Dependency on external domains for scripts and resources

[mcinglis]

The website currently loads resources from google-analytics.com, googleapis.com, cloudflare.com, and bootstrapcdn.com. This is problematic for several reasons:

• loading resources (particularly scripts) from external domains jeopardizes the privacy of visitors to the website. They're informing Google, Cloudflare and MaxCDN (I think they operate Bootstrap CDN?) that they're visiting Taskforce.is. Google's intentions for that data are obvious (and contrary to users' interests), and who's to say what Cloudflare's and MaxCDN's interests are? They are for-profit companies, and they have every incentive to profit from the data being fed to them by their CDNs. There was a discussion on HN recently regarding the dangers of CDNs (or really, any scripts served from external domains, including analytics).
• the site breaks, considerably, for users who have installed privacy-enhancing browser add-ons like RequestPolicy (lets the user choose what cross-site requests are made) and NoScript (lets the user choose what active content runs). I'll attach screenshots of what the site looks like with those add-ons. All functionality is broken, and images are heavily pixelated.
• it's highly hypocritical on Taskforce's part, which is supposed to be acting to protect people's freedoms, rights and privacy.

Are CDNs really warranted for the amount of traffic Taskforce.is gets? Are analytics so critical? Is anything valuable being learned from them? At the very least, free, self-hosted analytics solutions like Piwik should be used instead.

Thanks.