![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
IMPORTANT: SERIOUS MEMORY LEAK
Feb. 25th, 2017 04:05 amvia http://ift.tt/2mv1IZI:
geistygeist:
cerastes:
ironrings:
tl;dr Change all of your passwords everywhere in the below list, immediately. This is easily one of the worst security problems in recent history and not an exaggerated, unsubstantiated panic response.
http://ift.tt/2mqCg7N
Cloudflare, one of the largest CDN providers that power a huge number of highly popular websites, has been affected by a severe bug that exposed the raw contents of Cloudflare server memory to the public.
A principal engineer at Cloudflare stated: “Memory leak” in the title is misleading. This is memory disclosure, and it’s easily one of the worst security incidents of all time. What is here is disclosure of arbitrary encrypted data (but the plaintext is disclosed), for millions of domains. That data, which could include passwords, credit card numbers, and other secret data, is now sitting in caches distributed all over the world. You can even query some of it from Google right now. Simply awful.
Discord, Reddit, Crunchyroll and Humble Bundle are four of the major affected sites that you guys may be using. Check if other services that you use frequently are on the list.
Sources:
http://ift.tt/2lwIV2G
http://ift.tt/2mcZL8a
http://ift.tt/2lDvf4h
Hey everyone, just to be on the safe side, check the list and, even if it is not there, change your password on your most sensitive and important websites or e-mails right now. This is a pretty big deal, so please tell your friends and spread the message.
Yeesh, this looks like a bad one. Patreon appears to be affected too, so anyone who uses that should be aware.
geistygeist:
cerastes:
ironrings:
tl;dr Change all of your passwords everywhere in the below list, immediately. This is easily one of the worst security problems in recent history and not an exaggerated, unsubstantiated panic response.
http://ift.tt/2mqCg7N
Cloudflare, one of the largest CDN providers that power a huge number of highly popular websites, has been affected by a severe bug that exposed the raw contents of Cloudflare server memory to the public.
A principal engineer at Cloudflare stated: “Memory leak” in the title is misleading. This is memory disclosure, and it’s easily one of the worst security incidents of all time. What is here is disclosure of arbitrary encrypted data (but the plaintext is disclosed), for millions of domains. That data, which could include passwords, credit card numbers, and other secret data, is now sitting in caches distributed all over the world. You can even query some of it from Google right now. Simply awful.
Discord, Reddit, Crunchyroll and Humble Bundle are four of the major affected sites that you guys may be using. Check if other services that you use frequently are on the list.
Sources:
http://ift.tt/2lwIV2G
http://ift.tt/2mcZL8a
http://ift.tt/2lDvf4h
Hey everyone, just to be on the safe side, check the list and, even if it is not there, change your password on your most sensitive and important websites or e-mails right now. This is a pretty big deal, so please tell your friends and spread the message.
Yeesh, this looks like a bad one. Patreon appears to be affected too, so anyone who uses that should be aware.
