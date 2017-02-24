Cloudflare Leaks Sensitive User Data Across the Web (theregister.co.uk) 7
ShaunC writes: In a bug that's been christened "Cloudbleed," Cloudflare disclosed today that some of their products accidentally exposed private user information from a number of websites. Similar to 2014's Heartbleed, Cloudflare's problem involved a buffer overrun that allowed uninitialized memory contents to leak into normal web traffic. Tavis Ormandy, of Google's Project Zero, discovered the flaw last week. Affected sites include Uber, Fitbit, and OK Cupid, as well as unnamed services for hotel booking and password management. Cloudflare says the bug has been fixed, and Google has purged affected pages from its search index and cache. Further reading: The Register, Ars Technica
Lovely (Score:2)
And THAT is why I don't use online password management sites, bloody stupid idea anyway, talk about putting all your eggs into one basket.
Re: (Score:2)
I think the benefit of having different complex passwords for every web/system with easy access from all devices is worth it. At least I havent managed to set up a better system for myself... yet.
MFA and a strong master password is pretty good for protecting your passwords.