Serious Threat - Majority of bitcoin services trustingly hand their security over to the same centralized company.

What is the cause?A majority of bitcoin services have their network security centralized into a single place. This place is a service called CloudFlare (CF) that provides security for things like DDoS attacks. By using CF they must route all of their traffic through them, and they must provide CF with their SSL (https) certificates. Meaning CF has access to the unencrypted traffic for every service listed below.So what?CloudFlare, Inc. is based in California. Any government agency that wanted to monitor any service below (or all) could do it at a single easy location in the United State's jurisdiction. It wouldn't be surprising if this is happening right now with sites like BTC-E that many see as some anonymous exchange in Russia.An attacker gaining access to CF would have countless ways to compromise the services using them. They could just listen to traffic, again unencrypted, including password submissions. They could modify the contents of web pages, so for example showing the attackers bitcoin address instead of the one you were asking for. They could modify data you send, so for example you tell Bitfinex to withdraw to address 1abc and they change it and tell Bitfinex it is 1xyz. Or they could replace a service all together so you think you are setting up a vault with coinbase.com but you are really setting up a vault with coinfake.com.What services does this affect?Coinbase.comCircle.comBitpay.comBlockchain.infoBitfinex.comLocalbitcoins.comBtc-e.comShapeshift.ioBitgo.comCoinsetter.comCoinkite.com (fixed with Tor, see update at bottom)Purse.ioCex.io21.coKraken.comWhat can we do about it?As consumers we can stop using centralized services for bitcoin. As developers we can keep working on providing better tools for consumers to take control of their own finances. As any of the companies listed above we need to sit down and take a hard look at this practice. Please note that I wrote this like an ELI5 on purpose. I am happy to provide a more technical explanation to anyone interested. TLDR; The network security of many of the top bitcoin services is trusted with CloudFlare. This provides a scenario for the ultimate man-in-the-middle attack, defeating everything from SSL to 2FA. Update on Coinkite: They have already thought this through and the answer using their Tor .onion. See: http://bit.ly/1KYRi9j via /r/Bitcoin http://bit.ly/1LVzVvc