Cloudflare Reverse Proxies are Dumping Uninitialized Memory

So uhhhhhhhhh
Do I have to change my passwords now? Was someone hoovering up all this leaked shit? Or is it just Mossad/NSA, in which case I'm already fucked?

thread got linked on Holla Forums expect uninitiated soon.

This, cockflare literally grew to fame because of OpPayback and will never go away.

welp I'm out, see you guys in a couple days.

why

okay Holla Forums, how did the kikes pull this one off?

...

Hello Holla Forums

be on the internet for more than 6 years

Encrypted passwords?

What does that have to do with anything?

Kill yourself.

stay new and mad faggot

...

In the time you spent telling us how retarded you are, you could have done a simple search and found everything you needed to know.

Back to Holla Forums

...

Bump

I'm sure it's all a coincidence

The Holla Forums is strong in you.

back to Holla Forums, stormweenie faggot

I wont give you proof because it's common fucking knowledge, hence the term "lurk more" newfaggot

...

It's dumping uninitialised memory, that's not a memory leak, that's memory spillage.

What's the matter, cuck? Does the presence of real men suddenly make you feel insecure?

smh

What's wrong, faggot? Does the arrogant tibetan pottery maiden sting?

ITT: Holla Forums niggers false-flagging both sides as usual

Or deeps & jeets who shouldn't be coding in a first place?

This is what a polcuck looks like

I'll take that as a "yes!"

Or just dumb nigger cattle shitposting out of boredom.

this whole argument is so retarded that its funny.
but offtopic as fuck

>>>Holla Forums
fuck off StJW

>>>/SA/

Eat a dick, goon.

Quality thread.

>>>Holla Forums

>>>Holla Forums

It's time to go back to your containment board.

well this thread turned a 180 in quality

will cuckflare finally die now?
no wait it will be like this: "i am so happy cuckflare fixed this issue so fast and were so open about it XDDDDDD"

cuckflare is THE WORSE thing to happen to the internet since the very beginning. it's a terrible fucking product marketed as snake oil. everyone in the security community knew WAFs were stupid since before the 2000's. how does this bullshit even exist

The bigger issue is that they themselves can get it, since they decrypt the SSL between you and the website you're connecting to. So you should assume that all your passwords, private messages, or whatever, sent to a cloudflare website, are compromised.

But how do I know which ones were sent over ClotFlare?

Check the SSL certitifate. If it says something like cloudflaressl whatever, then that site's SSL is fake (decrypted by cloudflare).

*certificate

There wouldn't be a modern Internet without CDNs like Cloudflare you dingus.

I just checked random.org which uses cloudflare (it has that redirect message), and I can't find anything referencing cloudflare in their certificate, only DigiCert Inc. Where exactly can I find this information in Firefox?

Project honeypot never die

-NSA

I'm referring to cuckflare's firewall type bullshit features (which are on by default and can only be removed by some obscure option), which have absolutely nothing to do with CDN/anti-ddos.

Cuckflare:

Every other CDN/anti-ddos solution ever known:

PROTECTION RACKET

This bug caused data sent over HTTPS sessions to be resent to other unrelated clients, yet faggots will still claim Cloudflare is trustworthy to encrypt your data for you.
And if that wasn't enough: this bug only happened because Cloudflare put cool little security gimmicks (ScrapeShield (TM)) in their critical code paths.
It's like if I buy some bread but all these extra ingredients were added to it for marketing and one of them gave me cancer.

Somebody already mentioned it, but Cloudflare has government ties. Even if it hadn't, it's such a huge and juicy target that the USG is very much interested in keeping it alive. On top of that, Cloudflare provides an easy way to get PCI compliance (en.wikipedia.org/wiki/PCI_compliance), just in case you forgot that credit card companies are scum that needs to be exterminated.

I wish it would die, but it won't happen any time soon.

> en.wikipedia.org/w/index.php?title=PCI_Compliance&redirect=no

There are options where they submit their own certificate to cloudflare and show it (but it's still decrypted, don't be fooled). Another way to detect cloudflare is to check if a cookie called "_cfuid" has been set for that website. And if there is that cookie, everything you do on that website should be considered compromised.

Time to go back to gopher and telnet^Wssh BBS.

