Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Mon 14 Oct 2019, 18:47
All times are UTC - 4
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Browsers and Internet
Browser Security Update
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [6 Posts]  
Author Message
8Geee


Joined: 12 May 2008
Posts: 2061
Location: N.E. USA

PostPosted: Wed 05 Jun 2019, 16:36    Post subject:  Browser Security Update
Subject description: Certain TLS1.2 schemes VUNERABLE
 

Recently it has been discovered and announced that certain TLS1.2 encryption schemes are vunerable to cracking attempts. In an indirect way, this is related to derivatives of Meltdown/Spectre.

Firefox and derivatives uses two of these schemes, and the Qualys Client-Side Test has affirmed this with a "WEAK" rating (unsuitable for use). Since this is encryption scheme AND there IS hyperthreading of ANY TYPE involved, your browser needs to FALSE these schemes, so they are not selected. Below is the Firefox/derivative pathway, other browsers may be similar.

DISCONNECT FROM THE INTERNET
Oen Firefox and in Firefox address bar type about:config
Click I'll be careful
In the search bar type ssl
scroll down the listing to these two consecutive entries

security.ssl3.ecdhe_ecdsa_aes_128_sha
security.ssl3.ecdhe_ecdsa_aes_256_sha

Double click each one to make FALSE
Close the Browser
Click Menu --> Shutdown --> Restart Graphical Server
Upon the Refresh you may reconnect to internet

Regards
8Geee

Placed here for 'universal access' due to any browser being affected.

_________________
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."
Back to top
View user's profile Send private message 
Smithy


Joined: 12 Dec 2011
Posts: 1060

PostPosted: Tue 11 Jun 2019, 13:14    Post subject:  

Thanks for those 8Geee, the two tweaks are making the browser boot faster, I think.
If you get any others that you think could be handy could you post them here?
Back to top
View user's profile Send private message 
kuman11

Joined: 26 Dec 2017
Posts: 206

PostPosted: Sun 28 Jul 2019, 14:41    Post subject:  

'in error'
Last edited by kuman11 on Sun 28 Jul 2019, 20:41; edited 1 time in total
Back to top
View user's profile Send private message 
Mike Walsh


Joined: 28 Jun 2014
Posts: 5471
Location: King's Lynn, UK.

PostPosted: Sun 28 Jul 2019, 15:46    Post subject:  

kuman11 wrote:
Mike,
My profile for Seamonkey246 has disappeared or is deleted & I can't start it with the script.
How can I create another one w/o a reboot if possible?


@ kuman11:-

Which 'Mike' are you talking to? Myself? Mikeslr? MikeB? And why are you posting about SeaMonkey profile issues in a totally unrelated thread to do with TLS encryption??

When you post without thinking like this, we can't help you because we don't know who or what you're referring to.....


Mike. Wink

_________________
MY 'PUPPY' PACKAGES

Back to top
View user's profile Send private message 
kuman11

Joined: 26 Dec 2017
Posts: 206

PostPosted: Sun 28 Jul 2019, 20:40    Post subject:  

Mike Walsh,

It seems somehow I've posted it in error, it's for the Portable thread.
It's for u.
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 2061
Location: N.E. USA

PostPosted: Fri 13 Sep 2019, 12:45    Post subject: Others to mark false
Subject description: a simple check
 

Smithy, et al;

One check that can be used with the above "about:config --> ssl" is to look for the following two items in the list;

1.) GCM
2.) POLY_1305

If the choice does not contain 1. or 2. then mark as false.
Tested on FF66.0.5 and FF27.

Regards
8Geee

_________________
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [6 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Browsers and Internet
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0749s ][ Queries: 11 (0.0120s) ][ GZIP on ]