An online security thing has happened again, and of course it has a cool nickname too. But just what this security bug and what Irish sites are affected by Cloudbleed? We’re here to explain the issue in simple terms. First, you’ll need to know a little something about Cloudflare.
What is Cloudflare?
You’ve probably never heard of Cloudflare, yet over 5.5 million websites use this service. Goos3D is one of these 5.5 million sites too. The service makes websites run much faster for users, but also make them much more secure. Remember when Boards.ie was being pounded by a DDoS attack last year? Their solution was to install Cloudflare. A DDoS attack simulates huge volumes of traffic to a website. Cloudflare steps in like a bouncer telling suspicious traffic to pop away for a coffee. If you’ve ever been in a club with extremely drunk people, you now get why Cloudflare is really important.
What is Cloudbleed?
Cloudbleed is a security bug discovered in the way Cloudflare works. Tavis Ormandy, a Google vulnerability tester, discovered the bug on 17 February. Have you ever been annoyed in on a Friday evening when an email comes in just before 5pm? Imagine how the poor Cloudflare lads felt seeing this tweet.
The security bug led to some user data being leaked. It’s possible that this has been happening since September 2016 up until last week. Some of the biggest sites involved are Uber, 1Password, FitBit and OKCupid. 1Password, a password management service, was unaffected as
Uber stated that they only have a small amount of traffic passing through Cloudflare. 1Password, a password management service, was unaffected as they don’t depend on Cloudflare’s encryption. OkCupid, which does have a substantial database of Irish users, reported minimal if any exposure.
I use some of those sites. What should I do?
Cloudflare has played down the bug, highlighting how quickly they moved to plug holes.
I'm proud of the Cloudflare bug disclosure timeline. From @taviso report to coordinated disclosure: 22.5 business hours.
— evan johnson (@ejcx_) February 24, 2017
The companies response time and transparency should be applauded. At the same time. you shouldn’t play down the severity of the breach. Your 1Password account’s master password won’t need to be reset. However, if you use some of the other services affected by Cloudbleed, you should change your password.
What Irish sites are affected by Cloudbleed
There are a huge number of sites that use Cloudflare. As I’ve mentioned, Goos3D is one of them, but our investigations show we’re unaffected by Cloudbleed. Other low-risk sites include JOE.ie, TheLadBible.com and Balls.ie. These sites, like Goos3D don’t require login and are considered low risk.
Boards.ie is one of the best-known sites to utilise Cloudflare since their DDoS attempt last year. In a recent update, Boardsie Mark confirmed they were in touch with Cloudflare and didn’t believe Cloudbleed affected Boards.ie.
RTÉ.ie is also a Cloudflare customer, but as of yet have made no comment on the security bug. We’ve reached out for comment and will update this post when possible.
Update: RTÉ have confirmed that while they are using Cloudflare, they have been unaffected by Cloudbleed.
Should I be worried about Cloudbleed?
First of all, it’s important to note that the media loves a good online security bug. There’s a fair bit of scaremongering that goes on. You should always be somewhat concerned about leaks like this. Honestly, there’s a large chance you’re data has been leaked before now and it’s easy to check.
If in doubt, you can check popular websites to see if they use Cloudflare with this tool. This won’t tell you if Cloudbleed has affected a website. It simply tells you that they are one of the millions of sites using Cloudflare.
When things leaks like this happen, we do recommend you change your passwords. While you’re at it, swap over to passphrases.