Introducing CloudFlare Registrar: Designed for Security, Not the Masses

Published on by Matthew Prince.

At CloudFlare, we’ve constructed one of the world’s largest networks purpose-built to protect our customers from a wide range of attacks. We’re so good at it that attackers increasingly look for ways to go around us, rather than go through us. One of the biggest risks for high-profile customers has been having their domain stolen at the registrar. In 2013, we became intimately familiar with…

We're hosting a Null Singapore meetup!

Published on by Marek Majkowski.

We're happy to announce that next week CloudFlare is hosting the Null Security meetup in Singapore. You are invited! Null is a community for hackers and security enthusiasts. Monthly meetups are organized in a number of Asian cities. Read more at http://null.co.in/. The lineup for the February meetup: All you ever wanted to know about DDoS attacks Marek Majkowski Security News Bytes Drupan Chandarana DNS…

Padding oracles and the decline of CBC-mode cipher suites

Published on by Nick Sullivan.

At CloudFlare, we’re committed to making sure the encrypted web is available to everyone, even those with older browsers. At the same time, we want to make sure that as many people as possible are using the most modern and secure encryption available to them. Improving the cryptography used by the majority requires a coordinated effort between the organizations building web browsers and API clients and those…

Change the (S)Channel! Deconstructing the Microsoft TLS Session Resumption bug

Published on by Patrick R. Donahue.

Initial Problem Report Several months ago we started hearing occasional reports from .NET developers that they were having trouble maintaining HTTPS sessions with one of our customer’s websites. Establishing connections worked just fine but they would periodically get disconnected, resulting in an exception that crashed their application. Around the same time, we also started hearing reports that two other Microsoft products—Internet Explorer and its heir-apparent, Edge—…

CloudFlare’s Impact On The HTTP/2 “Universe”

Published on by Christian Elsen.

CloudFlare released HTTP/2 support for all customers on December 3rd, 2015. Now, two months later, it's time to take a look at the impact of this release on the HTTP/2 "universe" and also at what has changed from a HTTP/2 vs. SPDY vs. HTTP 1.1 traffic ratio perspective. HTTP/2 Usage Previously, we showcased browser market share data from our own website.…