It’s always interesting to see very technical bug like Cloudbleed hit the mainstream media. Cloudflare went from something with little consumer awareness to hyperbolic destroyer of Internet-worlds overnight. It helps that Cloudbleed sounds terrifying in a biblical sense.
In all this noise, Troy Hunt put together a piece outlining some more subdued thoughts on the Cloudflare security bug. It certainly doesn’t underplay the severity, but also avoids sensationalism. It’s a great piece to put the security concerns into perspective, and actually looks at the risk it truly poses.
Troy Hunt’s Blog comments:
It has a cool name and a logo – this must be serious! Since Heartbleed, bug branding has become a bit of a thing and more than anything, it points to the way vulnerabilities like these are represented by the press. It helps with headlines and I’m sure it does wonderful things for bug (brand?) recognition, but it also has a way of drumming up excitement and sensationalism in a way that isn’t always commensurate with the actual risk.
That said, the Cloudflare bug is bad, but the question we need to be asking is “how bad”? I saw the news break yesterday morning my time and I’ve been following it closely since. As I’ve written a lot about Cloudflare in the past and been very supportive of their service, I’ve had a lot of questions from people. I want to share my take on it – both the good stuff and the bad stuff – and per the title above, I’m going to be very pragmatic about the whole thing.
Read more at: Pragmatic thoughts on #CloudBleed
- Cloudian Announces HyperStore 7 – Gets Super Cloudy - January 25, 2018
- Runecast Analyzer 1.6.5 detects MeltDown and Spectre chip issues - January 12, 2018
- A Docker and Iperf3 Tutorial - January 4, 2018
- Licensing – It never gets better, it just gets more awkward - December 15, 2017
- Commvault GO 2017 Keynote Live Blog! - November 7, 2017
- The History of Email - October 9, 2017
- HyTrust wings in to scoop up a fatally wounded Data Gravity - July 14, 2017
- Arcserve scoops up Zetta to deliver cloud DR - July 14, 2017
- WekaIO = Distributed Storage + Cloud - July 13, 2017
- Human Resources Is Not Your Friend - July 13, 2017