TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: Kevin
Date: September 22, 2011 10:33AM

Was wondering version TSL K-Meleon is using


http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/

Although TLS 1.1 has been available since 2006 and isn't susceptible
to BEAST's chosen plaintext attack, virtually all SSL connections rely
on the vulnerable TLS 1.0, according to a recent research from security
firm Qualys that analyzed the SSL offerings of the top 1 million
internet addresses.

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: margarita
Date: September 23, 2011 01:51PM

Quote
Kevin
Was wondering version TSL K-Meleon is using
http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/
Although TLS 1.1 has been available since 2006 and isn't susceptible
to BEAST's chosen plaintext attack, virtually all SSL connections rely
on the vulnerable TLS 1.0, according to a recent research from security
firm Qualys that analyzed the SSL offerings of the top 1 million
internet addresses.

What can we do to avoid this problem?
Disable TLS?
o.O

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: gordon451
Date: September 24, 2011 06:56PM

@margarita - Ummm... No.

OTOH, there is force_tls-3.0.0-fx.xpi which ATM only fits FF, but can be hacked to work with KM. Trouble is, I don't know how. sad smiley

Gordon.

____________________
Gigabyte H61M-USB3-B3 r2.0, I5-2400 3.10GHz, 4GB RAM; W7HPx64 SP1, Lotus SmartSuite 9.8, K-Meleon74, Opera 12.17, IE9, Eudora 6.2, Foxit Reader 5.3.1.0606, PaintShop Pro 6.02, Avast! 7.0.1506
____________________
Sugar, greasy foods and Microsoft are dangerous to your health -- eat, drink and be merry!
____________________
Early to bed and early to rise makes a bloke crook, broke and stupid.

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: guenter
Date: September 24, 2011 08:28PM

Quote
gordon451
OTOH, there is force_tls-3.0.0-fx.xpi which ATM only fits FF, but can be hacked to work with KM. Trouble is, I don't know how. sad smiley

How do You know that it can be hacked? confused smiley

The extension uses AFAIK a sqlite database (to store its lists) and an FF overlay (to its XUL GUI) to add items/sites to it. So essential parts of the extension need redevelopment (e.g. the add item/function needs to be done by a kmm) to use with K-Meleon.

IMHO no hack (= easy way to get it to function) is in sight. sad smiley



Edited 1 time(s). Last edit at 09/25/2011 01:29AM by guenter.

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: gordon451
Date: September 24, 2011 09:21PM

Hi guenter -

>How do You know that it can be hacked? confused smiley
Anything can be hacked -- but if you use the wrong axe... surprised smiley

>It uses AFAIK a sqlite database...
Yes, but that appears to be dynamic:
      this._mDBConn.executeSimpleSQL("CREATE TABLE IF NOT EXISTS ftls "
                                     + "(host string, "
                                     + "birthtime integer, "
                                     + "maxage integer, "
                                     + "includesubdomains string)");

from .\jslib\ForceTLSUtils.jsm

But given the FF overlays, perhaps we need a chainsaw rather than an axe?

Certainly I would never claim it would be easy. If it was, I could do it. grinning smiley

Unfortunately time is not on my side -- 3 months steep learning curve for object-oriented plus anatomy of KM/FF -- I can barely do browser-sniffing in a web-page!

Gordon.

____________________
Gigabyte H61M-USB3-B3 r2.0, I5-2400 3.10GHz, 4GB RAM; W7HPx64 SP1, Lotus SmartSuite 9.8, K-Meleon74, Opera 12.17, IE9, Eudora 6.2, Foxit Reader 5.3.1.0606, PaintShop Pro 6.02, Avast! 7.0.1506
____________________
Sugar, greasy foods and Microsoft are dangerous to your health -- eat, drink and be merry!
____________________
Early to bed and early to rise makes a bloke crook, broke and stupid.

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: guenter
Date: September 25, 2011 03:47AM

I altered my last post to make it explain better what I mean.

K-Meleon does not use a XUL based GUI so there is little chance to integrate/use the overlay. Sometimes You can recode an "overlay" to be a "window".
That part must be amended by a kmm and/or a window - if possible.

No idea whether You can activate or use the sqlite part.

p.s. I'd not bother with the overlay or anything and just switch it on for browser sessions that need quality encryption e.g. banking.

All needed for that is knowing the GRE pref and crating a toggle button.
I do not know the GRE pref. sad smiley

Means if I knew more I'd simply try to force the highest possible TSL version that a page supports when needed.

