: K-Meleon Forum
General discussion about K-Meleon.
[quote=margarita] Internet Explorer 9 also supports TLS 1.1 and TLS 1.2 in Windows 7. TLS 1.0 is also known as SSL3.1, TLS 1.1 as SSL3.2 and TLS1.2 as SSL3.3. [i]On September 23, 2011 researchers Thai Duong and Juliano Rizzo demonstrated a "proof of concept" called BEAST (using a Java Applet to violate "same origin policy" constraints) for a long-known Cipher block chaining (CBC) vulnerability in TLS 1.0. Practical exploits had not been previously demonstrated for this vulnerability, which was originally discovered by Phillip Rogaway. Google included a patch in development version of their Google Chrome web browser to mitigate BEAST-like attacks. [b]The TLS 1.0-specific BEAST attack can be prevented by removing all CBC ciphers from your list of allowed ciphers—leaving only the RC4 cipher, which is still widely supported on most websites[/b]. Microsoft is releasing tools to support TLS 1.1 (which fixes this CBC attack vulnerability) on Microsoft servers and browsers.[/i] http://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_1.2_.28SSL_3.3.29 o.O[/quote]
K-Meleon forum is powered by