Help & FAQs    Search BCF    Members    Groups    Events Calendar
Resend my activation email : Register : Log in 
BCF: Bike Chat Forums


Cloudbleed HTTPS Traffic Leak

 Reply to topic
Bike Chat Forums Index -> The Geek Zone
View previous topic : View next topic  
Author Message

ScaredyCat
World Chat Champion



Joined: 19 May 2012
Karma :
PostPosted: 10:26 - 24 Feb 2017    Post subject: Cloudbleed HTTPS Traffic Leak Reply with quote
Quote:
Between 2016-09-22 - 2017-02-18 passwords, private messages, API keys, and other sensitive data were leaked by Cloudflare to random requesters. Data was cached by search engines, and may have been collected by random adversaries over the past few months.

"The greatest period of impact was from February 13 and February 18 with around 1 in every 3,300,000 HTTP requests through Cloudflare potentially resulting in memory leakage (that’s about 0.00003% of requests), potential of 100k-200k paged with private data leaked every day" -- source : https://news.ycombinator.com/item?id=13719518



https://github.com/pirate/sites-using-cloudflare
____________________
Honda CBF125 ➝ NC700X
Honda CBF125 ↳ Speed Triple
 Back to top
View user's profile Send private message You must be logged in to rate posts

Rogerborg
nimbA



Joined: 26 Oct 2010
Karma :
PostPosted: 10:47 - 24 Feb 2017    Post subject: Reply with quote
grep? uniq? Sound like h4xxx. Folded arms

bikechatforums not found, praise Allah.
____________________
Biking is 1/20th as dangerous as horse riding.
GONE: HN125-8, LF-250B, GPz 305, GPZ 500S, Burgman 400 // RIDING: F650GS (800 twin), Royal Enfield Bullet Electra 500 AVL, Ninja 250R because racebike
 Back to top
View user's profile Send private message You must be logged in to rate posts

Jayy
Mr. Ponzi



Joined: 08 Jun 2009
Karma :
PostPosted: 15:48 - 24 Feb 2017    Post subject: Reply with quote
Yeah this baaaad.
 Back to top
View user's profile Send private message You must be logged in to rate posts

Derivative
World Chat Champion



Joined: 03 Aug 2010
Karma :
PostPosted: 03:03 - 26 Feb 2017    Post subject: Reply with quote
Polite request from Derivative to web admin folks.

Pls do not fucking MITM half of the internet.

thx.
 Back to top
View user's profile Send private message You must be logged in to rate posts

Rogerborg
nimbA



Joined: 26 Oct 2010
Karma :
PostPosted: 08:47 - 26 Feb 2017    Post subject: Reply with quote
My corporate masters use the ZScaler 3rd party proxy service which (for my "security") actually MITMs https connections by inserting its own certificate, decrypting, examining the packets for naughtiness, then sending them off to the intended target.

Firefox rightfully calls shenanigans on that, but Chrome and IE totes trust this 3rd party Septic outfit with my personal info and banking details and such, because, uh... there's a contract. Not involving me.

Needless to say, all of my web traffic goes via an SSH tunnel to my Pi proxy.
____________________
Biking is 1/20th as dangerous as horse riding.
GONE: HN125-8, LF-250B, GPz 305, GPZ 500S, Burgman 400 // RIDING: F650GS (800 twin), Royal Enfield Bullet Electra 500 AVL, Ninja 250R because racebike
 Back to top
View user's profile Send private message You must be logged in to rate posts
Old Thread Alert!

The last post was made 7 years, 61 days ago. Instead of replying here, would creating a new thread be more useful?
  Display posts from previous:   
This page may contain affiliate links, which means we may earn a small commission if a visitor clicks through and makes a purchase. By clicking on an affiliate link, you accept that third-party cookies will be set.

Post new topic   Reply to topic    Bike Chat Forums Index -> The Geek Zone All times are GMT + 1 Hour
Page 1 of 1

 
 You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum

Read the Terms of Use! - Powered by phpBB © phpBB Group
 
Debug Mode: ON - Server: birks (www) - Page Generation Time: 0.05 Sec - Server Load: 0.46 - MySQL Queries: 17 - Page Size: 45.48 Kb