Deploying firmware at Cloudflare-scale: updating thousands of servers in more than 285 cities
March 10, 2023 2:00PM
We have a huge number of servers of varying kinds, from varying vendors, spread over 285 cities worldwide. We need to be able to rapidly deploy various types of firmware updates to all of them, reliably, and automatically, without any kind of manual intervention....
Continue reading »
Using Apache Kafka to process 1 trillion inter-service messages
July 19, 2022 2:00PM
We learnt a lot about Kafka on the way to 1 trillion messages, and built some interesting internal tools to ease adoption that will be explored in this blog post...
March 31, 2022 1:59PM
This blogpost chronicles the recent CVEs investigation, our findings, and how we are helping secure Salt now and in the Quantum future...
Research Directions in Password Security
October 14, 2021 1:59PM
We've been studying password problems, including malicious logins using compromised credentials. Here's what we learned and here's where we think we can go from here with safer password systems....
OPAQUE: The Best Passwords Never Leave your Device
December 08, 2020 12:00PM
Imagine passwords for online services that never leave your device, encrypted or otherwise. OPAQUE is a new cryptographic protocol that makes this idea possible, giving you and only you full control of your password....
November 25, 2020 3:11PM
Moving Quicksilver into production
We previously explained how and why we built Quicksilver. This second blog post is about the long journey to production which culminates with Kyoto Tycoon removal from Cloudflare infrastructure and points to the first signs of obsolescence....