0

February 27, 2017 AT 3:13 pm

CloudFlare states Adafruit not part of the @Cloudflare issue(s) #cloudbleed @adafruit

Cloud

tl;dr CloudFlare has stated that Adafruit’s sites were *NOT* part of the CloudFlare issues.

Adafruit uses CloudFlare’s proxy service to reduce server load and provide a faster browsing experience for customers using the Adafruit blog and shop.
CoudFlare announced that a major leak was detected in their network which affected a number of sites using their proxy service (https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/).

According to CloudFlare, only a small number of sites were affected. After contacting them, CloudFlare engineering confirmed that *NONE* of Adafruit’s domains were in the affected zones.

== EMAIL FROM CLOUDFLARE = REDACTED NAME
(Cloudflare)
Feb 24, 5:49 PM GMT

Hi, Thanks for contacting Cloudflare Customer Support. We have notified all the customers the were affected by the memory leak and I can confirm the zones on your account were not one of them. Our CTO John Graham-Cumming has published all of the information we have here:

https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/

Please let us know if you have any other questions.

Kind Regards,

– Cloudflare Senior Support Engineer
=

Adafruit takes protecting your data very seriously, we took the following steps in an abundance of caution:
Disabled CloudFlare proxy service on the Adafruit Accounts system.
To defend against the possibility that active session cookies were leaked, we closed all active user sessions across Adafruit’s websites.

We suggest:
Check the list of potentially affected sites (https://github.com/pirate/sites-using-cloudflare) and change your password for any of those sites.
Change your passwords (we always recommend that you use strong and unique passwords for each site that you use; please don’t reuse your Adafruit website anywhere else).

Adafruit has made a pull request to the folks that list us on the “sites-using-cloudflare” (https://github.com/pirate/sites-using-cloudflare) list including the note from CloudFlare support indicating that we were not affected by the memory leak.


Check out all the Circuit Playground Episodes! Our new kid’s show and subscribe!

Have an amazing project to share? Join the SHOW-AND-TELL every Wednesday night at 7:30pm ET on Google+ Hangouts.

Join us every Wednesday night at 8pm ET for Ask an Engineer!

Learn resistor values with Mho’s Resistance or get the best electronics calculator for engineers “Circuit Playground”Adafruit’s Apps!


Maker Business — SoftBank Invests $300 Million in WeWork

Wearables — Impatience reward

Electronics — Cool your FETs!

Biohacking — NinjaPCR – Open Source #iot DNA Amplifier

Get the only spam-free daily newsletter about wearables, running a "maker business", electronic tips and more! Subscribe at AdafruitDaily.com !



No Comments

No comments yet.

Sorry, the comment form is closed at this time.