Login

Recent searches

No recent searches

Search options

Only available when logged in.
fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software. If you wish to join, contact us for an invite.

Administered by:

Server stats:

10K
active users

fosstodon.org: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

Public
Viss

blog.cloudflare.com/password-r

the only way for cloudflare to have this data is if it is inside the ssl channel, analyzing traffic to their customers who are logging in.

ssssoooooooo i guess this makes the cloudflare logs a massive target for nation states now?

Public
Viss

okay so several people have responded to this thread, pointing at me and figuratively waving off this as "well, duh. cloudflare terminates ssl. theres no surprise here"

so i feel like i have to point this out to the non-security folks.

the part where they, without consent, intercept the traffic (ESPECIALLY FUCKING AUTHENTICATION), imbibe it into a research context, and perform password analysis on it?

Thats a crime
its the same as MITMing someone from their corp workstation and stealing creds

fedops 💙💛

@Viss which incidentally is exactly how all the corpo "security" tools work. Nextgen firewalls, zero trust clients, the lot. Check your certs when assuming you're connecting to a "secure" site and you'll see.

Mar 17, 2025, 08:20 PM·Public·Tusky
0boosts·1favorite
ExploreLive feeds
About