Luxas on Nostr: On a normal site that's Cloudflare'd, if there is a login form, your password will be ...
On a normal site that's Cloudflare'd, if there is a login form, your password will be visible in plaintext as the data is decrypted by Cloudflare since their reverse-proxying service is effectively a MitM. This poses a minor OpSec issue if your threat model includes Cloudflare as a threat actor. But, what's cool is if the site has a Nostr login, you don't need to worry about this type of possible attack vector. Nostr is the future of the interoperable and open web.
Published at
2025-01-29 23:11:17Event JSON
{
"id": "ba90c7222636d6b3e5e5df04ea03c9d4a6d68f929b4fe05570e00e28e5137730",
"pubkey": "d49a9023a21dba1b3c8306ca369bf3243d8b44b8f0b6d1196607f7b0990fa8df",
"created_at": 1738192277,
"kind": 1,
"tags": [],
"content": "On a normal site that's Cloudflare'd, if there is a login form, your password will be visible in plaintext as the data is decrypted by Cloudflare since their reverse-proxying service is effectively a MitM. This poses a minor OpSec issue if your threat model includes Cloudflare as a threat actor. But, what's cool is if the site has a Nostr login, you don't need to worry about this type of possible attack vector. Nostr is the future of the interoperable and open web.",
"sig": "813a997aa9825f25067536b32fcf86a0ce79cfd702ecdb2e8df1938fac74a4b020d779b91a8c0391d99f33b023cf000e96baf8fbd2ce37fbbf0ae466488490f4"
}
