PSA: Cloudflare data leaks, update your passwords - May affect PSU.

Fijiandoce

Administrator
Staff member
Oct 8, 2007
6,225
94
48
Pacific Isles of Doceness
#1
PSU is unlikely to have been affected by this, but this is a PSA for our members to update your passwords for the sites affected by this leak (list included below).

https://github.com/pirate/sites-using-cloudflare
Notable Sites

authy.com
coinbase.com
betterment.com
transferwise.com
prosper.com
digitalocean.com
patreon.com
bitpay.com
news.ycombinator.com
producthunt.com
medium.com
4chan.org
yelp.com
okcupid.com
zendesk.com
uber.com
namecheap.com (not affected)
poloniex.com
localbitcoins.com
kraken.com
23andme.com
curse.com (and some other Curse sites like minecraftforum.net)
counsyl.com
tfl.gov.uk
stackoverflow.com (confirmed not affected by StackOverflow's @alienth)
fastmail.com (not affected)
1password.com (not affected)
Some words of caution as far as PSU is concerned - As said above, PSU may, or may not, be affected by this leak. The list of affected websites lists all domains that use the service, not just the proxy's (which is where the issue lies). To be on the safe side, it would be prudent to update your passwords here as well.

You can find more information, and lists of all affected sites here: https://github.com/pirate/sites-using-cloudflare

If we belive PSU may have been at risk, we will let you lot know ;)
 
Feb 16, 2007
5,099
9
38
35
Okayama
#7
I don't use my password here for anything important. I use it on other discussion forums, and that's it. It doesn't even form the basis for any more complicated passwords I use on other sites. I have a system that creates unique passwords for every important site I use (anything that gets CC info, for instance) so no two sites use the same password, and the passwords can't just be dictionaried, either, and are hard to brute force because they are too long.
 
Last edited:

Brandon

Administrator
Staff member
Nov 8, 2004
15,131
92
48
#8
[QUOTE="bobtheduck, post: 6527473]I don't use my password here for anything important. I use it on other discussion forums, and that's it. It doesn't even form the basis for any more complicated passwords I use on other sites. I have a system that creates unique passwords for every important site I use (anything that gets CC info, for instance) so no two sites use the same password, and the passwords can't just be dictionaried, either, and are hard to brute force because they are too long.[/QUOTE]
I do the same thing. All my passwords are unique and complex. I personally use Enpass. It's the best password manager I've ever used. Having said that, if your password gets leaked, it's irrelevant how complicated the password is.
 

Vyse

Extreme Poster
Mar 27, 2006
26,151
246
63
#9
I am tired of the Cloudflare captcha tests not working properly on Chrome. It wouldn't surprise me if it contributes to so few threads being posted; it leaves you hanging indefinitely on a blank white screen after successfully answering the question.

It is extremely annoying spending time trying to clean up an article to be posted in the text box (bolding questions, properly spacing paragraphs, maybe embedding images included in the article etc) and not being able to share it with others. What's worse is that you can't actually predict whether or not you will run into the problem. Just because I experience the problem today and it goes away tomorrow doesn't mean I won't experience it again a week or two from now.

Please tell me I am not the only member experiencing this annoying site plugin.
 
Last edited:

Christopher

Community and Technical Manager
Staff member
Jun 1, 2007
11,831
86
48
47
Warner Robins, GA
#11
From what I have seen, the problem occurs primarily when you try and copy and paste from another site. To avoid this, I have been copying any text from other sites into Notepad (which removes the formatting) and then into the post. Cloudfare is suspicious of any encoded text.

To be clear, Cloudfare is not a site plugin. It is a sort of proxy. That is cloud-based and serves up the site HTML. In the past, you would browse PSU and hit our servers directly. Now, you are actually hitting the cloud-fare servers which pull in a copy of the site contents. This way it can prevent the denial of service attacks that we were experiencing on numerous occasions.

I do not have any control over cloudfare, but I will pass on the complaints to the admin of the site. Sorry for the problems.
 

Vyse

Extreme Poster
Mar 27, 2006
26,151
246
63
#12
[QUOTE="Christopher, post: 6528394]From what I have seen, the problem occurs primarily when you try and copy and paste from another site. To avoid this, I have been copying any text from other sites into Notepad (which removes the formatting) and then into the post. Cloudfare is suspicious of any encoded text.[/QUOTE]
I will try that. Thanks, Christopher.
 
Apr 18, 2017
1
0
0
#13
I am also having a lot of issues witch cloudfare/captchas on chrome recently. Im running windows 10 64bit, I feel relieved that I am not the only one with that issue, because I was going crazy to find the source of these problems. I have even restarted my router settings and re-installed os...