
Show HN: Check your Safari history for sites using Cloudflare - zweizeichen
https://gist.github.com/zweizeichen/10bca3803b54070090ac48f5173910b2
======
nikisweeting
As the author of the list these extensions are using (sites-using-cloudflare),
I have doubts about the utility of public browser extensions to check for
Cloudflare sites. An extension will alert if the user is on any of 4,000,000+
domains in the list. There will be too many false positives to make it a
useful tool, and by forcing users to reset so many passwords, we're more
likely to make them choose poor ones. That risk may outweight the safety
gained by resetting passwords.

It was also mentioned in the Techcrunch article, many companies will probably
choose not to reset user passwords, and will instead just pay for insurance to
cover the tiny chance that one of their users had data leaked.
[https://techcrunch.com/2017/02/24/how-to-secure-your-data-
af...](https://techcrunch.com/2017/02/24/how-to-secure-your-data-after-the-
cloudflare-leak/)

------
avinassh
I built a chrome extension for same - [https://github.com/avinassh/history-
bleed/](https://github.com/avinassh/history-bleed/)

Web store link - [https://chrome.google.com/webstore/detail/history-
bleed/jpkh...](https://chrome.google.com/webstore/detail/history-
bleed/jpkhbecnecbmngclppiklcjjddhehdce)

------
human_error
It might've been better if it was multithreaded or something similar. It added
4287583 domains from sorted_unique_cf.txt. That'd take awhile.

~~~
Symbiote
It took 5 seconds for me, returning 285 matches, for Firefox on Linux.

------
stdclass
Title should be changed to "Check your Browser history" \- since there is also
a Chrome / Firefox version.

~~~
Sanssass
I think the other browsers were added after the fact.

------
Gammarays
haven't looked through the code yet, but does this port to chrome?

~~~
zweizeichen
Just ported it for Chrome and Firefox. Maybe the title should be updated to
reflect that change. There might be extensions for this already which could be
more convenient.

