagine if people said, why develop your own cloud offering? Can you really do better than VMWare..?

Innovation in technology has only happened because people dared to do better, rather than giving up before they started…

Software development is a rare exception to this. We’re often writing from scratch (same with designers, and some other creatives). But these are definitely the exception compared to the broader workforce.

Same concept applies for any app that’s built on top of multiple third-party vendors (increasingly common for critical dependencies of SaaS)

This doesn’t guarantee availability of those N services themselves though, surely? N services with a slightly lower availability target than N+1 with a slightly higher value?

More importantly, I’d say that this only works for non-critical infrastructure, and also assumes that the cost of bringing that same infrastructure back is constant or at least linear or less.

The 2025 Iberian Peninsula outage seems to show that’s not always the case.

I disagree; most people need only a subset of Cloudflare's features. Operating just that subset avoids the risk of the other moving parts (that you don't need anyway) ruining your day.

Cloudflare is also a business and has its own priorities like releasing new features; this is detrimental to you because you won't benefit from said feature if you don't need it, yet still incur the risk of the deployment going wrong like we saw today. Operating your own stack would minimize such changes and allow you to schedule them to a maintenance window to limit the impact should it go wrong.

The only feature Cloudflare (or its competitors) offers that can't be done cost-effectively yourself is volumetric DDoS protection where an attacker just fills your pipe with junk traffic - there's no way out of this beyond just having a bigger pipe, which isn't reasonable for any business short of an ISP or infrastructure provider.

.... And thanks to AI everyone needs that all the time now since putting a site on the Internet means an eternal DDoS attack.

To me this reads as a form of misdirection, intentional or not. A monopolist has little reason to care about downstream effects, since customers have nowhere else to turn. Framing this as roll your own versus Cloudflare rather than as a monoculture CDN environment versus a diverse CDN ecosystem feels off.

That said, the core problem is not the monopoly itself but its enablers, the collective impulse to align with whatever the group is already doing, the desire to belong and appear to act the "right way", meaning in the way everyone else behaves. There are a gazillion ways of doing CDN, why are we not doing them? Why the focus on one single dominant player?

I don’t the answer to the all questions. But here I think it is just a way to avoid responsibility. If someone choses CDN “number 3” and it goes down, business people *might* put a blame on this person for not choosing “the best”. I am not saying it is a right approach, I just seen it happens too many times.

Why is that the only option? Cloudflare could offer solutions that let people run their software themselves, after paying some license fee. Or there could be many companies people use instead, instead of everyone flocking to one because of cargoculting "You need a CDN like Cloudflare before you launch your startup bro".

Cloudflare isn’t the only game in town either. Akamai, Google, AWS, etc all have good solutions. I’ve used all of these at jobs I’ve worked at and the only poor choice has been to not use one at all.

1. DDoS protection

2. Plug n’ Play DNS and TLS (termination)

Neither of those make sense for self-hosted.

Edit: If it’s unclear, #2 doesn’t make sense because if you self-host, it’s no longer plug n’ play. The existing alternatives already serve that case equally well (even better!).

With only some mild blushing, you could describe us as "artisanal" compared to the industrial monstrosities, such as Cloudflare.

Time and time again we get these sorts of issues with the massive cloudy chonks and they are largely due to the sort of tribalism that used to be enshrined in the phrase: "no one ever got fired for buying IBM".

We see the dash to the cloud and the shoddy state of in house corporate IT as a result. "We don't need in-house knowledge, we have "MS copilot 365 office thing" that looks after itself and now its intelligent - yay \o/

Until I can't, I'm keeping it as artisanal as I can for me and my customers.

If so, is it a good or bad trade to have more overall uptime but when things go down it all goes down together?

It is far worse if all of the competitors are down at once. To some extent you can and should have a little bit of stock at home (water, food, medicine, ways to stay warm, etc) but not everything is practical to do so with (gasoline for example, which could have knock on effects on delivery of other goods).

users want to do things, if their goal depends on a complex chain of functions (provided by various semi-independent services) then the ideal setup would be to have redundant providers and users could simply "load balance" between them and that separate high-level providers' uptime state is clustered (meaning that when Google is unavailable Bing is up, and when Random Site A, goes down their payment provider goes down too, etc..)

So ideally sites would somehow sort themselves nearly to separate availability groups.

Otherwise simply having a lot of uncorrelated downtimes doesn't help (if we count the sum of downtime experienced by people). Though again it gets complicated by the downtime percentage, because likely there's a phase shift between the states when user can mostly complete their goals and when they cannot because too many cascading failures.

