/plushcap/analysis/cloudflare/cloudflare-sites-are-protected-from-freak

No upgrade needed: CloudFlare sites already protected from FREAK

What's this blog post about?

On March 04, 2015, John Graham-Cumming announced that CloudFlare's SSL customers are not affected by the FREAK vulnerability. The company does not support 'export grade' cryptography and upgraded to a non-vulnerable version of OpenSSL in early January. Their OpenSSL configuration is available on Github, along with patches for OpenSSL 1.0.2. CloudFlare stays proactive by disabling outdated protocols and ciphers while keeping up with the latest secure ones.

Company
Cloudflare

Date published
March 4, 2015

Author(s)
John Graham-Cumming

Word count
143

Language
English

Hacker News points
None found.


By Matt Makai. 2021-2024.