Simple C programming error causes buffer overflow, again. Many of Cloudflare’s customers are e-commerce sites so you wouldn’t really have a choice how securely the data is stored. Using HTTPS didn’t help because the data leaked from RAM and got inserted into random website traffic. Is there a list of Cloudflare’s affected customers? All I could find is the same three websites mentioned in most articles. Maybe many are still unsure themselves. That’s a lot of passwords to have to change.
I guess soundbytes.org is not really affected. It just occurred to me that this domain isn’t served up over HTTPS anyway. If one tries, a cert for “connorpeoples.com” is served (so does not validate). Eh…changed my SoundBytes.org password anyway, even though someone could snoop on the traffic if they wished.