Honestly for saying it deanonizes people is a bit of a fibracation. Yes theoretically a threat actor could figure out what clould flare DNS sever it is. But that really doesnt do much realistically.
For example qouting the researcher “i live in new york and my closest data center is in new Jersey”. Realistically what can a hacker do with that, other than know you live somewhere near new Jersey. The threat actor would gain very little and the information they supposedly gained isnt verifiable. You live near NJ but to the threat actor they would assume you live in NJ. Which is a red hairing, and thats not even bring up VPN’s or TOR into the equations. Which 99% of journalist use all the time for amenity. So in conclusion the information they gain is about the same as saying “i may or may not be near this cloudflare server”
Honestly for saying it deanonizes people is a bit of a fibracation. Yes theoretically a threat actor could figure out what clould flare DNS sever it is. But that really doesnt do much realistically. For example qouting the researcher “i live in new york and my closest data center is in new Jersey”. Realistically what can a hacker do with that, other than know you live somewhere near new Jersey. The threat actor would gain very little and the information they supposedly gained isnt verifiable. You live near NJ but to the threat actor they would assume you live in NJ. Which is a red hairing, and thats not even bring up VPN’s or TOR into the equations. Which 99% of journalist use all the time for amenity. So in conclusion the information they gain is about the same as saying “i may or may not be near this cloudflare server”