Security of Vivaldi.net with Cloudfare bug?
This morning I read on BBC.com/News about a bug in the HTTP parser at Cloudfare. (More details available here.)
I have always been leery about about being routed through San Francisco to get to Vivaldi.net and am wondering how this affects users of the site.
Anyone have any information?
Oddly enough from the Cloudfare blog (mentioned above) I get that potential problems occurred only "The greatest period of impact was from February 13 and February 18", yet from your Team Blog it says: "The passwords of users that logged into Vivaldi.net between September 21st and November 4th 2016 may be affected,"
Can someone explain the discrepancy?
I do not know, but here's my understanding from the blog. The team (Yngve Pettersen) says that: "After November 4th we changed to a login system that did not pass through Cloudflare"
So, though the height of the problem, from Cloudflare's point of view, were from 13 to 18 February; from Vivaldi's point of view the problem goes only until November 4th.
So I read, from what they say. Again: I do not know.
I think, Vivaldi suggests the password reset to enhance the privacy/security for users, not as a fact that Vivaldi login was hacked.