List of Sites possibly affected by Cloudflare's Cloudbleed HTTPS Traffic Leak

Discussion in 'Chit Chat' started by CHEF-KOCH, Feb 25, 2017.

  1. CHEF-KOCH

    CHEF-KOCH MDL Addicted

    Jan 7, 2008
    937
    886
    30
  2. Tiger-1

    Tiger-1 MDL Guru

    Oct 18, 2014
    3,761
    4,047
    120
    #2 Tiger-1, Feb 25, 2017
    Last edited: Feb 25, 2017
    @CK thanks for the heads up dude I already change mine when MDL suffer damn attack and I follow Daz instructions in this time maybe I need change another time??:g:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Michaela Joy

    Michaela Joy MDL Crazy Lady

    Jul 26, 2012
    3,646
    3,941
    120
    Done! :thumbsup:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. sml156

    sml156 MDL Member

    Sep 8, 2009
    130
    70
    10
    I have not looked at your list yet but did you include app's.

    What I mean by that is lets say you use an android app that connects to FaceBook and that app uses CloudBleed CloudFair as it's server.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. CHEF-KOCH

    CHEF-KOCH MDL Addicted

    Jan 7, 2008
    937
    886
    30
    Yes for example some popular apps are affected by this, e.g. Discord which uses cloudflare. The good thing is that you can still use 2-factor and change your password and you 'should' be safe.
     
  6. sml156

    sml156 MDL Member

    Sep 8, 2009
    130
    70
    10
    Another thing do you find the timing of the Google WiFi hub (or whatever its called) and FaceBook Having problems with people trying to log on and not being able to.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. CHEF-KOCH

    CHEF-KOCH MDL Addicted

    Jan 7, 2008
    937
    886
    30
    Sorry I not know anything when it comes to facebook. I assume they using own services and they should be secure. Of course everything is possible we are all only humans and making mistakes.
     
  8. sml156

    sml156 MDL Member

    Sep 8, 2009
    130
    70
    10
    #8 sml156, Feb 25, 2017
    Last edited: Feb 25, 2017
    I know that FaceBook does not but there are a ton of apps for it (I think anyway) that might use it. Anyway I was just thinking out loud.

    Check a site to see if it was affected by CloudBleed.
    http://www.doesitusecloudflare.com/
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. Daz

    Daz MDL Developer / Admin
    Staff Member

    Jul 31, 2009
    9,488
    66,572
    300
    MDL shouldn't be affected by this since we didn't have the settings enabled that caused the problem. We've also received an email from Cloudflare to confirm this.

    It should be made clear that the list of sites using Cloudflare doesn't reflect who was and wasn't affected. Of course you should change your passwords anyway, just to be safe.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. Tiger-1

    Tiger-1 MDL Guru

    Oct 18, 2014
    3,761
    4,047
    120
    @Daz ok thanks for the heads up so now I'm more in peace here :)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. CHEF-KOCH

    CHEF-KOCH MDL Addicted

    Jan 7, 2008
    937
    886
    30
    #11 CHEF-KOCH, Feb 26, 2017
    Last edited: Feb 26, 2017
    (OP)
    This is wrong, the list is from Cloudflare. I think they now better. :mushy:

    Edit: The thing is that we not know what exactly is 'affected' since there is no information on this, which is already mentioned over here and here.

    But I made a pull request just in case to not confuse people as long there is no evidence that something was compromised.
     
  12. Daz

    Daz MDL Developer / Admin
    Staff Member

    Jul 31, 2009
    9,488
    66,572
    300
    Source: It's in the GitHub pages disclaimer.

    If you didn't use automatic HTTPS rewrites, server side excludes & email obfuscation then you shouldn't be affected.

    The GitHub page is totally unofficial and is nothing but pointless guess work.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. CHEF-KOCH

    CHEF-KOCH MDL Addicted

    Jan 7, 2008
    937
    886
    30
    The problem is not even an Admin/Webmaster can see if the page is compromised since the traffic is encrypted and you never know if it wasn't captured or in other ways compromised.

    But that's the part why I've said, no evidence.
     
  14. Daz

    Daz MDL Developer / Admin
    Staff Member

    Jul 31, 2009
    9,488
    66,572
    300
    The three settings that I've mentioned caused the leak in the HTML parser. If you already had them turned off like MDL did then you shouldn't have any bad data cached.

    Source: https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/

    I had personally checked multiple search engines as soon as the news broke. I didn't find any bad data and then eventually we received an email from Cloudflare to say that we're unaffected.

    Could the leak of affected other sites? Sure, but I'd bet that at least 90% of the sites on that list are perfectly fine.



    You should ignore coderobe's reply on GitHub as he's not taking into account what settings CF customers used.

    The people who have access to the GitHub page can't prove that most of the sites aren't affected, so they're choosing not to trust what Cloudflare or their customers tell them. We're all being put on a list that just spreads a little FUD.

    You should know that we've only been using CF as a proxy for a few months now. We also don't get a lot of our pages cached due to all of the bogus DMCA takedown requests that go against us, so don't worry about getting MDL removed from the list.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...