Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "cloudbleed"
-
Google: this sha-1 collision is really gonna fuck up the internet more than anything else today
Cloudflare: hold my beer
CloudBleed2 -
DECLARING CLOUDFLARE WEEK
DISCLAIMER : THZ CLOUDBLEED
Hey guys remember when gitlab was something blah blah? Now lets talk about cloudflare for a week!9 -
<!DOCTYPE html>
<head>
<title>hiCloudflare</title>
<link rel="stylesheet" src="main.css" />
</head>
<body>
<h1> Don't mind me, just taking my buffers for a walk</h1>
<script type=2 -
PSA Cloudflare had a bug in there system where they were dumping random pieces of memory in the body of HTML responses, things like passwords, API tokens, personal information, chats, hotel bookings, in plain text, unencrypted. Once discovered they were able to fix it pretty quickly, but it could have been out in the wild as early as September of last year. The major issue with this is that many of those results were cached by search engines. The bug itself was discovered when people found this stuff on the google search results page.
It's not quite end of the world, but it's much worse than Heartbleed.
Now excuse me this weekend as I have to go change all of my passwords.3 -
Should cloudflare have taken down their servers to protect their clients? Which is worse, the leak live or the downtime?1