Gigabyte: Worst SSL Labs report i ever see
Posted: 2018-01-14, 10:56
Look this (Gigabyte account registration site): https://www.ssllabs.com/ssltest/analyze ... gabyte.com
Pale Moon forum
Discussion forum for the Pale Moon web browser
https://forum.palemoon.org/
Gigabyte: Worst SSL Labs report i ever see
Page 1 of 1
Re: Gigabyte: Worst SSL Labs report i ever see
Posted: 2018-01-14, 19:22
We need a world-wide ban on people still using IIS 6.0
Re: Gigabyte: Worst SSL Labs report i ever see
Posted: 2018-01-15, 15:33
Thanks for the reference site. I checked my own domains and while they rate an "A" there was good info about certs that will be distrusted soon.
Re: Gigabyte: Worst SSL Labs report i ever see
Posted: 2018-01-15, 21:52
Here's another 'F':
viewtopic.php?f=29&t=13638&p=104926#p97021
That post is more than one year old, and deal.no is still using the same damn outdated certificate!
The worst thing is that it's a very popular web shop with a lot of customers too, and most browsers accept their certificate without as much as a warning.
I've actually notified this web shop's support division several times regarding this issue, but they never even bothered to send me a reply!
viewtopic.php?f=29&t=13638&p=104926#p97021
That post is more than one year old, and deal.no is still using the same damn outdated certificate!
The worst thing is that it's a very popular web shop with a lot of customers too, and most browsers accept their certificate without as much as a warning.
I've actually notified this web shop's support division several times regarding this issue, but they never even bothered to send me a reply!
Re: Gigabyte: Worst SSL Labs report i ever see
Posted: 2018-01-15, 22:11
Tomaso: deal.no gets an 'F' because they are vulnerable to the POODLE TLS attack -- their certificate is actually fine. Other browsers connect to it without complaints because they still accept 3DES and the certificate checks out. Pale Moon doesn't allow 3DES for https by default because of its weak nature and known issue with their small block size (SWEET32 birthday attack). Like many other sites they likely won't change anything until mainstream browsers can no longer connect (and then they will likely have it fixed in a day or 2). mainstream browsers however are simply afraid to "break the web" and are holding off on disabling 3DES because nobody wants to go first. And there we have a status quo.
Re: Gigabyte: Worst SSL Labs report i ever see
Posted: 2018-01-15, 22:53
I know.Moonchild wrote:deal.no gets an 'F' because they are vulnerable to the POODLE TLS attack
Thought it was related to the certificate.
I'm not actually comparing it to the horrible example posted by dark_moon.
But still, like I've pointed out many times before; this is just another example of how difficult it is to get any response from web developers.
Contacting support services is good for most things, but as soon as you mention a web problem... Nothing!
Re: Gigabyte: Worst SSL Labs report i ever see
Posted: 2018-01-16, 12:52
I actually opened a new bugzilla bug to request disabling 3DES in Firefox (surprised there was none yet in search).
The sites left aren't going to be responsive to tech evangelism. They simply have to be forced to improve by browsers no longer supporting their 15 year old server software that is woefully insecure.
The sites left aren't going to be responsive to tech evangelism. They simply have to be forced to improve by browsers no longer supporting their 15 year old server software that is woefully insecure.
Re: Gigabyte: Worst SSL Labs report i ever see
Posted: 2018-01-18, 19:21
Thanks Moonchild!
Please let us know how the answer
Please let us know how the answer