Recommended for you

Start writing a post

Lifestyle

Tech Translation - Cloudbleed

What's that red rain? Your data.

Peter Mulroe

Mar 08, 2017

Caldwell, New Jersey

Peter Mulroe

In a staggering display of modern irony, Cloudflare, a large content delivery network (CDN) and internet security provider unknowingly leaked user data for months.

The cause was an obscure bug that emerged in September 2016 and lasted until this past February. A software "bug" refers to a coding flaw that causes unexpected results or behaviors.

This bug caused random user information to be displayed below normal content on pages and apps. Like the image below, it was a a seemingly scrambled bunch of letters and foreign symbols.

That scramble is another user's internet traffic. Mostly mundane but also potentially containing passwords, cookies and tokens in plain sight, for anyone who activated the bug to see.

Notable affected names include - Patreon, 4chan, Yelp, OkCupid, and Uber. View the whole list here.

To make matters worse those pages were saved, or cached, by search engines. Awkward.

How did this happen? What are the repercussions?

That's our Tech Translation topic. Class is in session.

The Short Explanation

While different from past issue nicknames like Heartbleed, nerds apparently lack originality and went with Cloudbleed. One article comment from The Hacker News pointed out that clouds don't bleed, but can form fallstreak holes. Cloudstreak has a better ring to it, no? #VoteForCloudstreak

I digress.

Cloudflare is an intermediary for internet companies and their users. Site and app content pass through their networks before reaching you. In September they updated their information parsing software, which scans and modifies your content to provide modern features like hiding your email from scummy ad robots.

Bugs tend to emerge under some odd combination of settings and circumstances. In this case, about 0.06% of all web pages end with a broken script or image tag. For instance, if the very last thing on a site is an image, the code could be:

<IMG HEIGHT = "50px" WIDTH = "200px" SRC="

Normally the image URL would go after SRC= and a closing "> wraps it up neatly. It's not a huge deal, most browsers can handle small syntax errors like that.

The problem was their code to inspect all that website code, otherwise known as a parser. It was written with Ragel, by the way.

Imagine you're at the grocery store, waiting to check out. The cashier is blind and can only tell when your stuff, the site you're looking at, ends by the plastic dividers.

The laden conveyor represents everyone's internet traffic. Separate groups and item combinations, but all traveling along Cloudflare's network.

Due to a misorder of commands and a whole lot of crap luck, those grocery dividers did not stay put. The cashier mixed people's groceries together and they all wound up in your pantry. Therefore, someone else's completely different website data just showed up at the bottom of your screen in a garble of text.

For my nerds: When the parser encountered an open attribute at the end of a page, it did not know to not stop. Instead it continued to read from adjacent memory, which contained data from other customers' requests. Read Cloudflare's general writeup and incident analysis for more info.

An estimated 0.00003% of page requests contained leaks. But ten million requests a minute starts to pile up.

So we're screwed?

Not quite. In fairness, Cloudflare has done a solid job responding to the incident and is being transparent. The issues were fixed the same day and they immediately contacted search engines to start purging bugged pages.

At this point they're looking for any evidence of data mining. If someone noticed early on and quietly collected that information, after several months they could have something substantial. Thankfully that doesn't seem to be the case.

This was like leaving the faucet on all day when you leave for work. Nobody was hurt or defamed, but you seriously question the kind of adult you're turning out to be. Cloudbleed is a reminder for the tech world that silly mistakes can still happen without anyone noticing.

If you frequently use services mentioned above, change your passwords. Not much else to do right now.

That's all folks. Hopefully we learned something today.

Drop a comment or reach out on social media to discuss with me.

@pjmulroe #MakeSecurityGreatAgain #Cloudbleed

Report this Content

This article has not been reviewed by Odyssey HQ and solely reflects the ideas and opinions of the creator.

Relationships

10 Reasons To Thank Your Best Friend

Take the time to thank that one friend in your life you will never let go of.

