info@qualityplusconsulting.com l +1 262-553-6510

Special note for Ubuntu users

Breakfast Bytes podcasts are streaming MP3. In order for Firefox on Ubuntu to play the streaming MP3, install the GStreamer extra plugins that list MP3 as one of the supported formats. GStreamer can be obtained through the Ubuntu Software Center.

Breakfast Bytes - Security Protocols and Ciphers

9/14/2018

Security Protocols and Ciphers

Educate yourself about the dangers of 5G radiation to human health

MP3 - Security Protocols and Ciphers

 

 

Security Protocols and Ciphers for HTTPS and VPNs

HTTPS uses security protocols and ciphers, but only a few of them are acceptable anymore. Too many websites, critical services, and VPN connections are still using fully deprecated protocols and ciphers.

As of 4/30/2014, NIST in the SP-800 guidance set published that TLS 1.1 should be the minimum used.
https://www.nist.gov/news-events/news/2014/04/nist-revises-guide-use-transport-layer-security-tls-networks

Therefore anything not running at least TLS 1.1 more than four years later is an indication that those who provide that equipment or service do not care about keeping their systems consistent with international security standards.
The need to migrate off of TLS 1.0 has been known for more than four years.

Most government resources disabled TLS 1.0 in February 2017 because of the insecurity of it as a protocol.
https://en.wikipedia.org/wiki/Transport_Layer_Security

PCI, Hitech security act, GLBA, and most other regulation called for TLS 1.0 to be disabled as of June 2018.
https://www.comodo.com/e-commerce/ssl-certificates/tls-1-deprecation.php

Microsoft is turning off all TLS prior to 1.2 in October 2018.

https://www.nationalmerchants.com/payment-processing/not-upgrading-from-tls-1-0-may-cost-merchants-money/

Trend disabled TLS 1.0 in March 2017.
https://success.trendmicro.com/solution/1116591-tls-1-0-will-be-disabled-on-march-4-2017

 

DNS Rebinding attacks

https://en.wikipedia.org/wiki/DNS_rebinding
 
 
 
Linkedin