Cloudflare’s bug bounty program is terrible

Yesterday, Google security researchers discovered a disturbing leak in one of the internet’s most crucial services, Cloudflare. In addition to providing DDoS protection, millions of sites use Cloudflare to provide access to assets in the most expedient fashion. And for several months, it leaked passwords, keys, IP addresses and more, like a broken faucet. Millions of sites – including some of the most popular, high-profile sites – were affected by this problem, causing various security researchers to warn everyone on the Internet to change their passwords. That’s how serious it is. But that’s not what I want to talk about.…

This story continues at The Next Web

from https://thenextweb.com/insider/2017/02/24/cloudflares-bug-bounty-program-is-terrible/