Change your passwords (again)

[Screemonster]

Basically cloudflare shat the pot and spewed a bunch of user auth data for people visiting sites via their DNS out to random people thanks to someone putting a ">" instead of a "=" in the code somewhere and causing a buffer overrun, shit got into google's cache, so now anyone who logged into any of the sites in the last few months may or may not be compromised. fun times.

techie explanation here: https://bugs.chromium.org/p/project-zer ... il?id=1139

Sites affected: https://github.com/pirate/sites-using-cloudflare

The big one for people here is probably Discord, but there's a few others including SA, a bunch of the chans, but since there's like 4 million sites on the full list it's probably easier to just change everything rather than go trawling.

[DemonFiren]

[Qbopper]

Fuckin'

Thanks for the heads up, goddamnit

[MrStonedOne]

For reference, /tg/ was not using cloudflare because our servers are powerful enough they don't no anti-ddos reverse web proxy.

But basically every other ss13 forum was.

[PKPenguin321]

For reference, /tg/ was not using cloudflare because our servers are powerful enough they don't no anti-ddos reverse web proxy.

But basically every other ss13 forum was.

reason #1395378258329 why mso is god

[Lumbermancer]

shit got into google's cache

Explain.

[Xerux]

Explain.

We keep finding more sensitive data that we need to cleanup. I didn't realize how much of the internet was sitting behind a Cloudflare CDN until this incident.

The examples we're finding are so bad, I cancelled some weekend plans to go into the office on Sunday to help build some tools to cleanup. I've informed cloudflare what I'm working on. I'm finding private messages from major dating sites, full messages from a well-known chat service, online password manager data, frames from adult video sites, hotel bookings. We're talking full https requests, client IP addresses, full responses, cookies, passwords, keys, data, everything.

Due to a bug, CloudFlare's reverse proxy was accidently dumping chunks of memory into some request responses. This includes requests by web crawlers, so the data has wound up in web caches. (For example, google keeps cached versions of pages they've crawled that you can view, useful when a site is down. Most if not all cell phone providers use a caching proxy, as do many businesses and universities.) Google and several search engines have been working to purge the data, but there's no telling where else it has wound up and what they've missed.

The only sites this should affect would be ones that were using CloudFlare's reverse proxy and not just their dns but there isn't a list so far of sites that were only using it. (The list in the first post is everything that used their nameservers.)