BGP leaks and cryptocurrencies
April 24, 2018 10:31 PM
Over the few last hours, a dozen news stories have broken about how an attacker attempted (and perhaps managed) to steal cryptocurrencies using a BGP leak....
A Solution to Compression Oracles on the Web
March 27, 2018 12:00 PM
Compression is often considered an essential tool when reducing the bandwidth usage of internet services. The impact that the use of such compression schemes can have on security, however, has often been overlooked. ...
A tour through Merkle Town, Cloudflare's Certificate Transparency dashboard
March 24, 2018 2:59 AM
The success of Certificate Transparency rests on the existence of a robust ecosystem of logs and log operators. Without logs that CAs can depend on, it’s not practical for browsers to require that SSL certificates have been logged to be trusted—as Chrome plans to do on April 30....
Introducing Certificate Transparency and Nimbus
March 23, 2018 2:45 PM
Certificate Transparency (CT) is an ambitious project to help improve security online by bringing accountability to the system that protects HTTPS. Cloudflare is announcing support for this project by introducing two new public-good services....
HTTPS or bust: Chrome’s plan to label sites as "Not Secure"
February 14, 2018 8:00 PM
Google just announced that beginning in July 2018, with the release of Chrome 68, web pages loaded without HTTPS will be marked as “not secure”. More than half of web visitors will soon see this warning when visiting unencrypted HTTP sites....
MORE POSTS
December 13, 2017 2:00 PM
The Curious Case of Caching CSRF Tokens
It is now commonly accepted as fact that web performance is critical for business. Slower sites can affect conversion rates on e-commerce stores, they can affect your sign-up rate on your SaaS service and lower the readership of your content....
- By
October 20, 2017 4:23 PM
Performing & Preventing SSL Stripping: A Plain-English Primer
Over the past few days we learnt about a new attack that posed a serious weakness in the encryption protocol used to secure all modern Wi-Fi networks....
- By
September 26, 2017 1:00 PM
Introducing the Cloudflare Geo Key Manager
Cloudflare’s customers recognize that they need to protect the confidentiality and integrity of communications with their web visitors....
- By
September 26, 2017 1:00 PM
Geo Key Manager: How It Works
Today we announced Geo Key Manager, a feature that gives customers control over where their private keys are stored with Cloudflare. This builds on a previous Cloudflare innovation called Keyless SSL and a novel cryptographic access control mechanism....
- By
September 12, 2017 4:29 PM
Understanding the prevalence of web traffic interception
This post summarizes how prevalent encrypted web traffic interception is and how it negatively affects online security according to a study published at NDSS 2017 authored by several researchers including the author of this post and Nick Sullivan of Cloudflare. ...
- By
July 10, 2017 12:43 PM
High-reliability OCSP stapling and why it matters
At Cloudflare our focus is making the internet faster and more secure. Today we are announcing a new enhancement to our HTTPS service: High-Reliability OCSP stapling....
- By
July 06, 2017 1:35 PM
How to make your site HTTPS-only
The Internet is getting more secure every day as people enable HTTPS, the secure version of HTTP, on their sites and services....
- By
September 24, 2016 3:46 PM
How we brought HTTPS Everywhere to the cloud (part 1)
CloudFlare's mission is to make HTTPS accessible for all our customers. It provides security for their websites, improved ranking on search engines, better performance with HTTP/2, and access to browser features such as geolocation that are being deprecated for plaintext HTTP....
- By
September 22, 2016 2:34 PM
Fixing the mixed content problem with Automatic HTTPS Rewrites
Long ago it was difficult, expensive, and slow to set up an HTTPS capable web site. Then along came services like CloudFlare’s Universal SSL that made switching from http:// to https:// as easy as clicking a button. ...
- By