Tor Search Engine Offers Weak SSL/TLS Ciphers

The TOR browser is now using search.disconnect.me as the default search engine. I noticed they were offering TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33) with 1024 bits Diffie-Hellman key exchange and using common primes.

The client would have to elect to use this weak cipher or be downgraded to use it.

This is a nation state level threat allowing passive eavesdropping. Leaked agency documents point to this having been achieved.

The vulnerability and threat is explained at weakdh if your not familiar with it. I notified disconnect.me on the 4th Jan 2016. They responded immediately and fixed it on the 8th Feb 2016. Other than this little hick-up they look good to me!

Nathan

CATEGORIES
  • root says:

    Thank You

  • >