Tags » Cloudflare

5 big speakers and 5 big ideas for building next-generation infrastructure

Distributed computing is nothing new, but like the Big Bang, what was once contained as a singular node of computing has exploded into an ever-expanding number of real and virtual machines traveling farther and farther from any central origin. 651 more words

Microsoft

What Somalia's new internet looks like from Silicon Valley

Somalia’s first terrestrial fiber optic cables have connected the country to the modern internet. The BBC reported that Somalis have been in “culture shock” ever since.  746 more words

Information security: latest news of the week April 14, 2014

A critical vulnerability in Google allows access to the Google’s production servers

A Team of researchers discovered a critical XML External Entity (XXE) vulnerability on Google server that allows users to customize their toolbars with new buttons by uploading XML files containing layout properties. 441 more words

IT Security News

The Cloud, Heartbleed, and Web Development

One of the reasons developing in the Cloud has become so advantageous is the arrival of the Heartbleed bug. In case you’ve been hiding in… 508 more words

Web Development

Heartbleed and Cloudflare: Part 2

Damn, that didn’t take long.  A server reboot might have contributed, but it looks like the private key got ganked pretty fast.  What would be really nice (as I’ve suggested on the… 382 more words

Heartbleed and Cloudflare

http://www.zdnet.com/private-keys-may-be-inaccessible-to-heartbleed-7000028356/#ftag=RSS4d2198e

1)  CloudFlare rocks.  They’re a great organization and they continue to do great things.

2)  I suspected that this would be the case, given the very reasons provided (that certificate data is loaded into memory early on, and therefore unlikely to be found in memory space following the heartbeat packet) but I’ve seen other assertions (one in particular is found on heartbleed.com) where the authors claim to have stolen private key data.  279 more words

Answering the Critical Question: Can You Get Private SSL Keys Using Heartbleed?

The widely-used open source library OpenSSL revealed on Monday it had a major bug, now known as “heartbleed”. By sending a specially crafted packet to a vulnerable server running an unpatched version of OpenSSL, an attacker can get up to 64kB of the server’s working memory. 34 more words

91c952d31c461416e0b13068b4096f98