Re: Serious Cloudflare bug exposed a potpourri of secret customer data

[Matt Palmer <mpalmer () hezmatt org>]

On Sat, Feb 25, 2017 at 07:21:48AM +0000, Mike Goodwin wrote:
> Useful information on potentially compromised sites due to this:
>
> https://github.com/pirate/sites-using-cloudflare

"This list contains all domains that use Cloudflare DNS"

That's only marginally more useful than saying "any domain matching /^.*$/";
plenty of domains use Cloudflare's DNS without using the proxy service (and
it is, barely, possible to use the proxy service which had the bug without
using the DNS service).

- Matt

-- 
A byte walks into a bar and orders a pint. Bartender asks him "What's
wrong?" The byte says "Parity error." Bartender nods and says "Yeah, I
thought you looked a bit off."