Hacker News new | past | comments | ask | show | jobs | submit login

How about leaking session tokens and other sensitive data for millions of people during "Cloudbleed"? Were you advocating public shaming for Cloudflare then? Was that also "sheer laziness" and did they earn "more than a few" of your "go fuck yourself's"?



I fail to see how Cloudbleed and this event are the same. Cloudbleed was caused by a Cloudflare bug, true, but it wasn't caused by outright laziness (which this incident clearly was). Furthermore, unlike Verizon's distinct lack of communication regarding this incident, Cloudflare has generally been very good about reporting and communicating with the community.


> outright laziness (which this incident clearly was)

I don't think it was clearly laziness. It could have been a configuration mistake.


Indeed and we saw that as a cause recently for a major Google outage. However that likely possibility of a bad config or edit doesn't fit the narrative Cloudflare is spinning here - that Verizon is simply dumb and lazy.

Clearly Verizon has inbound prefix filtering in place otherwise this would be a common occurrence for AS 701 and it is most certainly not. And it's quite surprising and sad to see how willing people are to just blindly parrot Cloudflare here and pile on. This of course was the desired outcome of the blog post.


They are not same nor was I implying they were the same. The point being that oversight and genuine mistakes happen. However Cloudflare wants to characterize it as "sloppiness and laziness" when it's someone else. And even here you are "parroting" them here when neither you or they actually know the details do you? Clearly Verizon has prefix filtering in place in other places or this would be a regular occurrence for them and it is not. Cloudflare is pretty far down the list in importance during an outage that affected many companies - other Tier 1s, 2s etc. Just because Cloudflare didn't get a response does not mean they weren't communicating. I know two network engineers who were in contact with Verizon yesterday during the outage. But again you seem intent to just "pile on" after reading a one-sided and self-serving Cloudflare blog post.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: