Security of Vivaldi.net with Cloudfare bug?
-
This morning I read on BBC.com/News about a bug in the HTTP parser at Cloudfare. (More details available here.)
I have always been leery about about being routed through San Francisco to get to Vivaldi.net and am wondering how this affects users of the site.
Anyone have any information? -
Oddly enough from the Cloudfare blog (mentioned above) I get that potential problems occurred only "The greatest period of impact was from February 13 and February 18", yet from your Team Blog it says: "The passwords of users that logged into Vivaldi.net between September 21st and November 4th 2016 may be affected,"
Can someone explain the discrepancy? -
@greybeard See the post by @gaelle (Vivaldi Community Manager)
https://forum.vivaldi.net/topic/14702/the-cloudbleed-issue-keeping-you-safe
-
I do not know, but here's my understanding from the blog. The team (Yngve Pettersen) says that: "After November 4th we changed to a login system that did not pass through Cloudflare"
So, though the height of the problem, from Cloudflare's point of view, were from 13 to 18 February; from Vivaldi's point of view the problem goes only until November 4th.
So I read, from what they say. Again: I do not know.
-