MORE POSTS
February 15, 2017
NCC Group's Cryptography Services audits our Go TLS 1.3 stack
The Cloudflare TLS 1.3 beta is run by a Go implementation of the protocol based on the Go standard library, crypto/tls. ...
February 14, 2017
Want to see your DNS analytics? We have a Grafana plugin for that
Curious where your DNS traffic is coming from, how much DNS traffic is on your domain, and what records people are querying for that don’t exist? We now have a Grafana plugin for you.
...
February 07, 2017
Cloudflare Crypto Meetup #5: February 28, 2017
Come join us on Cloudflare HQ in San Francisco on Tuesday, Febrary 28, 2017 for another cryptography meetup. We again had a great time at the last one, we decided to host another. It's becoming a pattern....
February 06, 2017
DDoS Ransom: An Offer You Can Refuse
Cloudflare has covered DDoS ransom groups in the past. First, we reported on the copycat group claiming to be the Armada Collective and then not too long afterwards, we covered the "new" Lizard Squad....
February 01, 2017
TLS 1.3 explained by the Cloudflare Crypto Team at 33c3
Nick Sullivan and I gave a talk about TLS 1.3 at 33c3, the latest Chaos Communication Congress. The congress, attended by more that 13,000 hackers in Hamburg, has been one of the hallmark events of the security community for more than 30 years....
January 30, 2017
Firebolt: the fastest, safest ads on the web
Cloudflare’s mission is to help build a better Internet. That means a faster, more secure, open Internet world-wide. We have millions of customers using our services like free SSL, an advanced WAF....
January 10, 2017
Cloudflare’s Transparency Report for Second Half 2016 and an Additional Disclosure for 2013
Cloudflare is publishing today its seventh transparency report, covering the second half of 2016. For the first time, we are able to present information on a previously undisclosed National Security Letter (NSL) Cloudflare received in the 2013 reporting period.
...
January 10, 2017
Token Authentication for Cached Private Content and APIs
While working to make the Internet a better place, we also want to make it easier for our customers to have control of their content and APIs, and who has access to them. Using Cloudflare’s Token Authentication features, customers can implement access control via URL tokens or HT...
January 09, 2017
The Porcupine Attack: investigating millions of junk requests
We extensively monitor our network and use multiple systems that give us visibility including external monitoring and internal alerts when things go wrong....
December 30, 2016
2017 and the Internet: our predictions
Looking back over 2016, we saw the good and bad that comes with widespread use and abuse of the Internet.
...
December 26, 2016
So you want to expose Go on the Internet
Back when crypto/tls was slow and net/http young, the general wisdom was to always put Go servers behind a reverse proxy like NGINX. That's not necessary anymore!...
December 05, 2016
TLD glue sticks around too long
Recent headline grabbing DDoS attacks provoked heated debates in the DNS community. Everyone has strong opinions on how to harden DNS to avoid downtime in the future. Is it better to use a single DNS provider or multiple? ...
December 02, 2016
The Daily DDoS: Ten Days of Massive Attacks
In March 2015, we wrote about a Winter of Whopping Weekend DDoS Attacks where we were seeing 400Gbps attacks. We speculated that attackers were busy with something else during the week....
November 28, 2016
HPACK: the silent killer (feature) of HTTP/2
If you have experienced HTTP/2 for yourself, you are probably aware of the visible performance gains possible with HTTP/2 due to features like stream multiplexing, explicit stream dependencies, and Server Push.
...