+- Goonstation Forums (https://forum.ss13.co)
+-- Forum: Discussion (https://forum.ss13.co/forumdisplay.php?fid=6)
+--- Forum: General Discussion (https://forum.ss13.co/forumdisplay.php?fid=7)
+--- Thread: Cloudbleed HTTPS leak (/showthread.php?tid=8266)
Cloudbleed HTTPS leak - atomic1fire - 02-24-2017
https://en.wikipedia.org/wiki/Cloudbleed
You might want to change your ss13.co password, and any service that uses that password. Also 2 factor authentication on accounts that you deem important wouldn't be a terrible idea either.
It looks like ss13.co was affected. Also probably github and maybe reddit. (although I'm not certain they were leaked, but they both use cloudflare)
http://cloudbleedcheck.com/?domain=ss13.co
The last time passwords got leaked involving a 2d spaceman game it involved a lot of hacker hijinks and reddit posts, so I figured someone should give a heads up.
Also a bunch of mobile apps that use cloudflare including uber, and dating websites that use cloudflare. Basically check to find out if you are affected or your personal bits could escape onto the web.
RE: Cloudbleed HTTPS leak - Vitatroll - 02-24-2017
Thanks for the heads up.
RE: Cloudbleed HTTPS leak - Wire - 02-24-2017
I invalidated every forum user's session (logging them out) as a better-safe-than-sorry measure to address this.
Otherwise please note that there is no evidence to suggest that any data from any of our domains (ss13.co, goonhub.com, spacestation13.com) has been leaked.
RE: Cloudbleed HTTPS leak - somepotato - 02-24-2017
wow that site is kinda silly, all it does is tell you if your site is under cloudflare
cloudflare has also fixed the bug as of a week ago and that site doubly implies its still a bug
that doesn't mean you are affected
RE: Cloudbleed HTTPS leak - TheNewTeddy - 02-25-2017
(02-24-2017, 02:46 PM)Wire Wrote: I invalidated every forum user's session (logging them out) as a better-safe-than-sorry measure to address this.
Otherwise please note that there is no evidence to suggest that any data from any of our domains (ss13.co, goonhub.com, spacestation13.com) has been leaked.
This really should be in some kind of announcement that is thrown in your face and not a post you need to dig for
RE: Cloudbleed HTTPS leak - Wire - 02-25-2017
Why?
RE: Cloudbleed HTTPS leak - somepotato - 02-25-2017
(02-25-2017, 03:51 AM)TheNewTeddy Wrote:(02-24-2017, 02:46 PM)Wire Wrote: I invalidated every forum user's session (logging them out) as a better-safe-than-sorry measure to address this.
Otherwise please note that there is no evidence to suggest that any data from any of our domains (ss13.co, goonhub.com, spacestation13.com) has been leaked.
This really should be in some kind of announcement that is thrown in your face and not a post you need to dig for
"Breaking News: Nothing has happened to goonstation today. Carry on with your day!"