I would not bother with the extension's list or any other added option like privacy mode.



Edited 1 time(s). Last edit at 09/25/2011 03:51AM by guenter.

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: gordon451
Date: September 25, 2011 11:09AM

Quote

Means if I knew more I'd simply try to force the highest possible TSL version that a page supports when needed.

I would not bother with the extension's list or any other added option like privacy mode.

I totally agree. No point in doing unnecessary work. cool smiley

I think I'll raise this in the Improvement Requests.

I assume KM does support TLS1.2/SSL3.3?

Gordon.

____________________
Gigabyte H61M-USB3-B3 r2.0, I5-2400 3.10GHz, 4GB RAM; W7HPx64 SP1, Lotus SmartSuite 9.8, K-Meleon74, Opera 12.17, IE9, Eudora 6.2, Foxit Reader 5.3.1.0606, PaintShop Pro 6.02, Avast! 7.0.1506
____________________
Sugar, greasy foods and Microsoft are dangerous to your health -- eat, drink and be merry!
____________________
Early to bed and early to rise makes a bloke crook, broke and stupid.



Edited 1 time(s). Last edit at 09/25/2011 11:16AM by gordon451.

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: JamesD
Date: September 25, 2011 11:13PM

Quote
gordon451
I assume KM does support TLS1.2/SSL3.3?

I wonder if this is dependent on the version of the Gecko engine being used in KM.

Edit: It does not appear that anyone is using the more up to date versions. Check this reference: http://blog.ivanristic.com/2011/09/ssl-survey-protocol-support.html



Edited 1 time(s). Last edit at 09/25/2011 11:29PM by JamesD.

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: guenter
Date: September 26, 2011 03:13AM

Quote
JamesD
Quote
gordon451
I assume KM does support TLS1.2/SSL3.3?

I wonder if this is dependent on the version of the Gecko engine being used in KM.


AFAIK K-Meleon supports nothing but TLS 1.0

TLS 1.1: https://bugzilla.mozilla.org/show_bug.cgi?id=565047
TLS 1.2: https://bugzilla.mozilla.org/show_bug.cgi?id=480514

Quote
2 persons @ bugzilla
Adam Rak 2011-09-21 10:39:45 PDT

Unfortunately the server support is very poor, but on the bright side, THIS server (which has this bugzilla) does support TLS 1.1. (BUT ssllabs.com does support TLS 1.1/1.2!)

Many cites very poor browser support as the reason why they won't implement TLS/1.1 or 1.2
So that's a good reason to implement it on firefox.

IE market share: 38.9% -> implements it (only latests versions), hopefully working..
Firefox market share: 25.5% -> no implementation
Chrome 20.2% -> no implementation
(according to wikipedia, these percentages might be skewed a bit)

So if there are an implementation for Firefox and Chrome then we can say that significant percentage of the browsers do support it, so its more likely to happen at the server side too. (And implementing in Firefox speeds up the Chrome implementation too.) Someone has to make the first step after all. And you already have some patches so I don't worry too much for browsers. But a little more "noise" to convince people to elevate the priority won't hurt.

Comment 56 dziastinux 2011-09-21 22:32:56 PDT

TLS 1.0 is no longer considered as secure. So this bug MUST marked as major.





The bad news first the FF extension ForceTLS does not seem to work for K-Meleon.


Some parts of the Force TLS extension for Firefox should have worked out of the box.

http://forcetls.sidstamm.com/

Quote
Sid Stammm

The add-on more or less works autonomously in the background, so you shouldn't have to do much to help it work. If you want, you can enable debugging and watch status messages pop up in the Javascript error console. You can also add sites to the ForceTLS database yourself, and force HTTPS requests for sites that may not even know ForceTLS exists.

So i added its ./components and put ForceTLSUtils.jsm into modules.
It did not create forcetls_db.sqlite or any new database file for a site like paypal.com which according to my info supports the extension.

Quote
crypto.stanford.edu
In September 2009, PayPal published an updated version of the protocol. As of this writing (November 2009), the updated protocol has been adopted by Google Chrome and NoScript, and implementation is underway in Firefox. The Strict-Transport-Security header is in use on a number of high-security web sites, including PayPal. ...


ForceHTTPS comes with preconfigured protection for Gmail, PayPal, American Express, Bank of America, Chase, and Fidelity.

