# Coping with broken TLS-1.0 / SSL-3.0

## depontius

The news has come out in the past day or so that TLS-1.0 / SSL-3.0 and earlier are effectively broken with a MITM attack against the encryption itself, not just the authentication.

I get the impression that this means "broken at the security researcher level", but that doesn't mean that criminal/fraud/crackers are necessarily far behind.  It appears to need malicious javascript to be running as part of the exploit.

So to cope, it seems to me:

1 - Be on a "safe" network, where you're sure nobody can get into the middle.

2 - Shut down the browser.

3 - Start the browser, and go directly to the site you want to do something secure with, and only to that site.

4 - Shut down the browser when you're done, and restart to do regular stuff again.

Of the list above, #1 looks the hardest.  I'm currently on a corporate network, so I think I'm safe to that.  I suspect that at home I'm safe on Comcast's network, as long as no rogue DHCP server intercepted me and became a general MITM.  But Comcast is pretty careful about that kind of thing.  I suspect Comcast of Evil, but it's TOS Evil and other higher-level Evils, not fraud or this kind of MITM Evil.  

I suspect that this means that even HTTPS-everywhere doesn't mean safety on open wifi.  I suspect the only true safety is VPN to a trustworthy network.

Comments/thoughts?

----------

## cach0rr0

we have a thread going on about this over on OTW at the moment

i think a lot of this is overhyped/overblown. Researchers trying to make a name for themselves and whatnot (though, I don't begrudge them for doing so)

This attack vector is relatively old, known about, and a good chunk of people have been sitting on a fix waiting for a real-world exploit to come about before they released it. 

Opera with default settings is not vulnerable. Chrom(e|ium) has had a fix for some time, which they're to push out shortly. Firefox with noscript is unaffected. Even newer IE is unaffected. 

Further to that, the fix they have for Chrome isn't even a bump up from TLSv1 to 1.2 - it's still old TLSv1(.0)

Crypto implementations get broken regularly, which is what this is - it's not "broken encryption" as some of the sensationalist press have hinted at. 

And the simplicity of actually becoming MITM in order to even have *access* to carry out this attack has been hugely, hugely overstated. ISP's, Governments, and corporate network overlords, yes, they can do it. Someone who hacks their way into your wireless router and manages to get his code to run, yes, he could do it. But the risk is somewhat minimal

IMHO simply not worth all the panic. Yes, it should be taken seriously, as all issues of this nature should. But it's not nearly the drama or catastrophe the people behind BEAST, and the press reporting on it, have made it out to be.

----------

