Tor Search Engine Offers Weak SSL/TLS Ciphers

December 23, 2021 / By

The TOR browser is now using search.disconnect.me as the default search engine. I noticed they were offering TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33) with 1024 bits Diffie-Hellman key exchange and using common primes.

The client would have to elect to use this weak cipher or be downgraded to use it.

This is a nation state level threat allowing passive eavesdropping. Leaked agency documents point to this having been achieved.

The vulnerability and threat is explained at weakdh if your not familiar with it. I notified disconnect.me on the 4th Jan 2016. They responded immediately and fixed it on the 8th Feb 2016. Other than this little hick-up they look good to me!

Nathan

Level Up in Cyber Security: Join Our Membership Today!

vip cta image
vip cta details
FIND OUT MORE
  • Nathan House

    Nathan House is the founder and CEO of StationX. He has over 25 years of experience in cyber security, where he has advised some of the largest companies in the world. Nathan is the author of the popular "The Complete Cyber Security Course", which has been taken by over half a million students in 195 countries. He is the winner of the AI "Cyber Security Educator of the Year 2020" award and finalist for Influencer of the year 2022.

    View all posts

Related Articles

  • root says:
    February 10, 2016 at 5:36 am

    Thank You

    Reply
    • >