Ball State University

3771

Photo by Courtney Hedger on Unsplash

1. Thank you for being the one I can always count on to be honest.

A true friend will tell you if the shirt is ugly, or at least ask to borrow it and "accidentally" burn it.

2. Thank you for accepting me for who I am.

A best friend will love you regardless of the stale french fries you left on the floor of your car, or when you had lice in 8th grade and no one wanted to talk to you.

Keep Reading...Show less

best friend

Health and Wellness

The 15 Stages Of Being Sick In College

It sucks, but you’ll make it through

York College of Pennsylvania

2519

StableDiffusion

Everybody gets sick once in a while, but getting sick while in college is the absolute worst. You're away from home and your mom who can take care of you and all you really want to do is just be in your own bed. You feel like you will have never-ending classwork to catch up on if you miss class, so you end up going sick and then it just takes longer to get better. Being sick in college is really tough and definitely not a fun experience. Here are the 15 stages that everyone ends up going through when they are sick at college.

Keep Reading...Show less

sick in college

Lifestyle

Living Away From Home, As Described By 'Friends'

For better or for worse

Loyola University Chicago

3797

tv.com

"Friends" maybe didn’t have everything right or realistic all the time, but they did have enough episodes to create countless reaction GIFs and enough awesomeness to create, well, the legacy they did. Something else that is timeless, a little rough, but memorable? Living away from the comforts of home. Whether you have an apartment, a dorm, your first house, or some sort of residence that is not the house you grew up in, I’m sure you can relate to most of these!

Keep Reading...Show less

friends

Recommended for you

Tech Translation - Cloudbleed

What's that red rain? Your data.

The Short Explanation

So we're screwed?

Subscribe to our Newsletter

Here are just a few of those things.

Take the time to thank that one friend in your life you will never let go of.

1. Thank you for being the one I can always count on to be honest.

2. Thank you for accepting me for who I am.

3. Thank you for teaching me what real love feels like.

4. Thank you for always making sure I'm safe.

5. Thank you for going through things with me.

6. Thank you for teaching me to take care of myself.

7. Thank you for going out of your way to make me feel supported.

8. Thank you for always being there to back me up, even when you know I'm wrong.

9. Thank you for constantly pushing me to live up to my potential.

10. Lastly, thank you for making such a huge impact on my life.

It sucks, but you’ll make it through

1. Please just be seasonal allergies

2. I must not have gotten enough sleep last night

3. I’ll just take a little nap

4. Oh no, I have so much due tomorrow!

5. I’m fine, I’ll just sleep it off

6. Do I have to be responsible today?

7. Ugh no, I can’t actually be sick

8. Alright, I’ll take some medicine and I’ll be fine

9. This is the worst day of my life

10. Mom?

11. She was right (like always)

12. Too bad you're busy and can’t take the day off tomorrow

13. You think about taking the day off, but realize you have like three tests

14. You think you're actually going to be sick forever

15. Finally, you're better!

For better or for worse

1. Pets

2. Mornings

3. Mistakes

4. Cooking for yourself

5. Hosting

6. Taking care of yourself

7. Holidays

8. Roommates

9. Keeping focused and getting stuff done

10. Cleaning

11. Social life

No, really. I'm not mad. Just hungry.

1. You’re tired of people asking you if you know what “RBF” stands for every time you zone out.

2. You’re constantly using the excuse, “I’m just tired” when people ask you if you’re mad.

3. Or “I’m just thinking.”

4. In fact, you’re rarely ever actually mad.

5. But when you are, people usually can’t tell.

6. You find other people with RBF’s and have to convince yourself that you don’t look like them.

7. You constantly remind yourself, “At least I’m not a psycho.”

Trending Topics

Top Creators

Trending Stories

Best of Lifestyle

Subscribe to Our Newsletter

Facebook Comments

Subscribe to our
Newsletter