Now back in HD: the CloudFlare Cryptography Meetup series. A while back, CloudFlare hosted a pair of Meetups focused on encryption and cryptographic technology. Now that CloudFlare HQ has moved into our beautiful new home at 101 Townsend in San Francisco, that we’ve decided to bring the crypto back. In this series, we’ve invited experts […]
Archive | Security
RSS feed for this sectionIt takes two to ChaCha (Poly)
Not long ago we introduced support for TLS cipher suites based on the ChaCha20-Poly1305 AEAD, for all our customers. Back then those cipher suites were only supported by the Chrome browser and Google’s websites, but were in the process of standardization. We introduced these cipher suites to give end users on mobile devices the best […]
Come Geek Out With The Original Inventor of DNS at CloudFlare
We like DNS, we think you might too. CloudFlare and Gandi are hosting a three-part series on DNS. Our first event will be at the CloudFlare office with Paul Mockapetris, the original inventor of the Domain Name System. Beyond inventing DNS, Paul built the first ever SMTP server. He ran networking at ARPA, served as […]
Sucuri – 2016 Redesign
A few weeks ago, while enjoying a fine lunch on a bright sunny day in Southern California, our researcher and marketing teams found themselves across the table from each other enjoying a fine feast. Unbeknownst to them, they quickly find themselves in the middle of a childish debate between Tony and I on the merits ofRead […]
Beware of Unverified TLS Certificates in PHP & Python
Web developers today rely on various third-party APIs. For example, these APIs allow you to accept credit card payments, integrate a social network with your website, or clear your CDN’s cache. The HTTPS protocol is used to secure the connection with the API server. However, if your web app doesn’t verify the TLS certificate, aRead […]
Introducing CFSSL 1.2
Continuing our commitment to high quality open-source software, we’re happy to announce release 1.2 of CFSSL, our TLS/PKI Swiss Army knife. We haven’t written much about CFSSL here since we originally open sourced the project in 2014, so we thought we’d provide an update. In the last 20 months, we have added a ton of […]
The Trouble with Tor
The Tor Project makes a browser that allows anyone to surf the Internet anonymously. Tor stands for “the Onion router” and that describes how the service works. Traffic is routed through a number of relays run across the Internet where each relay only knows the next hop (because each hop is enclosed in a cryptographic […]
Hacked Websites Redirect to Porn from PDF / DOC Links
We write a lot about various blackhat SEO hacks on this blog and most of you are already familiar with such things as doorways, cloaking and SEO poisoning. This time we’ll tell you about yet another interesting black hat SEO attack that we’ve been watching for the last year. Let’s begin with symptoms: When peopleRead […]
Going to IETF 95? Join the TLS 1.3 hackathon
If you’re in Buenos Aires on April 2-3 and are interested in building, come join the IETF Hackathon. CloudFlare and Mozilla will be working on TLS 1.3, the first new version of TLS in eight years! At the hackathon we’ll be focusing on implementing the latest draft of TLS 1.3 and testing interoperability between existing […]
Ask Sucuri: How Does Sucuri Clean a Website?
Question: How does Sucuri clean hacked websites? What is the process? We clean a lot of websites, ~ 400 / 500, daily during our normal load. To understand how we do it, you have to understand where it all comes from. The biggest challenge with providing incident response services (remediation) on compromised websites is that a majorityRead […]
