This blog post is dedicated to the memory of Dr. Scott Vanstone, popularizer of elliptic curve cryptography and inventor of the ECDSA algorithm. He passed away on March 2, 2014. At CloudFlare we are constantly working on ways to make the Internet better. An important part of this is enabling our customers to serve their […]

On January 27, the Department of Justice and the Director of National Intelligence announced a change in rules governing the disclosure of National Security Orders, affording slightly more latitude in how companies could report the number of National Security Orders which they had received. Within several hours, CloudFlare presented its initial Transparency Report on National […]

At CloudFlare, we are always looking for ways to improve the security of our customers’ websites. One of the features we provide is the ability to serve their website encrypted over SSL/TLS. Today we are announcing a new feature to help make encryption on the web safer and more secure: Full SSL (Strict). With strict […]

Today on The Day We Fight Back, companies are coming together to protest the NSA’s mass surveillance programs. CloudFlare is proud to be one of those companies. We are taking a stand and proclaiming that “we will push back against powers that seek to observe, collect, and analyze our every digital action.” Set Boundaries with […]

At CloudFlare, we’re fiercely committed to an open internet. That’s why we’re announcing a new app that lets you easily add to your website a banner from The Day We Fight Back. The DayWeFightBack.org has organized a protest against mass surveillance set for Tuesday, February 11th. The banner that your visitors would see urges them […]

Each day at CloudFlare is full of surprises. As it turns out, it takes a lot of work to stop massive attacks and to help make the web faster. Over the past six months, our entire team has contributed in every way imaginable to more than double the capacity of our global network. Below is […]

Over the past few years, the CloudFlare blog has covered a great range of different topics, drilling down into the technology we use to both protect websites from attack, and optimise them so that they load faster for visitors. One thing we haven’t spent enough time talking about so far though also happens to be […]

Back in 2011, the BEAST attack on the cipher block chaining (CBC) encryption mode used in TLS v1.0 was demonstrated. At the time the advice of experts (including our own) was to prioritize the use of RC4-based cipher suites. The BEAST vulnerability itself had already been fixed in TLS v1.1 a few years before, but […]

Earlier today, the Department of Justice and the Director of National Intelligence announced a change in rules governing the disclosure of National Security Orders, including National Security Letters (NSLs) received by a company. The DoJ and DNI now allow companies to disclose the number of NSLs and FISA orders as a single number in bands […]

There has been a lot of news lately about nefarious-sounding backdoors being inserted into cryptographic standards and toolkits. One algorithm, a pseudo-random bit generator, Dual_EC_DRBG, was ratified by the National Institute of Standards and Technology (NIST) in 2007 and is attracting a lot of attention for having a potential backdoor. This is the algorithm into […]