Pragmatic thoughts on #CloudBleed

It’s always interesting to see very technical bug like Cloudbleed hit the mainstream media. Cloudflare went from something with little consumer awareness to hyperbolic destroyer of Internet-worlds overnight. It helps that Cloudbleed sounds terrifying in a biblical sense.

In all this noise, Troy Hunt put together a piece outlining some more subdued thoughts on the Cloudflare security bug. It certainly doesn’t underplay the severity, but also avoids sensationalism. It’s a great piece to put the security concerns into perspective, and actually looks at the risk it truly poses.

Troy Hunt’s Blog comments:

It has a cool name and a logo – this must be serious! Since Heartbleed, bug branding has become a bit of a thing and more than anything, it points to the way vulnerabilities like these are represented by the press. It helps with headlines and I’m sure it does wonderful things for bug (brand?) recognition, but it also has a way of drumming up excitement and sensationalism in a way that isn’t always commensurate with the actual risk.

That said, the Cloudflare bug is bad, but the question we need to be asking is “how bad”? I saw the news break yesterday morning my time and I’ve been following it closely since. As I’ve written a lot about Cloudflare in the past and been very supportive of their service, I’ve had a lot of questions from people. I want to share my take on it – both the good stuff and the bad stuff – and per the title above, I’m going to be very pragmatic about the whole thing.


Read more at: Pragmatic thoughts on #CloudBleed

About the author

Stephen Foskett

Stephen Foskett is an active participant in the world of enterprise information technology, currently focusing on enterprise storage, server virtualization, networking, and cloud computing. He organizes the popular Tech Field Day event series for Gestalt IT and runs Foskett Services. A long-time voice in the storage industry, Stephen has authored numerous articles for industry publications, and is a popular presenter at industry events. He can be found online at TechFieldDay.com, blog.FoskettS.net, and on Twitter at @SFoskett.

Leave a Comment