I understand where you are coming from but there’s a flip side to this.
Cloudflare obfuscating such a huge segment of origin servers gives a privacy advantage to anyone using a private DNS, since most of the IPs you can be seen connecting to are just…Cloudflare.
It's funny that the original idea for HTTPS was that there should be private communication between clients and service providers, and it somehow got turned on its head and now its just private communication between you and Cloudflare, and they can see all the traffic.
We talk about end to end encryption all the time, but half the web is hosted by a single company with questionable ethics and everyone is like, we trust them! They write technical blog posts!
"Additionally, with the ECH extension not yet being widely used [17], [71] and focusing on privacy protection rather than censorship circumvention [60], it can be censored easily by blocking it entirely [14], [76]."
The paper describes various GFW bypass methods that currently work, including removing the SNI extension entirely
It does not mention anyone using ECH to bypass GFW
Perhaps it is too early to conclude "China blocks ECH" because ECH is not in widespread use
Great gaslighting I must admit, terminating SSL of half the internet.. that centralization is actually enhancing privacy... There is a very high probability Cloudflare is a literal NSA front.
Cloudflare obfuscating such a huge segment of origin servers gives a privacy advantage to anyone using a private DNS, since most of the IPs you can be seen connecting to are just…Cloudflare.