Is it? I can’t say that my personal server has been (unplanned) down at any time in the past 10 years, and these global outages have just flown right past it.

Also, if you need to switchover to backup systems for everything at once, then either the backup has to be the same for everything and very easily implementable remotely - which to me seems unlikely for specialty systems, like hospital systems, or for the old tech that so many organizations still rely on (and remember the CrowdStrike BSODs that had to be fixed individually and in person and so took forever to fix?) - or you're gonna need a LOT of well-trained IT people, paid to be on standby constantly, if you want to fix the problems quickly, on account of they can't be everywhere at once.

If the problems are more spread out over time, then you don't need to have quite so many IT people constantly on standby. Saves a lot of $$$, I'd think.

And if problems are smaller and more spread out over time, then an organization can learn how to deal with them regularly, as opposed to potentially beginning to feel and behave as though the problem will never actually happen. And if they DO fuck up their preparedness/response, the consequences are likely less severe.

Cloudflare is down and hundreds of well paid engineers spring into action to resolve the issue. Your server goes down and you can’t get ahold of your Server Person because they’re at a cabin deep in the woods.

The latter is easier to handle, easier to fix, and much more suvivable if you do fuck it up a bit. It gives you some leeway to learn from mistakes.

If you make a mistake during the 1000 dog siege, or if you don't have enough guards on standby and ready to go just in case of this rare event, you're just cooked.

Two is one and one is none.

See also https://en.wikipedia.org/wiki/Conway%27s_law

But the distributed system is vulnerable to DDOS.

Is there an architecture that maintains the advantages of both systems? (Distributed resilience with a high-volume failsafe.)

My answer would be that no one product should get this big.

They don't just use Rust for "protection", they use it first and foremost for performance. They have ballpark-to-matching C++ performance with a realistic ability to avoid a myriad of default bugs. This isn't new.

You're playing armchair quarterback with nothing to really offer.

What's changed is a) our second-by-second dependency on the Internet and b) news/coverage.

Cloudflare is really good at what they do, they employ good engineering talent, and they understand the problem. That lowers the chance of anything bad happening. On the other hand, they achieve that by unifying the infrastructure for a large part of the internet, raising the impact.

The website operator herself might be worse at implementing and maintaining the system, which would raise the chance of an outage. Conversely, it would also only affect her website, lowering the impact.

I don't think there's anything to dispute in that description. The discussion then is if cloudflares good engineering lowers the chance of an outage happening more than it raises the impact. In other words, the things we can disagree about is the scaling factors, the core of the argument seems reasonable to me.

> However, we have never before applied a killswitch to a rule with an action of “execute”.

> This is a straightforward error in the code, which had existed undetected for many years

So they shipped an untested configuration change that triggered untested code straight to production. This is "tell me you have no tests without telling me you have no tests" level of facepalm. I work on safety-critical software where if we had this type of quality escape both internal auditors and external regulators would be breathing down our necks wondering how our engineering process failed and let this through. They need to rearchitect their org to put greater emphasis on verification and software quality assurance.

There is not a single company that makes their infrastructure as globally available like Cloudflare.

Additionally, the downtime of Cloudflare seems to be objectively less than the others.

Now, it took 25 minutes for 28% of the network.

While being the only ones to fix a global vulnerability.

There is a reason other clouds wouldn't touch the responsiveness and innovation that Cloudflare brings.

I think this is the part where we disagree. Have you used LLMs, or is this based on something you read?

* Let heat-pumps heat homes to say 23C instead of 20C

* Let freezers decrease the temperature to say -30C instead of -18C

* Let electric water heaters heat water to say 70C instead of 50C, such water can then be mixed with more cold water

Such overuse would then reduce energy consumption when the production peak is over (heat pumps could stop working for some time until the temperature decreases from 23 to 20, etc.)

You'll have enthusiasts that'll do homebrew systems to take advantage of the economy, then you'll have companies catering to their (tbh, hobby), then you'll have products that are actually useful, then you'll see mass adoption. Like in everything else.

Trying to plan a huge strategy from the onset feels (and is!) daunting. Just make sure the price fits the reality, and savings will follow naturally.

Tell me your wonderland where this has happened . . .

There are whole countries with wireless meters. There must be papers showing how much effect it has on consumer consumption? Ignore one-off examples, I'm interested in population level effects and statistics.

