27X Posted February 24, 2017 Posted February 24, 2017 Though at least this time it wasn't their fault. https://bugs.chromium.org/p/project-zero/issues/detail?id=1139 https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/ https://github.com/pirate/sites-using-cloudflare
MadMansGun Posted February 24, 2017 Posted February 24, 2017 i'm not sure if they are or not, but loverslab.com is on that "List of Possibly Affected Sites" as well DISCLAIMER:This list contains all domains that use cloudflare DNS, not just the cloudflare SSL proxy (the affected service that leaked data). It's a broad sweeping list that includes everything. Just because a domain is on the list does not mean the site is compromised.
27X Posted February 24, 2017 Author Posted February 24, 2017 There are metric asston of sites, as the link mentions, a lot of them having lots of personal data, and some of them having more-than-personal data.
meme supreme Posted February 24, 2017 Posted February 24, 2017 Confound it I don't have enough memory to renember all these heckin passwords
DoctaSax Posted February 24, 2017 Posted February 24, 2017 This is from SirSalami on the nexus discord: We are well aware and those issues that cloudflare has had should not affect our users as we do not utilize their encryption services (we only use them for DNS purposes) So, let's not be pointing fingers at Nexus over this. I contacted Ashal to ask if we're equally unaffected or not.
ousnius Posted February 24, 2017 Posted February 24, 2017 Only around 150 sites globally out of hundreds of thousands that use Cloudflare are affected. As SirSalami stated, the Nexus only used the DNS part of Cloudflare, which has no access to any data or cookies.
Darkpig Posted February 25, 2017 Posted February 25, 2017 What the heck are you talking about? I can download Nexus files just fine.
27X Posted February 25, 2017 Author Posted February 25, 2017 What the heck are you talking about? I can download Nexus files just fine.
Darkpig Posted February 25, 2017 Posted February 25, 2017 I might have jumped to conclusions. Still you'd think that they would have put it on the front page of the Nexus or something.
Benmc20 Posted February 25, 2017 Posted February 25, 2017 This is from SirSalami on the nexus discord: We are well aware and those issues that cloudflare has had should not affect our users as we do not utilize their encryption services (we only use them for DNS purposes) So, let's not be pointing fingers at Nexus over this. I contacted Ashal to ask if we're equally unaffected or not. I've warned Dark0ne yesterday for this exact issue. Fortunately, this time Nexusmods seems safe.
nugerumon Posted February 27, 2017 Posted February 27, 2017 Confound it I don't have enough memory to renember all these heckin passwords Get yourself an (offline) password manager (like any keepass derivative). Upside: you only need one password (and don't really need to change it very often). Downside: you need to find a solution to sync the encrypted password container to all the devices where you need your passwords. But don't use a cloud based password manager, when they get hacked all your passwords are out in the wild (which is worse than using the same password for all accounts).
Ashal Posted February 27, 2017 Posted February 27, 2017 Sorry for not updating on this sooner. But to clarify, LoversLab isn't affected. Just uses the Cloudflare DNS features.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.