Flüpke

This #Cloudflare outage is a good reminder, of how much unencrypted TLS traffic that company gets to see.

They have your private data from almost all of the websites, that are currently down.

"SSL added and removed here ;-)"

Nov 18 at 1:33pmWeb
Show threadderpeterNov 18
@fluepke But they would never look at it, wouldn't they? That would be mean and big tech companies never lied to us and never are evil. Also water is very dry and the sun is cold.
Show threadGemini0  Nov 18
@fluepke lovely, thanks for letting me know
Show threadjustJanneNov 18

@fluepke That's why this sticker exists :)

Available at 39C3, or you can print it yourself: https://github.com/justjanne/stickers/blob/main/designs/ssl%20added%20and%20removed%20here.svg

Show threadNosirrahSec 🏴‍☠️ guillotine enthusiastNov 18
@justjanne @fluepke fucking Naziflare.
Show threadWikinautNov 18
@justjanne @fluepke ah, auf Post-Its wie auf den Snowden/Appelbaum Slides....
Show threadKorma ChameleonNov 18
@fluepke also, if a website isn't down it means cloudflare doesn't have your data, akamai does
Show threadgaryNov 18
@fluepke lots and lots of enterprise use ssl/tls proxies as well which waters down your point a bit but it is still pertinent and carries weight - important; this gets overlooked by virtually everyone other than the infosec community #fb #polar proxy #squid
Show threadJack RusherNov 18
@fluepke Man in the Middle as a service 😆
Show threadGustavoNov 18
@fluepke One more reason people needs to make the point of never reusing passwords. One more CloudBleed, mostly after companies are pushing for AI generated (bullshit) code, and chaos is certain.