A container identity bootstrapping tool

Published on by Nick Sullivan.

Everybody has secrets. Software developers have many. Often these secrets—API tokens, TLS private keys, database passwords, SSH keys, and other sensitive data—are needed to make a service run properly and interact securely with other services. Today we’re sharing a tool that we built at Cloudflare to securely distribute secrets to our Dockerized production applications: PAL. PAL is available on Github: https://github.com/cloudflare/pal.…

Stupidly Simple DDoS Protocol (SSDP) generates 100 Gbps DDoS

Published on by Marek Majkowski.

Last month we shared statistics on some popular reflection attacks. Back then the average SSDP attack size was ~12 Gbps and largest SSDP reflection we recorded was: 30 Mpps (millions of packets per second) 80 Gbps (billions of bits per second) using 940k reflector IPs This changed a couple of days ago when we noticed an unusually large SSDP amplification. It's worth deeper investigation since it crossed the…

Announcing the New Cloudflare Apps

Published on by Renan Dincer.

Today we’re excited to announce the next generation of Cloudflare Apps. Cloudflare Apps is an open platform of tools to build a high quality website. It’s a place where every website owner can select from a vast catalog of Apps which can improve their websites and internet properties in every way imaginable. Selected apps can be previewed and installed instantly with just a few clicks, giving…

Project Jengo: Explaining Challenges to Patent Validity (and a looming threat)

Published on by Doug Kramer.

We’ve written a couple times about the problem of patent trolls, and what we are doing in response to the first case a troll filed against Cloudflare. We set a goal to find prior art on all 38 Blackbird Tech patents and applications and then obtain a legal determination that Blackbird Tech’s patents are invalid. Such a determination will end Blackbird’s ability to file or…