[opensuse-security] Weired result of a ssl test page with my 42.3 Leap laptop (Lenovo)
Given the problems of spyware installed on Lenovo I checked time ago on badssl with a page controlling for superfish etc. This is now running on https://badssl.com/dashboard/ When I run that page, all is OK but one value that comes out faulty. AFAIU my system responds (with FF) to a page in a way it shouldn't. Exactly with a DH1024. Which reads on the site as: This site uses an ephemeral Diffie-Hellman key exchange over a 1024-bit group. I looked it up in Google but did find only that this has been a problem in the past. Could anybody inform me if this is: a) a Leap problem b) a FF problem c) a problem of my laptop (e.g. Intel Management Engine Interface? - it shouldn't as it has been deactivated in the BIOS). Maybe someone could check if this happens on other Leap systems (time ago that was the same with konqueror which was vulnerable to poodle (apparently via QT webkit if I did understand well, that should be fixed however). Thank you. Mit freenet Mail sicher kommunizieren! [https://email.freenet.de/emig/index.html?utm_medium=Text&utm_source=Footersatz&utm_campaign=Footersatz_Sicherheit170207&epid=e9900000699&utm_content=Text] Wir garantieren Ihnen verschlüsselte Datenübertragung & Datenspeicherung auf deutschen Servern - E-Mail made in Germany! -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org
Hi I don't think this is something to be overly concerned by, DH1024 is considered weak but there are no practical attacks that I'm aware off. On Wed, Aug 2, 2017 at 6:54 PM, <stakanov@freenet.de> wrote:
Given the problems of spyware installed on Lenovo I checked time ago on badssl with a page controlling for superfish etc. This is now running on
When I run that page, all is OK but one value that comes out faulty. AFAIU my system responds (with FF) to a page in a way it shouldn't. Exactly with a DH1024. Which reads on the site as:
This site uses an ephemeral Diffie-Hellman key exchange over a 1024-bit group.
I looked it up in Google but did find only that this has been a problem in the past. Could anybody inform me if this is: a) a Leap problem b) a FF problem
Looks to be an FF problem, I can replicate on my Tumbleweed and Android FF installs. There seems to be a bug open: https://bugzilla.mozilla.org/show_bug.cgi?id=1367617 On Tumbleweed I can't replicate the fail in Chrome I suggest you also have a look at: https://www.ssllabs.com/ssltest/viewMyClient.html
c) a problem of my laptop (e.g. Intel Management Engine Interface? - it shouldn't as it has been deactivated in the BIOS).
Maybe someone could check if this happens on other Leap systems (time ago that was the same with konqueror which was vulnerable to poodle (apparently via QT webkit if I did understand well, that should be fixed however).
Konqueror does not come off well in the badssl site.
Thank you.
Regards, Chris -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org
participants (2)
-
Chris Ellis -
stakanov@freenet.de