【Business Relationship】-Prosperous Times Information Network
Latest News:
The Reaching-Out Industry Staff Picks: Monkey Minds, the Singing Butler, and Rum Cookies by The Paris Review Sylvia Plath's Sketches by Sadie Stein How Do I Break My Trash Addiction? by Sadie Stein The Vital Possibility of Abdul El-Sayed Code 451, Psychotic Real Estate by Sadie Stein Home to Darkness: An Interview with Playwright Tom Murphy by Belinda McKeon What We're Loving: All Kinds of Poetry by Sadie Stein The Professional Friends of YouTube Jean Toomer’s “Beehive” by Rachel Kaadzi Ghansah
Current Location: Home > Social Good > 【Business Relationship】

【Business Relationship】

2025-06-26 00:05:37 [Deals] Source: Prosperous Times Information Network

Cloudflare,Business Relationship one of the giants of internet security responsible for keeping the websites we all visit safe, is itself the source of a vulnerability that has the potential to rival the Heartbleed bug of 2014. And to make things worse, we don't even know the full extent of the damage yet.

Let's get this out of the way early: Change your passwords.Starting with Uber, Ok Cupid, Yelp, Fitbit, and Authy. But if you don't use the services, don't get complacent. There's a long list of sites that could be affected, and new ones are bound to be added, so stay vigilant.

The leak, being referred to as "Cloudbleed," is a vulnerability that has divulged everything from passwords to private messages on dating sites, hotel bookings and other personal info. And to make things more terrifying, even sites that don’t use the company's service but have a lot of Cloudflare users could have compromised data on their servers.

SEE ALSO: Feds secretly forced Twitter to disclose a user's identity — twice

Cloudflare officially announced the situation in a blog post on Thursday night, attributing it to an error in coding that resulted in a "buffer overrun" that was "quickly identified." Cloudflare’s software works to store your data in securely, but because of this bug, some data was accidentally leaked in a way that was not secure enough. Cloudflare has worked to fix this, but the problem is search engines like Google often cache a version of the data, and because of this it’s possible that the data is still out there.

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

A member of Google's Project Zero team, Tavis Ormandy, noticed the suspected security issue with Google's Edge Network to Cloudflare last Friday, however, the leak could reportedly have begun back on Sept. 22, 2016.

As for the information in jeopardy, Ormandy feels you have good reason to fear. "The examples we're finding are so bad ... I'm finding private messages from major dating sites, full messages from a well-known chat service, online password manager data, frames from adult video sites, hotel bookings,' he wrote. "We're talking full https requests, client IP addresses, full responses, cookies, passwords, keys, data, everything."

In his online forum, Ormandy detailed his time spent working with Cloudflare to resolve the issue, and admitted he is unaware what information, if any, was compromised. "I don't know if this issue was noticed and exploited, but I'm sure other crawlers have collected data and that users have saved or cached content and don't realize what they have, etc.," Ormandy wrote.

"I didn't realize how much of the internet was sitting behind a Cloudflare CDN until this incident."

Featured Video For You
Apple's new 'Apple Park' spaceship campus will open in April

(Editor: {typename type="name"/})

Related Articles
Recommended
Hot Reads
Random

友情链接

接受PR>=1、BR>=1,流量相当,内容相关类链接。