Heartbleed Revisited
In 2014, a bug called Heartbleed was discovered in OpenSSL, which allowed attackers to read memory from affected servers and extract their TLS/SSL certificate private keys. This event highlighted major issues with how the internet is secured. Since then, Cloudflare has taken lessons from Heartbleed and applied them to improve the design of its systems and the resiliency of the internet overall. Key measures include defense-in-depth strategies for protecting TLS/SSL private keys, Keyless SSL, Geo Key Manager, Delegated Credentials, and improvements in OCSP stapling support. These enhancements have made Cloudflare a leader in the security space and reduced the risk of key compromise and the cost of recovery if it happens.
Company
Cloudflare
Date published
March 27, 2021
Author(s)
Nick Sullivan
Word count
1282
Language
English
Hacker News points
None found.