Firefox 10.0 SSL/TLS vulnerability

[Deleted User] · 2012-02-04 09:59:57

Since the Beast attack last September 2011 with CA's being hijacked, SSL/TLS no longer appears secure. The TLS 1.0 protocol may allow an attacker to decrypt encrypted traffic posing as a man-in-the-middle. Part of the solution was to upgrade from TLS 1.0 to the 1.2 protocol, but FF10.0 still shows TLS 1.0 when you open…

04-02-2012 09:59AM

#1

[Deleted User]
Posts: 0 CMod ✭✭✭✭

Join Date: -

Posts: 0

Since the Beast attack last September 2011 with CA's being hijacked, SSL/TLS no longer appears secure. The TLS 1.0 protocol may allow an attacker to decrypt encrypted traffic posing as a man-in-the-middle.

Part of the solution was to upgrade from TLS 1.0 to the 1.2 protocol, but FF10.0 still shows TLS 1.0 when you open Options>Encryption, so the vulnerability persists.

Has anyone solved this problem for FF10.0? How?

0