> With Rate Flex D, you can save quite a bit of money, since most of the time in winter, you’ll be charged less than the base rate, except during occasional peak demand events, when you’ll be charged more than the base rate.

[1] https://www.hiloenergie.com/en-ca/ [2] https://www.hydroquebec.com/residential/customer-space/rates...

Everyone imagines that consumers would change their behaviour if they were given price information. In my experience, I've yet to see any good data showing that on average consumers save electricity due to smart meters.

In New Zealand, I think the power companies design their consumer products to be unhelpful (what's the equivalent term here for dark patterns in marketing?). I believe few consumers watch their instant usage or review their hourly usage. Personally I changed away from a plan that used spot prices (after seeing the debacle from snow in Texas, and realising the rewards were low and that judging/managing the risks was hard).

Plenty of grids had started paying consumers for excess solar generation exactly in this manner.

Likewise a heat pump can only boost so much.

This, like other environment related changes never happen by market forces. Not once. And small tweaks even on large scale produce small effects, insufficient for our needs.

So maybe -30 is difficult but it wouldn't be that hard to have the existing temperature range on new models be dynamic based on electricity pricing

For small sizes, yes it is.

But also, capex vs opex. Even if it's twice the cost, you only pay it once.

Whenever electricity prices go negative I have automations to force-charge my solar batteries from the grid, turn on hot water heaters in my hot water tank (normally heated by gas etc. ).

I just have Home Assistant turn on everything: dehumidifiers, heaters, lights, set the freezer thermostat to -25c.

So far I've earnt about 10p, but the real saving comes from having a little bit of thermal inertia to carry through to when prices are higher.

The market for power imbalance was already on 15 minute blocks.

I'm using a HomeWizard smart plug [0] to enable my electric boiler to only run during the cheapest hours of the day

[0] https://www.homewizard.com/energy-socket/

You should absolutely re-run these numbers to be sure, but you might find you can use electric heating far more often than you might currently be doing.

There is an Octopus Integration that exposes current prices (and much else) to HomeAssistant.

There is another Integration that works with my solar panels and another that works with my batteries and can change mode (self use, force charge, force discharge etc.)

So from there it’s really just a question of setting up some if-then automations to turn on smart switches, charge the batteries if prices go negative.

You can also gradually add more nuanced automations like turning on water heaters if the panels are generating more than 1kW and the batteries are over 90% charged.

I’m not a programmer, it’s all fairly easy to do.

The issue is that most consumers don't like unpredictable prices. You can make a crude approximation by having 2-3 fixed rates for different times of day, but that leaves a lot of potential on the table

Plus large parts of Europe are currently transitioning to more granular 15-minute pricing: https://www.nordpoolgroup.com/en/trading/transition-to-15-mi...

You can still get fixed tariff electricity contracts but you'll end up paying a bit extra in return for greater predictability…

The key is to not take this away; make it so that those who want predictability can get it (but they end pay more for the privilege) but those who want to try to "game the system" can (and incidentally help with the overproduction problem).

Done well, things like Powerwalls, thermal mass storage, etc could absorb quite a bit of load during peak production times, reducing load at inopportune times.

And in the meantime it would be very unpopular for people who can't just afford to renew their otherwise fully functional appliances.

I agree on the popularity, but you'd absolutely see an effect even without anyone buying new appliances

The aim is net zero by 2050, lifespan of a fridge-freezer is about 10 years. Even assuming designing a system and putting it in place took 5 years, that's still enough time to have most appliances on it by 2040.

Given the current energy prices, it probably even makes sense to replace appliances sooner than their normal lifetime. My fridge-freezer is only 5 years old, but if it broke today and cost more than ~£150 to repair, I'd end up saving money by replacing it.

General population doesn't understand that fixed pricing includes an extra cost which is the risk that the electricity provider has to account for. That risk has a calculable price, which is passed down to the consumers. But because it's baked in the flat rate, nobody complains.

Smart/dynamic pricing actually benefits the consumer.

No it doesn't. The customer has low risk appetite and would rather pay a premium for predictability.

It's like how there's a substantial portion of the population that counts the best commute time ever as their commute time, and are perpetually late. "How can it take 30 minutes to get to work, one time it was only 15!" - ignoring the reality of traffic, subway delays, etc.

For example, see https://docs.nrel.gov/docs/fy23osti/82315.pdf

It does looks like it will make some sort of sense for compute workloads to move around to be at locations near surplus energy generation. As someone else mentioned bitcoin mining (with the benefit of heat generation) could also be used, but if this practice becomes widespread the attachment of bitcoin pricing to what is in effect negative local energy prices may prove to be a structural problem with it.

