A "petty battle against CloudFlare DNS users"? No. They require a standardized DNS extension in order for their services to operate properly, and CloudFlare is waging a petty battle against the standard.
They are open ports which are accessible to the Internet at large. Or at least, any site you go to. If you don't like that there are various means to close off those ports to your browsers (Windows firewall, network namespaces, etc).
IMO this is a symptom of a larger problem with the entire web 'ecosystem' (HTML, CSS, JS primarily). It all tries (or tried, anyway) to be simple and easy and forgiving - which means that simple things are easy, and moderately complex things are insanely difficult.
I honestly think the only real solution is re-doing all of it 'from scratch', to make everything (a) stricter and (b) more normal/consistent.
(I think the extant transpilers/preprocessors tend to try to be too 'thin' of a wrapper around CSS/JS: they do give some nice quality of life features but still don't really clean up the mess that is JS and the DOM.)
You can always take a multi-tenant system and convert it into a single-tenant system a lot more easily. First and foremost, you can simply run the full multi-tenant system with only a single tenant, which if nothing else enables progressive development (you can slowly remove those now-unnecessary WHERE clauses, etc).
Open ports which are accessible to the Internet at large are not "machine internals". If you do not want someone to access your systems, then you should configure your systems to not allow that access.
> Port scanning is definitely not something I would expect when browsing the web (And based on the amount of upvotes on the last thread, not something most of HN would expect)
Then you're a fool, frankly. Plenty of online services, web or otherwise, use port scans as a means to detect such things as open proxies or open MTAs.
I believe most if not all states seal juvenile records by default.
If so, then a court would have to unseal it.
As an example, in Texas, juvenile records are automatically sealed in most cases, and can basically only be released to the subject of the record, or a prosecutor in a future case.
The fragment is, at the very least, exposed to JavaScript. It's also has several problems which are explicitly called out (for the query string) in your own link: Shoulder surfing, cache, history