For this reason I tried with the subsequent prefs from force_tls 1.0.3

// -- rule.<domain> = true
//    ... sets force TLS on that domain for one year from Firefox launch
pref("extensions.forcetls@sid.stamm.permanant.rule.paypal.com", true);

// -- subd.<domain>: set this to false or omit it to avoid including subdomains
pref("extensions.forcetls@sid.stamm.permanant.subd.paypal.com", true);


When it did not create a database I stopped work and only had a quick look at the needed XUL fixing & calling without investing any amount of work.

The adding & editing should work.
It is done by a "window" and that can be used & called by a trivial kmm.
Trivial = change a few lines in an existing kmm like mytypes.kmm.
& Repackage the XUL and fix the manifest for K-Meleon use to use it.




But the quick adding's overlay will never work. That is a true "overlay" which adds an alteration to a FF GUI item. So K-Meleon cannot use it.





Edited 1 time(s). Last edit at 09/26/2011 03:17AM by guenter.

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: ndebord
Date: September 27, 2011 10:53AM

This link is said to provide a good explanation of the exploit.

http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html

N

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: margarita
Date: September 27, 2011 05:31PM

Quote
gordon451
@margarita - Ummm... No.
OTOH, there is force_tls-3.0.0-fx.xpi which ATM only fits FF, but can be hacked to work with KM. Trouble is, I don't know how. sad smiley
Gordon.

After a couple of days reading some documents about this issue, I don't agree with the Force TLS extension way to force HTTPS connections. This extension does not work to solve this problem due that the real problem here is the non randomidez CBC cipher block chaining mode of all algorithms but RC4:

Security specialists have suggested using RC4 to remedy the SSL/TLS vulnerability that became known to the wider public last week. Unlike AES, which is used on most servers, the stream encryption algorithm doesn't use the Cipher Block Chaining (CBC) mode. The CBC implementations in all versions up to SSL 3.0/TLS 1.0 are vulnerable to "chosen-plaintext" attacks. /....../ OpenSSL, which tends to be used with Apache web servers, doesn't yet offer TLS 1.1; there, the only effective measure is to switch to GnuTLS or RC4.

http://www.h-online.com/security/news/item/First-solutions-for-SSL-TLS-vulnerability-1349813.html
http://www.phonefactor.com/blog/slaying-beast-mitigating-the-latest-ssltls-vulnerability.php

So, if I am right, could we solve this issue disabling all algorithms in KMeleon setting to "false" all ssl3 entries that exist in the registry but the RC4 ones?
o.O

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: gordon451
Date: September 27, 2011 07:03PM

Quote

...could we solve this issue disabling all algorithms in KMeleon setting to "false" all ssl3 entries that exist in the registry but the RC4 ones?
Unfortunately, no.

Problem is that while our computers and OSs might support current technology like TLS 1.1 and 1.2, most websites are stuck in last decade, maybe last century. Very few servers can do better than TLS 1.0, which is already compromised. Check out your favourite server on the Qualys SSL Server Test. The results will surprise you. Or maybe just confirm your worst suspicions.

ForceTLS is not a good way of solving the problem. But it is the only way we have -- we must start a campaign as Opera did years ago to "Open the Web (to Opera browsers)", by encouraging people to contact their ISPs and websites they do business with, asking them to please upgrade their security.

At the moment, for many people, ForceTLS is the only way of improving security.

Gordon.

____________________
Gigabyte H61M-USB3-B3 r2.0, I5-2400 3.10GHz, 4GB RAM; W7HPx64 SP1, Lotus SmartSuite 9.8, K-Meleon74, Opera 12.17, IE9, Eudora 6.2, Foxit Reader 5.3.1.0606, PaintShop Pro 6.02, Avast! 7.0.1506
____________________
Sugar, greasy foods and Microsoft are dangerous to your health -- eat, drink and be merry!
____________________
Early to bed and early to rise makes a bloke crook, broke and stupid.

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: JamesD
Date: September 27, 2011 07:45PM

I have a question. Using EDIT > PREFERENCES > PRIVACY & SECURITY > ENCRYPTION > ENCRYPTED TRANSMISSION, I find a list of two protocols. If I remove the check mark by "Enable Secure Sockets Layer..." does that not ensure that my only remaining protocol is TLS?

If I then mark "false" all of the crypto items in configuration except the RC4 items, would I not have TLS 1.0 with non CBC? Is that not the goal?

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: JohnHell
Date: September 27, 2011 08:37PM

We are forgetting 2 main things here about the attack.

1.- it is a XSS attack (cross site scripting)
2.- and a kind of MitM attack (man in the middle) through an infection (trojan) in one of the sides, server.

