Incident report on Cloudflare parser bug

Cloudflare reported last night a bug in their service which could have leaked information from the services using their edge cache servers.

Feedly uses Cloudflare as a security shield which increases the reliability and performance of the Feedly web application. As such, Cloudflare informed us it is possible that some of the Feedly Web request performed between Feb 13 and Feb 18 might have been impacted by the information leak.

Despite the 1 in 3,300,000 chances of being impacted, we recommend to be extra cautious and take the following actions:

1/ If you are using the Feedly login/password, change your password. Go to the Logins page and change your password. Note: if you are using a third-party login option like Google, Facebook, or Twitter, you are NOT impacted and do not need to change your password [1].

2/ Logout and log back in. On Feedly Web, click on the face bubble icon (at the top right of the screen), select the logout option and then log back in. This will invalidate your old session/cookies and create a brand new one.

Our engineering team has a follow up call with the Cloudflare team later this afternoon and we will update this post if we learn anything that changes these recommendations.

We want to thank the Cloudflare team for how well they handled this situation. It is how you manage exceptions that defines your brand, and Cloudflare did really well despite what might have been a very stressful moment for them. We look forward to continuing to work with them to make Feedly safer and more reliable.

Please let us know if you have any questions.

-Seb, David, and Edwin

[1] The third party login authentication is performed via OAuth. You login directly with those 3rd party sites and Feedly only gets an authentication token. One of the benefits of OAuth is that Feedly or Cloudflare never get to see your third party passwords.

 

Incident report on Cloudflare parser bug

Cloudflare reported last night a bug in their service which could have leaked information from the services using their edge cache servers.

Feedly uses Cloudflare as a security shield which increases the reliability and performance of the Feedly web application. As such, Cloudflare informed us it is possible that some of the Feedly Web request performed between Feb 13 and Feb 18 might have been impacted by the information leak.

Despite the 1 in 3,300,000 chances of being impacted, we recommend to be extra cautious and take the following actions:

1/ If you are using the Feedly login/password, change your password. Go to the Logins page and change your password. Note: if you are using a third-party login option like Google, Facebook, or Twitter, you are NOT impacted and do not need to change your password [1].

2/ Logout and log back in. On Feedly Web, click on the face bubble icon (at the top right of the screen), select the logout option and then log back in. This will invalidate your old session/cookies and create a brand new one.

Our engineering team has a follow up call with the Cloudflare team later this afternoon and we will update this post if we learn anything that changes these recommendations.

We want to thank the Cloudflare team for how well they handled this situation. It is how you manage exceptions that defines your brand, and Cloudflare did really well despite what might have been a very stressful moment for them. We look forward to continuing to work with them to make Feedly safer and more reliable.

Please let us know if you have any questions.

-Seb, David, and Edwin

[1] The third party login authentication is performed via OAuth. You login directly with those 3rd party sites and Feedly only gets an authentication token. One of the benefits of OAuth is that Feedly or Cloudflare never get to see your third party passwords.

 

皆に愛されて祝100周年☆大人カジュアルの定番『コンバース・オールスター』コーデ集

CONVERSE(コンバース)のALL STAR(オールスター)と言えば、誰もが履いたことがあったり、憧れたりしたことがあるのでは?「バッシュ」という言葉も懐かしいですよね。そんなコンバースオールスターは誕生してから今年でなんと100周年を迎えます。今も色あせない、人気のコンバースオールスターを大人可愛く取り入れたコーデ集をご紹介します。