The costs of running this huge site are paid for by ads. Please consider registering and becoming a Supporting Member for an ad-free experience. Thanks, ECF team.

CloudBleed HTTPS traffic leak

Discussion in 'Computer Security' started by KRSL, Feb 24, 2017.

Thread Status:
Not open for further replies.
Image has been removed.
URL has been removed.
Email address has been removed.
Media has been removed.
  1. KRSL

    KRSL New Member

    Feb 24, 2017
    • Like Like x 1
  2. retired1

    retired1 Administrator Admin Verified Member ECF Veteran

    Supporting member
    Apr 5, 2013
    Texas
    Moved to Computer Security.

    As a precaution, staff have been advised to change their passwords. Members can do so as well if they wish to. As this vulnerability cannot be used as a targeted attack, the chances of your info being compromised is minimal. Cloudflare has already fixed the issue and is deleting cached data.
     
    • Like Like x 1
  3. retired1

    retired1 Administrator Admin Verified Member ECF Veteran

    Supporting member
    Apr 5, 2013
    Texas
    OK. Here's the deal. Yes, there was a rather spectacular vulnerability associated with Cloudflare. However, obtaining the information from the vulnerability is random as it can possibly get. The vulnerability is impossible to use as a targeted attack.

    Here's a rather sensible piece from CNN about this whole thing. Ignore the grand standing by some sites who are claiming the sky is falling (it's not).

    Why you shouldn't freak out (yet) about the 'Cloudbleed' security leak

    For now, the vulnerability is a minor thing as far as the release of sensitive information is concerned. However, we may find tomorrow that people have been slurping data since September and have amassed a rather nasty collection of PMs, chats and passwords. It's unlikely, but it is possible. So for now, it's not something to get worked up about, but taking the standard precautions (password changes) on any site you have an account on and uses Cloudflare would be prudent.
     
    • Like Like x 2
Thread Status:
Not open for further replies.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice