Addressing any security concerns related to Cloudbleed

By HighJayster


 

Hey Everyone,

 

As you might or might not be aware, there has been a new topic popping up about CloudFlare, there was a major bug that caused a serious security issue. It's be confirmed that this vulnerability has been in place for over 6 months. The quick of it is, a buffer overflow when CloudFlare received over 3.3 million "hits" it would transmits pages in an open HTML, this is just a basic kinda idea you can always read more all over the internet and get much more detailed. This is just for the people who were unaware, as Gravity runs through CloudFlare there is a chance certain pages could have been compromised, the good news is we uses HMAC-SHA encryption and salt.

That means that the passwords we hold of users is very secure, and the likelyhood of anything having been leaked very low, while we are not majorly concerned, I would recommend everyone do a look at their basic security, change passwords make sure you use different passwords for different sites, don't use "Dictionary" words etc. There is also concerns not just for passwords, but emails and private messages, personal information from other sites that run through CloudFlare. So always be super conscious of what information you give out on the internet. We just want to make sure everyone is aware that we take your personal information and security very seriously and wanted to lay to rest any concerns you have about any possible leaks from Gravity itself. If you have any further concerns or worries or questions, please feel free to ask and I will do my best to help.

 

All the best,

 

HighJayster