-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 20.04.2014 18:40, Matti Nykyri wrote: > On Apr 20, 2014, at 15:38, Mick <michaelkintz...@gmail.com> wrote: > >> On Sunday 20 Apr 2014 10:10:42 Dale wrote: >> >> Just a 1/3 of all websites offer TLSv1.2 at the moment and hardly >> any public sites offer it as an exclusive encryption protocol, >> because they would lock out most of their visitors. This is >> because most browsers do not yet support it. MSWindows 8.1 MSIE >> 11 now offers TLSv1.2 by default and has dropped the RC4 cipher >> (since November last year). I understand they are planning to >> drop SHA-1 next Christmas and have already dropped MD5 because of >> the Flame malware. This should push many websites to sort out >> their encryption and SSL certificates and move away from using >> RC4 and SHA1 or MD5. As I said RC4 has been reverted to by many >> sites as an immediate if interim defence against the infamous >> BEAST and Lucky Thirteen attacks. > > This is a problem all Microsoft's customers are facing.
Take a look on Linux Distros from 2000 when WinXP has been developed, and you'll see, that the Linux Distros weren't better in this. Same for the time when WinVista was developed, and the same for Win7 and Win8. So don't blame Microsoft for things that they did as good as everybody else did, that would be unfair. > Anyways I just wonder who trusts software whose source code isn't > open and and reviewed by a large community that don't have a > financial interest on you. Ouch, wrong argument, realy! Nobody in the large opensource community had ever reviewed the heartbeat code in more than two years. This was not a harmless bug in a mostly unused library, it was a realy big issue in one of the most used library in the world and *nobody* saw it. Has openssl ever been carefully audited? I don't think so and i bet that there are more heartbleed like bugs in openssl. On the other hand schannel (the Windows cryptolib) is regularly audited. Sorry, but the large opensource community is blind on both eyes, whereas the closed source community is only blind on one eye. - -- Kind Regards, Mit freundlichen GrĂ¼ssen, Markus Kohlmeyer Markus Kohlmeyer PGP: 0xEBDF5E55 / 2A22 1F71 AA70 1AD1 231B 0178 759F 407C EBDF 5E55 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQIcBAEBCgAGBQJTVAHEAAoJEHWfQHzr315VBREP/11tSjfwXJEOmJ4kC/PG+8lj LN1vb/vMLWDny7HaTYRqCX8k49rhLCXTXeCB5sb10qeUX3rtqrudrYc/sGwI/H3E euhiU4oGK4YLDEQkXQDtFaSjpV0hayNQZruiz7x1mFO5FB05IqBmbSmxZLgKndE/ ydRevZPjvX475yVQ8YBsZRlLP8JQnOfec+4pxh8X+pq8/7THWOpdMqmaXdHwZVkM p0aZX3NBKQyFCtV/JTriQ/ByRC3OfDQbPY75qup13kr74B1222EGFpStU7TGedgR A+N36/9VrH/DCObQ78c8hsDfjLgRE5eJXBuYlL9dznKM68DrXGVP3hRkvuRozdQx KlNeQalkVd2p561dY0m92sCqitQIlTJ4uYEMeo4uIURYfBecQz/21Hk4cAATd+Yo IFamC3N8lO/iww4JsAzPgaywi2mkBzxH5o0jmSjmUW/aq/Mype7FADE9yFBNYr9P +E/d8AItXM7ouVfE2n55iz7i8wKIeyxZ2Ob1JMP0Bidxv9haihYMA6VYlmkryPmk TtR+oLxsGywRz21rBghOvzuyy7cyfBX2uHCo55VmxYIVGMfnYKF4ww/5iomgVtwp wTRo8JYPu8ixW9GAwtfoydEr4N4WMWyqHveNX+YqQMiQqlz2U1MieL/ILyHplRh8 PU4uCElXb5sYR6/w0KEV =5FIt -----END PGP SIGNATURE-----
