2017-02-24, 10:06 | Link #1 |
Administrator
Administrator
Join Date: Jan 2001
Location: Netherlands
Age: 45
|
AnimeSuki.com & Cloudflare
Some news is appearing that Cloudflare, a company many sites use for making their sites faster/safer, has been compromised.
The bug is essentially a buffer overrun. This meant that the contends of pages routed through Cloudflare may have contained data from other sites, sometimes very sensitive data. This is what it looks like: https://gfycat.com/ElatedJoyousDanishswedishfarmdog The data that could have been leaked could be things like email addresses and unencrypted passwords (non-hashed for the technical purists). More information here: https://blog.cloudflare.com/incident...re-parser-bug/ https://bugs.chromium.org/p/project-...detail?id=1139 https://www.reddit.com/r/programming...ustomer_https/ It is highly advisable you change your password on any of the affected sites. This includes Discord, Medium, Uber, DigitalOcean, etc. For a larger list, see here: https://github.com/pirate/sites-using-cloudflare Now the big question: Does AnimeSuki.com use Cloudflare? - Yes Does this mean AnimeSuki.com is affected? - No AnimeSuki (and anything else I use Cloudflare for) uses Cloudflare for DNS only. The "recommended" way of using Cloudflare routes traffic through their servers, but AnimeSuki does not do this. Hence we are not affected. (I was glad to find out my email provider had the same setup and isn't affected either) Last edited by GHDpro; 2017-02-24 at 10:29. |
|
|