Helping To Build Cloudflare, Part 2: The Most Difficult Two Weeks

In this blog post, John Graham-Cumming shares his experience dealing with the serious security issue known as "Cloudbleed" that affected Cloudflare in 2017. The company had been leaking memory from its machines into responses returned to web browsers, potentially exposing sensitive information. Google's Project Zero discovered the leak and informed Cloudflare, which quickly stopped it. However, the cleanup process was massive as they had to find what had been leaked and request search engines to delete cached data. The company faced uncertainty about its survival but ultimately found no evidence of exploitation and gained customers who appreciated their openness during the crisis.