The Next Web

Node.js team member cracks CloudFlare’s Heartbleed challenge, proving that the bug exposes SSL keys

Fedor Indutny, a core member of the node.js team, has proved that it is in fact possible for an attacker to sniff out the private SSL keys from a server left exposed by the Heartbleed bug. The proof ...
CSOonline

CloudFlare can provide its caching service without your SSL keys

CloudFlare said it has engineered a novel way to handle sensitive encryption keys that allows organizations such as financial institutions to still use its caching service to fend off cyberattacks.
Ars Technica

In-depth: How Cloudflare promises SSL security—without the key

Content delivery network and Web security company Cloudflare has made a name for itself by fending off denial-of-service attacks against its customers large and small. Today, it's launching a new ...