Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I'd actually released code to get private keys a day or two before Cloudflare wrote that blog post on the principle that it was easy enough to do that numerous other people probably already had in private. Didn't help; people still kept concluding that it was impossible to get the private key. Cloudflare were the most publicity-hungry by a little but they weren't the only offender; ErrataSec screwed up pretty badly too for example, as did Akamai and I think one or two others.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: