https://bugs.chromium.org/p/project-zero/issues/detail?id=1139
https://github.com/pirate/sites-using-cloudflare
>Between 2016-09-22 - 2017-02-18 passwords, private messages, API keys, and other sensitive data were leaked by Cloudflare to random requesters. Data was cached by search engines, and may have been collected by random adversaries over the past few months.
lmao
>>59094510
So they MIGHT learn a 4chan pass key and password, which are both random and unchangeable by the user.
This is an pretty minor thing in terms of 4chan. It's not going to leak potential usernames/passwords that people use on other websites.
>>59094534
>It's not going to leak potential usernames/passwords that people use on other websites.
It's leaking a ton of random stuff, including user credentials, posts, simple GET requests, etc.
I don't know how 4chan pass credentials are transmitted to 4chan but I assume they're in a cookie somewhere which means they could have leaked as well.
>>59094534
>4chan pass key and password, which are both random and unchangeable by the user
tell me you're joking
>>59094818
4chin pass users here
It's true. I can't actually reset passwords or the key~
>>59094510
Oh no!
What if they get access to the bitcoin address which I used to send the payment for the pass and then never used the address again? My whole life will be ruined!!!
oh fuck someone will steal my pass
payment for 4kek passes is processed by a 3rd party site (if you count in memeflare, a 4th party site)
as for the 4chan pass codes/PINs: literally nobody wants your key that is only good to shitpost.
you can change your pin you dingus
wow
https://www.4chan.org/pass?reset
fuck please do not steal my $15
>>59094872
u wot but I can shitpost SO FAST
lol of course not I'm not retarded
>>59095051
>lol
>Can't even format his posts correctly (Reddit formatting)
Yes, I think you are.
tripfags are the most likely to be btfo by this, as they submit their tripcode with every post
>>59094510
>>Between 2016-09-22 - 2017-02-18
Are things from before 2016-09-22 still affected?
Let's say I logged in once to an affected site in 2016-07-xx or whatever, could it have been stored in the cashe for all those months and been leaked anyway?
>>59095515
the leaks were from active memory so that'd be extremely unlikely
also the bug was extremely rare up until recently
>>59094510
https://github.com/pirate/sites-using-cloudflare
Wow, they even mention 4chan so 4chan users are affected.
>paying to shitpost
>all your posts are linked to your cc info
>>59095561
Not in any meaningful way.
If you're a pass user and logged in with it during that timeframe, there's a slim chance the credentials for your pass could've been leaked, but they're not personally-identifying and you can't change those anyway.
Other than that it'd just be post contents and possibly your IP address.
>>59095627
Your posts are linked to your IP address anyway if the US government asks for it.
>>59095641
>not being behing 7 proxies
>living in murka
ayy lmao
>>59095641
IPs are usually not personally identifiable you fucking idiot. CC numbers are.
>>59095654
But 4chan never sees your CC info since it uses Stripe for payment processing.
>>59095654
Ok I'm not sure what you're trying to get at though. Are you implying hiroshimoot is selling your post data bundled with your credit card info or something?
In the context of the cloudflare bug, your CC number could possibly have been leaked, but not WITH your posts.
>>59095696
>your banking history has 4chan on it
what could possibly go wrong
>>59094510
>b-but goy this will never happen! Big companies! [autistic screeching]
No, I would never give chink moot my monies. He is a fucking asian jew.
>no matter which ISP is try the routes through cf are trash
>every single site using it is dog slow
I hope it burns for eternity.