Goonstation Forums Discussion General Discussion
Cloudbleed HTTPS leak

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Threaded Mode
Cloudbleed HTTPS leak
atomic1fire Offline

Posts: 2,556
Threads: 120
Joined: Sep 2012
#1
02-24-2017, 12:23 PM (This post was last modified: 02-24-2017, 12:32 PM by atomic1fire. Edited 5 times in total.)
https://en.wikipedia.org/wiki/Cloudbleed

You might want to change your ss13.co password, and any service that uses that password. Also 2 factor authentication on accounts that you deem important wouldn't be a terrible idea either.

It looks like ss13.co was affected. Also probably github and maybe reddit. (although I'm not certain they were leaked, but they both use cloudflare)



http://cloudbleedcheck.com/?domain=ss13.co

The last time passwords got leaked involving a 2d spaceman game it involved a lot of hacker hijinks and reddit posts, so I figured someone should give a heads up.

Also a bunch of mobile apps that use cloudflare including uber, and dating websites that use cloudflare. Basically check to find out if you are affected or your personal bits could escape onto the web.
Find
Reply
Vitatroll Offline
Mentor
Posts: 2,552
Threads: 33
Joined: Oct 2014
#2
02-24-2017, 12:28 PM
Thanks for the heads up. hell yeah man
Find
Reply
Wire Offline
Host
Posts: 782
Threads: 45
Joined: Jan 2016
#3
02-24-2017, 02:46 PM
I invalidated every forum user's session (logging them out) as a better-safe-than-sorry measure to address this.

Otherwise please note that there is no evidence to suggest that any data from any of our domains (ss13.co, goonhub.com, spacestation13.com) has been leaked.
Website Find
Reply
somepotato Offline

Posts: 312
Threads: 20
Joined: May 2014
#4
02-24-2017, 10:39 PM (This post was last modified: 02-24-2017, 10:39 PM by somepotato. Edited 1 time in total.)
wow that site is kinda silly, all it does is tell you if your site is under cloudflare

cloudflare has also fixed the bug as of a week ago and that site doubly implies its still a bug


that doesn't mean you are affected
Website Find
Reply
TheNewTeddy Offline

Posts: 287
Threads: 21
Joined: Feb 2014
#5
02-25-2017, 03:51 AM
(02-24-2017, 02:46 PM)Wire Wrote: I invalidated every forum user's session (logging them out) as a better-safe-than-sorry measure to address this.

Otherwise please note that there is no evidence to suggest that any data from any of our domains (ss13.co, goonhub.com, spacestation13.com) has been leaked.

This really should be in some kind of announcement that is thrown in your face and not a post you need to dig for
Website Find
Reply
Wire Offline
Host
Posts: 782
Threads: 45
Joined: Jan 2016
#6
02-25-2017, 12:05 PM
Why?
Website Find
Reply
somepotato Offline

Posts: 312
Threads: 20
Joined: May 2014
#7
02-25-2017, 07:56 PM
(02-25-2017, 03:51 AM)TheNewTeddy Wrote:
(02-24-2017, 02:46 PM)Wire Wrote: I invalidated every forum user's session (logging them out) as a better-safe-than-sorry measure to address this.

Otherwise please note that there is no evidence to suggest that any data from any of our domains (ss13.co, goonhub.com, spacestation13.com) has been leaked.

This really should be in some kind of announcement that is thrown in your face and not a post you need to dig for

"Breaking News: Nothing has happened to goonstation today. Carry on with your day!"
Website Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)