Who cares, it all sucks. Everything from their JS-ladden monstrosities, all the cloud shit needed to support that shit traffic, the monstrous browsers full of security holes, and the botnet computers required to run that shit.
Fuck this, even a text terminal with Usenet and Lynx was better.

All this blacklist business is bound to miss some. Better use a whitelist instead.

I would agree if he was talking about a specific cookie you should blacklist, but he isn't talking about a blacklist. He's just talking about a way to find out if a site uses Cloudflare.

Pci_compliance redirects properly but PCI_compliance doesn't. Quality stuff, Wikipedia.

It's actually because of a garbage character at the end of the URL, %C2%81.

(1)

And there I thought I was smart for separating link and parentheses with invisible spaces.

Holla Forums reporting itt

Just want to announce my presence to piss off some people, don't have much to actually say, am reading.

Daily reminder that anime is homosexual propaganda.

t. ponyfag123

I thought it's a rape propaganda. :^)

Firefux is shitty.

$ openssl s_client -connect :
then take the certificate and run
$ openssl x509 -in -text -noout

The only way we could defeat Cloudflare at this point is if several new competitors showed up. Won't happen now because the Shadow governments protect them.

Defeat your shadow whatever with blocking their cookies.

It wasn't in the time of hokuto no ken.

Weak and more sensible/feminine education makes faggot.
Anime is not the only factor of numales popping up everywhere.
Men needs to fight get angry, dominate, win.
Not be the fagot loving feminist that we often see now.

REMOVE WAF. remove waf. you are worst waf. you are the waf idiot you are the waf smell. return to [bank?]...
What's a group of morons who use Web Application Firewalls? I can't even think of any aside from Clownflare and various one off sites I've hacked. Bank websites use them but normalfags think banks are secure so it's a bad example.

Everyone here is embarrassed for you

Hey Holla Forums

I run a few websites. I started out not knowing anything about webadmin stuff so I put Crimeflare on one of my sites as I thought it would be cheap ddos protection and liked their idea of already having a blocklist set up from project honeypot.

Thought I was saving bandwidth, too. Look, they even gave me a chart showing how much they saved me! Cool.

Then I started having image display issues. Related to their caching system and how it responds to the code on the site.

Then this happened. Wow.

Fuck this company a lot. I got rid of all their bullshit except the DNS management. Going to switch that over to my own nameservers soon.

Get out of here subhuman. Every Holla Forums member has four digit IQ.

You are always welcome in Holla Forums

So, assuming I have a discord, what precautions should I take so that my passwords don't get used? Do I change my passwords for cloudflare services or ALL services?

That is my only sensitive information, I don't have friends I could be exposed to and I don't really care if the govt gets to see my 2D waifus

You're retarded.
And so on. Using literal pornography, fanart made by degenerates, and sfw adaptations of pornography is cherrypicking too. That said, there is a lot of shitty anime. That doesn't mean the medium itself is the problem. The (((people that churn out propaganda))) is, as are the people that fall for it and include it in their own works just because it makes them feel good.

Please be bait. You're Holla Forums or some other boogeyman-type poster, aren't you.

This only affects domains that use cloudflare. If you had nothing to hide, then just change your passwords. If you did, it's too late anyway, so just change your passwords. You don't have to do it for non-cloudflare sites, but you should really change your passwords more often anyway. I know I don't.

Why the fuck are normies posting anti-anime propaganda in a thread about cloudbleed? Fucking degenerates.

Because the weeb cucks (or federal agents) successfully derailed the thread.
Weeb cucks immediatly summon people who want to educate them and the reaction always results in a shitstorm

If you can't handle anime on an imageboard maybe reddit is most suitable for cancer like you.

kek

come on user

double kek

Let's push Mozilla to inhibit trust on any TLS connections through cloudflare? Like "if serverip in cloudflare, consider TLS weak and display status accordingly".

Back on Holla Forums, we call this shilling, specifically D&C. Pay no attention to obvious faggotry, these (((people))) are likely paid 0.02 shekels per post for this.
Shills, your next line is, ">everyone who doesn't agree with me is a shill".

i tried making a mozilla account to file a bug but never got confirmation email. RIP web

Here on Holla Forums we call your post autism, specifically delusional autism.