In other words, if a third acts to you as a proxy (XSS) and someone sniffs you (MitM through a trojan), can modify the TLS/SSL session to do whatever. The CBC attack existed before, the only change is the way is being attacked if CBC is not fixed and the time it requires to guess the encryption.

Also, some are unsure if for this attack is really needed Java or just Javascript.

This is what I got about this attack.

Beyond this, yes, we are not safe, but the recommendations are as always.

Don't open SSL sessions through third party sites, and not trusted sites, and keep your system clean (and let's hope the servers too).



Edited 1 time(s). Last edit at 09/27/2011 08:37PM by JohnHell.

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: margarita
Date: September 27, 2011 09:04PM

Quote
gordon451
Quote

...could we solve this issue disabling all algorithms in KMeleon setting to "false" all ssl3 entries that exist in the registry but the RC4 ones?
Unfortunately, no.
Problem is that while our computers and OSs might support current technology like TLS 1.1 and 1.2, most websites are stuck in last decade, maybe last century. Very few servers can do better than TLS 1.0, which is already compromised. Check out your favourite server on the Qualys SSL Server Test. The results will surprise you. Or maybe just confirm your worst suspicions.
ForceTLS is not a good way of solving the problem. But it is the only way we have -- we must start a campaign as Opera did years ago to "Open the Web (to Opera browsers)", by encouraging people to contact their ISPs and websites they do business with, asking them to please upgrade their security.
At the moment, for many people, ForceTLS is the only way of improving security.
Gordon.

If all the cipher algorithms of Kmeleon are disabled but RC4, the server only can stablish a connection with us using the RC4 protocol. ForceTLS is unable to randomize or modify CBC strings of AES, Camellia and triple-DES, so it's unexpected to solve this problem. The RC4 algorithm is the only one that is not at risk at this moment. o.O

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: margarita
Date: September 27, 2011 09:13PM

Quote
JamesD
I have a question. Using EDIT > PREFERENCES > PRIVACY & SECURITY > ENCRYPTION > ENCRYPTED TRANSMISSION, I find a list of two protocols. If I remove the check mark by "Enable Secure Sockets Layer..." does that not ensure that my only remaining protocol is TLS?
If I then mark "false" all of the crypto items in configuration except the RC4 items, would I not have TLS 1.0 with non CBC? Is that not the goal?

I have read that only the RC4 cipher algorithm is not at risk in this moment. So I think that's the goal. I have enabled both TLS/SSL and then I set to "false" all cipher but those that contain RC4, that I left as they are by default. o.O

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: JamesD
Date: September 27, 2011 11:09PM

Quote
margarita
I have read that only the RC4 cipher algorithm is not at risk in this moment. So I think that's the goal. I have enabled both TLS/SSL and then I set to "false" all cipher but those that contain RC4, that I left as they are by default. o.O

I did that but also un-checked SSL. I have used my bank and brokerage sites without any problem.

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: km2
Date: September 27, 2011 11:21PM

Quote
JamesD
I did that but also un-checked SSL. I have used my bank and brokerage sites without any problem.
Some time ago I un-checked SSL v3 and always surf with TLS.

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: JamesD
Date: September 28, 2011 03:22AM

I have encountered a site which may be useful. It tells me that I am using RC4 - 128 bit key. I have a broken padlock.
https://www.fortify.net/sslcheck.html

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: km2
Date: September 28, 2011 05:08AM

RC4 cipher, 128-bit key

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: gordon451
Date: September 28, 2011 11:54AM

Quote
JamesD
I have a broken padlock.

The broken padlock can also mean the page is mixed, containing secure and non-secured items.

In Prefs>Privacy & Security>Encryption>>Encrypted Transmission check "Warnings When viewing a page with an encrypted/unencrypted mix".

Gordon.

____________________
Gigabyte H61M-USB3-B3 r2.0, I5-2400 3.10GHz, 4GB RAM; W7HPx64 SP1, Lotus SmartSuite 9.8, K-Meleon74, Opera 12.17, IE9, Eudora 6.2, Foxit Reader 5.3.1.0606, PaintShop Pro 6.02, Avast! 7.0.1506
____________________
Sugar, greasy foods and Microsoft are dangerous to your health -- eat, drink and be merry!
____________________
Early to bed and early to rise makes a bloke crook, broke and stupid.

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: gordon451
Date: September 28, 2011 12:54PM

Quote
JamesD
If I then mark "false" all of the crypto items in configuration except the RC4 items, would I not have TLS 1.0 with non CBC? Is that not the goal?

