But it's also harmful to the Internet at large (as in "all the users of the Internet") if service operators can't keep a service online because it's swamped by malicious users (or, arguably worse, it is online but the nature of its use is so badly understood by its operators that it's serving as a springboard for larger, more coherent attacks).

Services like Cloudflare allow operators to outsource the knowledge of how to mitigate those issues. This increases the total services that can be provided online by lowering the knowledge floor via specialization, which makes the Internet "bigger" (in terms of more things you can do with / on it).

I am looking from the viewpoint of someone whose privacy and opportunity are harmed, so of course I have my biases. :)

> But it's also harmful to the Internet at large

A good argument to try, but not sure this "nebulous" harm, as JS Mill might say, really works. For many reasons; "The Internet" hasn't been a coherent, level entity for some time now. No doubt you've heard the term "splinternet" - something to which I actually think problems like Cloudflare contribute. And there's an implication that a "service provider" somehow outweighs a single user. Which seems nonsense since many "services" are one man shows with a handful of users while there are some individual users of great prominence, power and value. Besides, the Internet in it's "virgin" (most unharmed) form might be said to be purely peer-to-peer. The nebulous harms you propose really apply to a certain "kind" of internet, supporting certain kinds of interests.

> Services like Cloudflare allow operators to outsource the knowledge > of how to mitigate those issues.

They are outsourcing action, not just knowledge. Like a private police force Cloudflare are actively (and literally) intervening in third party business and taking punitive actions against individuals based entirely on their judge, jury and executioner logic. That is a lot less innocent than you make it sound. The users are outsourcing their judgement, while swerving their responsibilities as netizens.

> This increases the total services that can be provided online by lowering the knowledge floor via specialisation, which makes the Internet "bigger" (in terms of more things you can do with / on it).

As we've discussed in these pages many times, and under many topics and titles, growth is not an unqualified good. Scale is not unquestionably desirable. Quality is rarely commensurate with either. So I am not swayed by the argument that having some of the network avoidably broken is justified by extending its size.

I, for one, have a blog that I don't use Cloudflare for. There's a risk that my system gets hugged to death and I don't know until my service provider either notifies me or cuts me. And from a certain point of view, I might be considered a negligent actor because I'm not collecting enough information to know if somebody has breached my blog engine and turned it into part of the Low Orbit Ion Cannon. But I've chosen to value user privacy.

Point is, trade-offs. I don't think I'm in some kind of moral right space for my decisions, I've made them based on the kind of reader I expect to get.

I see that many of your personal concerns stem from the wish to be a good netizen yourself.

FWIW, I deeply value these discussions. You've made some new points, noted and helpful for my research, thank you.