aeris22’s avataraeris22’s Twitter Archive—№ 55,590

      1. …in reply to @TutanotaTeam
        @TutanotaTeam @burgniylf False. Without attack, the better suite is selected. But with an attacker trying a downgrade attack, he can force any client supporting […]
        Permalink On twitter.com Twitter logo aeris22’s avatar Mood 0
    1. …in reply to @aeris22
      @TutanotaTeam @burgniylf 3DES, *even if not the best available* to use this cipher suite. TLS handshake is not authenticated, so supported ciphers suites is not too.
      Permalink On twitter.com Twitter logo aeris22’s avatar Mood +5 🙂
  1. …in reply to @aeris22
    @TutanotaTeam @burgniylf So any people able to modify packets between you and your client (people on the same public wifi, on 3G, NSA, etc) can modify packets to […]
    On twitter.com Twitter logo aeris22’s avatar Mood 0
    1. …in reply to @aeris22
      @TutanotaTeam @burgniylf spoof your cipher suites and to force the targeted client to downgrade to 3DES…
      Permalink On twitter.com Twitter logo aeris22’s avatar Mood 0
      1. …in reply to @aeris22
        @TutanotaTeam @burgniylf Supporting weak cipher suite is also putting at risk people with stronger one too. The only way to be safe is to totally remove weak cipher.
        Permalink On twitter.com Twitter logo aeris22’s avatar ❤️ 1 Favorite Mood -2 🙁