| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20041126224850.GL30987@charite.de> From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Subject: KDE's konqueror chooses low-security SSL ciphers by default Konqueror doesn't use the strongest cipher available if connecting using https. This was first spotted by Fridtjof Busse in http://bugs.kde.org/show_bug.cgi?id=86332 go there for the gory details. E.g. konqueror uses 128bit RC4-MD5 even if 256bit AES is supported on both sides. Firefox on the same machine automagically uses the strongest cipher (in this case AES-256). Problem: Instead of relying on the built-in autonegotation and auto-selection that OpenSSL offers, a hardcoded list of ciphers is being used. This list chooses low-strengh ciphers by default to be compatible with broken servers. This way, one cannot take neither take advantage of new ciphers (since recompilation is required), nor of the strongest encryption possible. Lutz J?nicke, OpenSSL developer says: "I do not think that I understand this mess. I don't like code that bypasses the given API (see the meth->get_cipher) access... man SSL_get_ciphers and friends may help. I would rather recommend to simply leave the cipher selection to the OpenSSL library (from time to time we do think about our default settings)... " -- Ralf Hildebrandt (i.A. des IT-Zentrum) Ralf.Hildebrandt@...rite.de Charite - Universit?tsmedizin Berlin Tel. +49 (0)30-450 570-155 Gemeinsame Einrichtung von FU- und HU-Berlin Fax. +49 (0)30-450 570-962 IT-Zentrum Standort CBF send no mail to spamtrap@...rite.de
Powered by blists - more mailing lists