The issue is lots of renewable generation far from places where it is used and not enough transmission capability.

This is called curtailment and is really, really bad. Energy providers need to pay the windfarms for the energy that they (the grid operators) fail to transmit to where it is needed, and they have to pay backup generation (usually gas) at the place with the load.

You have an intermittent power source (wind), far removed from where the energy is needed, and you do not have sufficient electric transmission capacity.

Heat pumps or EVs far removed from the source of generation will not do you any good. You need load where the energy is produced or you need more transmission capacity.

The situation GB has is that there is load, and there is enough renewable generation on the grid to meet that load, however they do not have the capability to bring the electricty to where the load is. You can lessen the demand, but the generation would not get less through that. The only benefit of that would be that you wouldn't have to spin up gas plants, but the same amount of wind energy would still be lost.

E.g peak solar is around 2pm, peak demand is around 7pm

Grid storage (including EVs and smart heat pumps) absolutely help with this second problem

Take Google, which should have plenty of money and systems to provide long-term support, is regularly axing older products. (Of course, Google has a history of such actions, but they don't have to EOL products that should have long life-spans. Plenty of company won't really have a choice if they are facing bankruptcy, etc.)

Before buying a device, it is a good idea to check if there are open source adapters for it for Home Assistant, those usually show if it can be controlled easily and preferably without cloud.

[0] https://ngenic.se/en/tune/

See eg https://www.euronews.com/business/2025/02/20/fixed-vs-variab...

We've saved 100s of euros annually on our electric bill by limiting sauna, washing machine + dishwasher to low-cost hours. Sometimes it's impossible and it's days at a higher rate - but for a 2 person household it's costing us 15-20e a month (+ additional transmission costs)

> This includes switching between 'peak' and 'off-peak' meter registers as well as controlling the supply to dedicated off-peak loads such as night storage heating

1980's technology, recently switched off, I presume for internet based alternatives. The exact same principle applies, beats batteries as hot water tanks and storage heaters already exist.

Other options could be delayed start for large appliances like washing machines and charging electric vehicles. EVs have even been proposed as a distributed battery system to smooth out electricity use.

A lot of thermostats support it

The problem here is

1) the excess power is not near the demand

2) the cost of electricity near the excess power is no lower than where there's no excess

3) nimbys prevent the extra interconnects being built which equalise power availability and power demand

The power company can integrate with car chargers and battery controllers to control all of this automatically, though we don’t bother - just check the app for the cheapest/greenest times and schedule the car to charge then.

It’s allowed us to switch to an EV without even really noticing any extra power cost for charging it.

The electric water heaters are a good idea, but you'd need the space for extra storage. There's existing heat exchanger systems with e.g. rooftop / sunlight water heating systems, if excess cheap energy could be used to also heat that storage you'd have something.

I'm always highly amused when people have heated pools next to large outdoor ac units. They could probably dump all the heat from house into it the entire summer and not have a meaningful effect on the temperature

The downside was that once the hot water was gone, we had to wait until the next day for more. The last person to shower occasionally got a cold shower.

On-demand systems win here.

The one I'm getting now has two coils, one to quickly heat water at the top half, the second to heat from the bottom - they're never on at the same time. Internal heat around 75 C, mixed to cooler on the way out, and it can keep hot water for 2 weeks if disconnected from power.

WTF showering for one hour? That's a great way to quickly become persona non grata in my house.

Initial situation:

* Big corp M has X$ in cash where X is huge

Big Corp M invest X$ in AI startup O, with a provision that O needs to use most of the money to buy cloud infrastructure from M to power AI models.

End situation:

* Big corp M has X$ wort of shares in O, the value of which will rapidly grow

* Big corp M cloud division has ~X$ in extra revenue

The deal automatically turns X$ into ~2X$ in books. Rinse and repeat with next round deals and next AI startups. The big corps are reporting increased cloud divisions revenue from AI spent, but it is their own investment money flowing back to cloud divisions.

No it doesn't. The revenue it gets back is valued only at a fraction, because it's only worth its profit. Revenue != profit.

And your "the value of which will rapidly grow" is doing all the work here. That's not guaranteed. It might collapse as well.

It's not money printing at all. It's tying up cash long-term in exchange for a much smaller amount of profit short-term. Which is risky but entirely normal.

Nothing "money printing" about it.