[tbb-bugs] #18274 [Tor Browser]: 3DES_EDE_CBC cipher is vulnerable in the current TBB configuration!
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Feb 7 21:51:46 UTC 2016
#18274: 3DES_EDE_CBC cipher is vulnerable in the current TBB configuration!
------------------------------------------------+--------------------------
Reporter: bugzilla | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Tor Browser | Version:
Severity: Major | Resolution:
Keywords: tbb-security, TorBrowserTeam201602 | Actual Points:
Parent ID: | Points:
Sponsor: |
------------------------------------------------+--------------------------
Comment (by bugzilla):
Indeed, Mozilla has "Disable TLS False Start for non-ECDHE key exchange"
bug fixed. But after SLOTH and Logjam can we trust them? And why do we
need this weak cipher suite at all?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18274#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list