Gigabyte: Worst SSL Labs report i ever see
Gigabyte: Worst SSL Labs report i ever see
Look this (Gigabyte account registration site): https://www.ssllabs.com/ssltest/analyze ... gabyte.com
-
- Pale Moon guru
- Posts: 35648
- Joined: 2011-08-28, 17:27
- Location: Motala, SE
Re: Gigabyte: Worst SSL Labs report i ever see
We need a world-wide ban on people still using IIS 6.0
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
-
- Astronaut
- Posts: 588
- Joined: 2015-06-01, 12:52
- Location: US Southeast
Re: Gigabyte: Worst SSL Labs report i ever see
Thanks for the reference site. I checked my own domains and while they rate an "A" there was good info about certs that will be distrusted soon.
-
- Board Warrior
- Posts: 1622
- Joined: 2015-07-23, 16:09
- Location: Norway
Re: Gigabyte: Worst SSL Labs report i ever see
Here's another 'F':
viewtopic.php?f=29&t=13638&p=104926#p97021
That post is more than one year old, and deal.no is still using the same damn outdated certificate!
The worst thing is that it's a very popular web shop with a lot of customers too, and most browsers accept their certificate without as much as a warning.
I've actually notified this web shop's support division several times regarding this issue, but they never even bothered to send me a reply!
viewtopic.php?f=29&t=13638&p=104926#p97021
That post is more than one year old, and deal.no is still using the same damn outdated certificate!
The worst thing is that it's a very popular web shop with a lot of customers too, and most browsers accept their certificate without as much as a warning.
I've actually notified this web shop's support division several times regarding this issue, but they never even bothered to send me a reply!
Last edited by Tomaso on 2018-01-15, 21:54, edited 3 times in total.
-
- Pale Moon guru
- Posts: 35648
- Joined: 2011-08-28, 17:27
- Location: Motala, SE
Re: Gigabyte: Worst SSL Labs report i ever see
Tomaso: deal.no gets an 'F' because they are vulnerable to the POODLE TLS attack -- their certificate is actually fine. Other browsers connect to it without complaints because they still accept 3DES and the certificate checks out. Pale Moon doesn't allow 3DES for https by default because of its weak nature and known issue with their small block size (SWEET32 birthday attack). Like many other sites they likely won't change anything until mainstream browsers can no longer connect (and then they will likely have it fixed in a day or 2). mainstream browsers however are simply afraid to "break the web" and are holding off on disabling 3DES because nobody wants to go first. And there we have a status quo.
Last edited by Moonchild on 2018-01-15, 22:12, edited 1 time in total.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
-
- Board Warrior
- Posts: 1622
- Joined: 2015-07-23, 16:09
- Location: Norway
Re: Gigabyte: Worst SSL Labs report i ever see
I know.Moonchild wrote:deal.no gets an 'F' because they are vulnerable to the POODLE TLS attack
Thought it was related to the certificate.
I'm not actually comparing it to the horrible example posted by dark_moon.
But still, like I've pointed out many times before; this is just another example of how difficult it is to get any response from web developers.
Contacting support services is good for most things, but as soon as you mention a web problem... Nothing!
Last edited by Tomaso on 2018-01-15, 22:56, edited 1 time in total.
-
- Pale Moon guru
- Posts: 35648
- Joined: 2011-08-28, 17:27
- Location: Motala, SE
Re: Gigabyte: Worst SSL Labs report i ever see
I actually opened a new bugzilla bug to request disabling 3DES in Firefox (surprised there was none yet in search).
The sites left aren't going to be responsive to tech evangelism. They simply have to be forced to improve by browsers no longer supporting their 15 year old server software that is woefully insecure.
The sites left aren't going to be responsive to tech evangelism. They simply have to be forced to improve by browsers no longer supporting their 15 year old server software that is woefully insecure.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
Re: Gigabyte: Worst SSL Labs report i ever see
Thanks Moonchild!
Please let us know how the answer
Please let us know how the answer