That was fast: Yesterday rejected you look at the content distribution network out of the window and into perspective – in their case – the OpenSSL bug Heartbleed . I myself hardly think of a greater Internet catastrophe, but at CloudFlare was confident: Fishing out so easily is the private SSL key at any case.
For this purpose, taught even a special page and called security experts to attack them. Only hours later, reported the first page. Fedor Indutny succeeded in the private SSL key tap off.
With the private keys attacker would also subsequently decrypt capable of encrypted traffic, CloudFlares statement was refuted in a few hours on the net and you will find dozens of posts that attackers spy on for quite some time data.
The NSA is the gap even already utilize two years – that would explain a lot, how to get to the data in the past. The bad: the user can not do anything in this case. Provider of services on demand to change passwords, which is definitely right – under certain circumstances but are already long your private data in the hands of others – an idea in which I get sick.