We-e-e-lll...

Quote
Wikipedia
At http://en.wikipedia.org/wiki/RC4#Security :
However, many applications that use RC4 simply concatenate key and nonce; RC4's weak key schedule then gives rise to a variety of serious problems.

Because RC4 is a stream cipher, it is more malleable than common block ciphers. If not used together with a strong message authentication code (MAC), then encryption is vulnerable to a bit-flipping attack.

Have a Cap'n Cook at Fluhrer, Mantin and Shamir, SAC 2001.

In short, the encryption cypher is not the problem. The problem is the encryption method -- TLS 1.0 -- and the reluctance of web server operators to upgrade their software. We users are always urged to upgrade "for security", why can't they do the same?

The solution is not to default to a weak cypher which resists only the most recent attack, but to compel upgrades to a strong encryption method which is shown to be resistant to many attacks -- TLS 1.1 and 1.2.

BTW, Opera 10+ implements TLS 1.2 natively. Of course, they do have other problems...

[EDIT] @JamesD: I had a look at Fortify.net/sslcheck.html... I had disabled half the cypers it showed me surprised smiley [end EDIT]

Gordon.

____________________
Gigabyte H61M-USB3-B3 r2.0, I5-2400 3.10GHz, 4GB RAM; W7HPx64 SP1, Lotus SmartSuite 9.8, K-Meleon74, Opera 12.17, IE9, Eudora 6.2, Foxit Reader 5.3.1.0606, PaintShop Pro 6.02, Avast! 7.0.1506
____________________
Sugar, greasy foods and Microsoft are dangerous to your health -- eat, drink and be merry!
____________________
Early to bed and early to rise makes a bloke crook, broke and stupid.



Edited 2 time(s). Last edit at 09/28/2011 01:01PM by gordon451.

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: margarita
Date: September 28, 2011 01:43PM

Quote
JamesD
Quote
margarita
I have read that only the RC4 cipher algorithm is not at risk in this moment. So I think that's the goal. I have enabled both TLS/SSL and then I set to "false" all cipher but those that contain RC4, that I left as they are by default. o.O
I did that but also un-checked SSL. I have used my bank and brokerage sites without any problem.

Good choice, I will do the same. TLS 1.O is known as SSL3.1.
http://msdn.microsoft.com/en-us/library/windows/desktop/aa380515%28v=vs.85%29.aspx

The RC4 cipher has known vulnerabities, of course, but the main difference is that the non randomized CBC string of AES, Camellia and triple-DES can be unlocked in 20 minutes by the BEAST attack. To unlock the common 1024/2048bit RC4 cipher used by the worlwide bank sites you will waste your whole life.
o.O

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: km2
Date: September 28, 2011 05:11PM

Quote
margarita
TLS 1.O is known as SSL3.1.

Nice, I uderstand now. So.., it's a loop...

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: JamesD
Date: September 28, 2011 06:35PM

Maybe there will be enough uproar over BEAST that the site operators will begin to move to TLS 1.2. Or maybe that is wishful thinking.

I never used to worry about this before. I thought as long as the lock was closed, I was OK. If the URL bar is red and the lock is broken, that means there is not a good handshake for encryption - right?

@ margarita

The 1024 bit RC4 is not used by default in KM. I wonder why.



Edited 1 time(s). Last edit at 09/28/2011 06:37PM by JamesD.

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: gordon451
Date: September 28, 2011 07:32PM

Quote
JamesD
I thought as long as the lock was closed, I was OK. If the URL bar is red and the lock is broken, that means there is not a good handshake for encryption - right?

No. See my post earlier in this thread.

Always make sure you have amber in the URL bar, not red. You can check what the problem is by checking "Warnings When viewing a page with an encrypted/unencrypted mix" in Prefs>Privacy & Security>Encryption>>Encrypted Transmission: if the page contains mixed content, you will get a warning. No warning==broken security.

Gordon.

____________________
Gigabyte H61M-USB3-B3 r2.0, I5-2400 3.10GHz, 4GB RAM; W7HPx64 SP1, Lotus SmartSuite 9.8, K-Meleon74, Opera 12.17, IE9, Eudora 6.2, Foxit Reader 5.3.1.0606, PaintShop Pro 6.02, Avast! 7.0.1506
____________________
Sugar, greasy foods and Microsoft are dangerous to your health -- eat, drink and be merry!
____________________
Early to bed and early to rise makes a bloke crook, broke and stupid.

