5 Replies Latest reply on Feb 25, 2017 9:51 AM by philmodjunk

    CloudBleed and FileMaker

    fmpdude

      Looking at the full (22 MB) data file (4,303,677 rows in the file I downloaded) for the latest huge Internet bug, CloudFlare, which you can read about here: Cloudflare Leak Exposed Data From Millions of Websites | News & Opinion | PCMag.com

       

      I found three entries with "FileMaker" in that list:

       

      • filemaker-blankshyri.tk
      • wordpressfilemakersolutions.com
      • wufilemaker.com

       

      Worthwhile to see if any sites you use were affected.

       

      Searching for "1Password", a popular password program mentioned in the PC Magazine article (1Password says not a problem), I found these entries in the file:

       

      • 01password.com
      • 1password.com
      • dashlane-to-1password.com

      ---

       

      Performance results:

      (MySQL imported the 4M+ row file in 20 seconds, FileMaker: Approx 2 minutes)

       

      Queries:

      MySQL Performance of a simple LIKE query to search file: 1.5 seconds per query.

       

      FileMaker Performance:

      • Using FMP native Find (no LIKE query): Query also runs in about 1.5 seconds!
      • In FMP SQL - using LIKE in SQL (in Data Viewer): 38 seconds (best of several trials).

       

           ExecuteSQL ( "Select thedomain from cloudbleed where thedomain like '%1password%'" ; "" ; "")

       

      Trying the same query in a remote JDBC console (to get any useful information) with the FileMaker DB gave me, well, I gave up after 2 minutes waiting on the query.

       

      And, FMP was hogging the CPU terribly for this query from the JDBC console, anyway:

       

       

      Thanks very much kramis for your kind and helpful reply.

       

      --

       

      As others have noted, having to force-quit FMP with the Data Viewer open, removes all your watch expressions (I now always keep a spare plist file, backed up daily for this ridiculous-should-not-still-be-happening issue). I would have hoped by now, FMI would have REFACTORED (debugged) FMP to externalize file data (such as watch expressions), currently in the volatile plist, that get overwritten to a separate file. Come on guys...