There are many risks we run when we browse over internet, and all of them, we must add the mismanagement that may be making our data certain companies. We have proof of what I say in how CloudFlare, technological partner of companies in international size such as 1Password, OkCupid or über, was filtering and displaying data and sensitive information both of these companies and their customers.
Apparently and according to Tavis Ormandyhas published, researcher at Google, apparently CloudFlare for several months is were exposing sensitive data even on HTTPS implemented services. Committed data found from IP addresses to cookies used by the services themselves and tokens for access to the various systems and platforms used by the company.
CloudFlare exposes sensitive data of companies and clients on the network.
As often happens when Tavis Ormandy a fault of this type safety, the first to hear of it is the company itself, something that we can already confirm that since the own CloudFlare has been released a statement confirming that truly this problem has existed but that its engineers have already acted regarding correcting the defects which had been in production since September the date on which the company carried out a series of changes in its system.
The real problem of this whole affair is that, despite the fact that, as they say from the company, the problem was solved in just one week, during the same search engines like Google, Bing or the own Yahoo! had already stored sensitive in their caches data so that now the company’s it start working with these large companies among others that may also have these data, to be eliminated.