Dying cipher suites are stinking up TLS with man-in-the-middle vulns Crypto-researchers have reported bad smells from TLS, the protocol used to provided encrypted HTTPS connections and such like. In particular, there's a strong pong coming from older cipher suites that put netizens at risk of full-blown interception. Researchers Clemens Hlauschek, Markus Gruber, Florian Fankhauser, and …
This post has been deleted by its author
Yes. It's the specs (protocols) that are buggered up (BY DESIGN) with craploads of needless chaos and brain-damaged insecure "fallbacks" to useless shit that WAS FUCKING OBSOLETE AND INSECURE AT THE TIME THE SPECS WERE BEING DRAFTED
What do you suppose NSA's "NIST's" brief was when they contrived it?...
"...Does it affect LibreSSL?
(Can this now become one of the 'obligatory', and 'standard', El Reg questions? You know, like, 'does it run Crysis?', and, 'can you put bacon with it?')..."
What...an...utterly...stupid...question!
You can put bacon with anything! and it both works and immediately improves it!
There's a huge, apparently legitimate market in in-house man in the middle attacks. Yes, Blue Coat I'm looking at you. The instant there's one compromise on the network that's regarded as legitimate then you can't really expect users to start to be bothered if there are two. They all look equally legitimate.
It's still a man in the middle attack, even if you can ring him and have him tell you with a straight face that it isn't.
Well someone had to be able to MITM .... Sec audits and all. And then there is decrypting because of all the malware that uses TLS. So there does have to be MITM.... but that is why there are ACLs, trusted roots/intermediates.... I'm not a BC fan, but you obviously have an axe to grind.......
Part of the remit/mission-statement for both of these organisations is to protect the communications of citizens of their countries from 'foreign adversaries'. Both of them have the skills & budget to properly design TLS (or replacement) to have fewer holes.
Unfortunately: another part of their remit is to break Johnny foreigner's communications - in part they use holes in TLS, etc, to achieve this. There is suspicion that they have weakened or made overly complex the various security protocols & procedures. This might make it easier for snoop on foreigners, but it also makes it easier for foreigners and various crooks to snoop on us.
There is a tension between these 2 different remits, they have settled this by focussing on breaking/weakening TLS. Why ? It is quite simple: they can be held accountable for missing a 'bomb plot', but if a hole in TLS is used to break into big business & syphon off millions they can deny any responsibility - conveniently forgetting that closing TLS, etc, holes is part of what they should be doing.
Our idiot politicians don't help, few of them have any real clue as to what is going on.
Always thought it was a bit annoying that SSL/SSH documentation is detailed and rigorous, but regarding ciphers, just sort of vaguely refers to "your locally installed ciphers" or similar. A bit ago I noticed my backups were still using CAST5. CAST5 is obsolescent and should probably not be used in 2015. PGP/GPG isn't about to tell you that, however. It will happily use any old ciper without a peep. Nor do the man pages provide much guidance.
Most mac owners seem to hand off their older toys to family members who only need a computer for things like online bills, banking and taxes. All PPC and 32bit bootloader macs have broken browsers and aren't supported by any of the major vendors who can't seem to find a way to throw their source code at an older version of xcode and build a fat binary.
This post has been deleted by its author
It is not necessarily the ignorant vendors. If F5 released 10.2.4 before supporting EC ciphers, and the customer is still using it .... not the vendors fault. They can EOL it, but when has that ever stopped the customer?
If a company has customers running old ass software ..... say a TV or Android v4.2, EC may not be an option ..... maybe EC wasn't around way back a few years ago: oh yeah 10.2.4. And tell the CFO you're gonna lose 3% of your customer base.
I'm not pro old-shit .... trust me. Fuck the 3% ( and the 1% ). Deprecation came fast for SSL, DHE, RC4, etc....even faster for TLS 1.0.... OK, RC4 has had a while...... but for the longest, @speed rules ... CPU and all. (Boy, didn't F5 love the coming of 2048 .... a round of VIPRIONs for everyone ). We were all happy until someone smarter came along and said we're wrong.
Oh, and non-exportable certs - LOL ... ever heard of Mimikatz? No such thing as non-exportable.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
