birdwatcher (birdwatcher) wrote,
birdwatcher
birdwatcher

Cloudflare выступила на отличненько

We keep finding more sensitive data that we need to cleanup. I didn't realize how much of the internet was sitting behind a Cloudflare CDN until this incident. The examples we're finding are so bad, I cancelled some weekend plans to go into the office on Sunday to help build some tools to cleanup. I've informed cloudflare what I'm working on. I'm finding private messages from major dating sites, full messages from a well-known chat service, online password manager data, frames from adult video sites, hotel bookings. We're talking full https requests, client IP addresses, full responses, cookies, passwords, keys, data, everything.
https://bugs.chromium.org/p/project-zero/issues/detail?id=1139
https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/
Subscribe

  • Удачно!

    Ценители звездолётов и космических программ могут выбрать наименее обидный для себя вариант. jalopnik.com -- NASA Was ‘Right’ To Bring Starliner…

  • Кстати

    Если бы Харрис не была такой тупой, она обязательно спросила бы Трампа, ревакцинировался ли он уже нынешними вакцинами, или советует подождать до…

  • С вирусологической сволочью всё было ясно уже в 1977 году

    sciencealert.com -- Was it simply a coincidence that within months of Pvt. Lewis' death from H1N1 swine flu, a heretofore extinct H1N1 influenza…

  • Post a new comment

    Error

    default userpic
    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
  • 4 comments