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: guenter
Date: September 28, 2011 09:52PM

Quote
Wikipedie sub voce TLS


All the most recent web browsers support TLS:

* Apple's Safari supports TLS, but it’s not officially specified which version.[33] On operating systems (Safari uses the TLS implementation of the underlying OS) like Mac OS X 10.5.8, Mac OS X 10.6.6, Windows XP, Windows Vista or Windows 7, Safari 5 has been reported to support TLS 1.0.[34]

* Mozilla Firefox, versions 2 and above, support TLS 1.0.[35] As of September 2011[update], Firefox does not support TLS 1.1 or 1.2.[36]

* Microsoft Internet Explorer always uses the TLS implementation of the underlying Microsoft Windows Operating System, a service called SChannel Security Service Provider. Internet Explorer 8 in Windows 7 and Windows Server 2008 R2 supports TLS 1.2. Windows 7 and Windows Server 2008 R2 use the same code (Microsoft Windows Version 6.1 (build 7600)) similar to how Windows Vista SP1 uses the same code as Windows 2008 Server.[37]

* As of Presto 2.2, featured in Opera 10, Opera supports TLS 1.2.[38]

* Google's Chrome browser supports TLS 1.0, but not TLS 1.1 or 1.2.[39]

So if You want TLS 1.1 & the more advanced 1.2 You must change to IE 8 on Win 7 or to Opera 10.

For the pages that support it - TLS 1.1 or better can at least be activated in these two browsers. Some other browsers that can use the TLS of the underlying OS can also use them.

But most web servers are Unix based & these have the OpenSSL usually tied in as default lib.

Since OpenSSL only supports TLS 1.0. It does not lead to much improvement on most sites even for these browsers. smiling smiley


Quote
German Wikipedia sub voce TLS
Die Weiterentwicklungen TLS 1.1 und 1.2 werden von keinem aktuellen Browser in der Standardkonfiguration unterstützt (kann im Internet Explorer und Opera aktiviert werden), und ist auf Servern so gut wie nirgends verfügbar, da es von der im Unix-Serverbereich als Quasi-Standard eingebundenen OpenSSL-Bibliothek nicht unterstützt wird.



Edited 1 time(s). Last edit at 09/29/2011 01:23AM by guenter.

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: JamesD
Date: September 29, 2011 02:56AM

I was searching for more information and found this document. I do no know how useful it is. I am still trying to read and understand. There is a link to a docx word document and one as html. I think the information about the Gecko engine we have is located on pages 24-26.

http://www.carbonwind.net/TLS_Cipher_Suites_Project/tls_ssl_cipher_suites_annex_a1_main.docx

http://74.6.238.254/search/srpcache?ei=UTF-8&p=security.ssl3.ecdh_ecdsa_rc4_128_sha&u=http://cc.bingj.com/cache.aspx?q=security.ssl3.ecdh_ecdsa_rc4_128_sha&d=4818906356712180&mkt=en-US&setlang=en-US&w=57ad1cc0,3f5950c0&icp=1&.intl=us&sig=I8V6lqCwNWHfDhqC0p.MBQ--

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: Curious
Date: September 29, 2011 04:12AM

"BTW, Opera 10+ implements TLS 1.2 natively. Of course, they do have other problems... "

which are...?

Re: TSL 1.2 Hackers break SSL encryption used by millions of sites
Posted by: margarita
Date: September 29, 2011 03:39PM

Internet Explorer 9 also supports TLS 1.1 and TLS 1.2 in Windows 7.
TLS 1.0 is also known as SSL3.1, TLS 1.1 as SSL3.2 and TLS1.2 as SSL3.3.

On September 23, 2011 researchers Thai Duong and Juliano Rizzo demonstrated a "proof of concept" called BEAST (using a Java Applet to violate "same origin policy" constraints) for a long-known Cipher block chaining (CBC) vulnerability in TLS 1.0.[5][6] Practical exploits had not been previously demonstrated for this vulnerability, which was originally discovered by Phillip Rogaway[7]. Google included a patch in development version of their Google Chrome web browser to mitigate BEAST-like attacks.[8] The TLS 1.0-specific BEAST attack can be prevented by removing all CBC ciphers from your list of allowed ciphers—leaving only the RC4 cipher, which is still widely supported on most websites.[9][10] Microsoft is releasing tools to support TLS 1.1 (which fixes this CBC attack vulnerability) on Microsoft servers and browsers.[11]

http://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_1.2_.28SSL_3.3.29

o.O

K-Meleon forum is powered by Phorum.