If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)

Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Firefox 10.0 SSL/TLS vulnerability

Black Swan · 2012-02-04 09:59:57

Since the Beast attack last September 2011 with CA's being hijacked, SSL/TLS no longer appears secure. The TLS 1.0 protocol may allow an attacker to decrypt encrypted traffic posing as a man-in-the-middle. Part of the solution was to upgrade from TLS 1.0 to the 1.2 protocol, but FF10.0 still shows TLS 1.0 when you open…

Options

04-02-2012 10:59am

#1

Black Swan

Moderators, Category Moderators, Science, Health & Environment Moderators, Society & Culture Moderators Posts: 47,223 CMod ✭✭✭✭

Join Date: April 2006

Posts: 36369

Since the Beast attack last September 2011 with CA's being hijacked, SSL/TLS no longer appears secure. The TLS 1.0 protocol may allow an attacker to decrypt encrypted traffic posing as a man-in-the-middle.

Part of the solution was to upgrade from TLS 1.0 to the 1.2 protocol, but FF10.0 still shows TLS 1.0 when you open Options>Encryption, so the vulnerability persists.

Has anyone solved this problem for FF10.0? How?

0