Basically cloudflare shat the pot and spewed a bunch of user auth data for people visiting sites via their DNS out to random people thanks to someone putting a ">" instead of a "=" in the code somewhere and causing a buffer overrun, shit got into google's cache, so now anyone who logged into any of the sites in the last few months may or may not be compromised. fun times.
techie explanation here: https://bugs.chromium.org/p/project-zer ... il?id=1139
Sites affected: https://github.com/pirate/sites-using-cloudflare
The big one for people here is probably Discord, but there's a few others including SA, a bunch of the chans, but since there's like 4 million sites on the full list it's probably easier to just change everything rather than go trawling.
Change your passwords (again)
- Screemonster
- Joined: Sat Jul 26, 2014 7:23 pm
- Byond Username: Scree
- DemonFiren
- Joined: Sat Dec 13, 2014 9:15 pm
- Byond Username: DemonFiren
- Qbopper
- Joined: Fri Jul 10, 2015 6:34 pm
- Byond Username: Qbopper
- Github Username: Qbopper
- Location: Canada
Re: Change your passwords (again)
Fuckin'
Thanks for the heads up, goddamnit
Thanks for the heads up, goddamnit
Limey wrote:its too late.
- MrStonedOne
- Host
- Joined: Mon Apr 14, 2014 10:56 pm
- Byond Username: MrStonedOne
- Github Username: MrStonedOne
Re: Change your passwords (again)
For reference, /tg/ was not using cloudflare because our servers are powerful enough they don't no anti-ddos reverse web proxy.
But basically every other ss13 forum was.
But basically every other ss13 forum was.
- PKPenguin321
- Site Admin
- Joined: Tue Jul 01, 2014 7:02 pm
- Byond Username: PKPenguin321
- Github Username: PKPenguin321
- Location: U S A, U S A, U S A
Re: Change your passwords (again)
reason #1395378258329 why mso is godMrStonedOne wrote:For reference, /tg/ was not using cloudflare because our servers are powerful enough they don't no anti-ddos reverse web proxy.
But basically every other ss13 forum was.
i play Lauser McMauligan. clown name is Cold-Ass Honkey
i have three other top secret characters as well.
tell the best admin how good he is
i have three other top secret characters as well.
tell the best admin how good he is
Spoiler:
- Lumbermancer
- Joined: Fri Jul 25, 2014 3:40 am
- Byond Username: Lumbermancer
Re: Change your passwords (again)
Explain.Screemonster wrote:shit got into google's cache
- Xerux
- Joined: Fri Apr 18, 2014 5:26 am
- Byond Username: Xerux
Re: Change your passwords (again)
Lumbermancer wrote:Explain.
Due to a bug, CloudFlare's reverse proxy was accidently dumping chunks of memory into some request responses. This includes requests by web crawlers, so the data has wound up in web caches. (For example, google keeps cached versions of pages they've crawled that you can view, useful when a site is down. Most if not all cell phone providers use a caching proxy, as do many businesses and universities.) Google and several search engines have been working to purge the data, but there's no telling where else it has wound up and what they've missed.taviso@google.com wrote:We keep finding more sensitive data that we need to cleanup. I didn't realize how much of the internet was sitting behind a Cloudflare CDN until this incident.
The examples we're finding are so bad, I cancelled some weekend plans to go into the office on Sunday to help build some tools to cleanup. I've informed cloudflare what I'm working on. I'm finding private messages from major dating sites, full messages from a well-known chat service, online password manager data, frames from adult video sites, hotel bookings. We're talking full https requests, client IP addresses, full responses, cookies, passwords, keys, data, everything.
The only sites this should affect would be ones that were using CloudFlare's reverse proxy and not just their dns but there isn't a list so far of sites that were only using it. (The list in the first post is everything that used their nameservers.)
Spoiler:
Who is online
Users browsing this forum: jimmyl