October 2013 Summaries
6 posts from Cloudflare
Filter
Month:
Year:
Post Summaries
Back to Blog
On October 31, 2013, Kenneth R. Carter participated in a pumpkin carving contest in Monterey where he saw a low-relief scene of a pirate ship. Inspired by the translucent sails made from cutting away some of the pumpkin skin, Carter decided to create a similar design with the CloudFlare logo. As legal counsel for CloudFlare, Carter is responsible for protecting the company's trademarks and believes that the brand symbolizes their mission to build a better internet. The company has protected numerous websites from various threats, including those related to Halloween. Carter invites others who share this passion for creating a safer online environment to join the CloudFlare team as they are currently hiring. He wishes everyone a safe and happy Halloween.
Oct 31, 2013
251 words in the original blog post.
Elliptic Curve Cryptography (ECC) is a powerful but less understood type of cryptography in wide use today. It provides a significantly more secure foundation than first generation public key cryptography systems like RSA, based on currently understood mathematics. ECC is the next generation of public key cryptography and makes sense to adopt for ensuring the highest level of security while maintaining performance. The elliptic curve discrete logarithm is the hard problem underpinning ECC, which has not been solved yet despite almost three decades of research. This means that for numbers of the same size, solving elliptic curve discrete logarithms is significantly harder than factoring, making ECC a stronger cryptographic system.
Oct 24, 2013
4,158 words in the original blog post.
Cloudflare extensively uses open-source software in its operations, including nginx, postgresql, Kyoto Tycoon, OpenResty, gcc, make, Go programming language, Lua, python, Perl, PHP, Sentry, Kibana, and nagios. The company believes that using open-source software provides reliability, ease of modification, and maintenance. Additionally, it fosters job satisfaction for programmers and helps in hiring the best talent. Cloudflare encourages its engineers to contribute modifications to open-source projects and release their own projects through GitHub. They also sponsor external open-source projects where they see significant impact. The company's strong bias is to open source everything it has built, with exceptions for highly specific or high-support-cost components. Cloudflare believes that its competitive advantage lies in the network it has built, data collected on making the web faster and safer, and the people it attracts.
Oct 07, 2013
823 words in the original blog post.
Michael Tomko, Production Director at The Able Few, shares his experience using CloudFlare for deploying simple websites quickly and efficiently. He recalls a conversation with a colleague who found it challenging to keep up with the latest web development techniques and tools. Tomko then describes how he built "IsTheGovernmentOpen.com" in just 30 minutes, using a single HTML file, some CSS, and a GIF. The website went viral after being featured on various news outlets and social media platforms. He praises CloudFlare for its role in keeping the site up during massive traffic spikes, emphasizing that it is not only simple to use but also worth using even on the free tier. Tomko concludes by stating that CloudFlare saves time and money for developers working on more complex projects.
Oct 04, 2013
1,066 words in the original blog post.
On October 3, 2013, a critical zero-day vulnerability was discovered affecting hosting providers using WHMCS. To enhance web security, CloudFlare introduced a ruleset in their Web Application Firewall (WAF) to block the identified attack vector. By enabling the WHMCS Ruleset and following best practices, hosting partners utilizing CloudFlare's WAF can effectively protect themselves from this vulnerability. WHMCS promptly released a patch for the issue at blog.whmcs.com/?t=79427. It is recommended to apply the patch or update WHMCS to version 5.2.8 to address this security concern.
Oct 03, 2013
98 words in the original blog post.
The text discusses the importance of generating random numbers for secure systems and how Linux's internal random number generator achieves this. It explains that computers are deterministic machines and finding sources of randomness in them is challenging. For Cloudflare servers, they rely on the random number generator built into the Linux operating system. The text also delves into entropy and its importance for cryptographic keys. Furthermore, it describes how the kernel uses timestamps to stir the entropy pool and how cryptographic hash functions are used to generate high-entropy random numbers. Lastly, it mentions Intel's hardware number generator as a potential source of randomness and highlights third-party entropy generators for servers without access to diverse sources of randomness.
Oct 03, 2013
2,376 words in the original blog post.