The TOR browser is now using search.disconnect.me as the default search engine. I noticed they were offering TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33) with 1024 bits Diffie-Hellman key exchange and using common primes.
The client would have to elect to use this weak cipher or be downgraded to use it.
This is a nation state level threat allowing passive eavesdropping. Leaked agency documents point to this having been achieved.
The vulnerability and threat is explained at weakdh if your not familiar with it. I notified disconnect.me on the 4th Jan 2016. They responded immediately and fixed it on the 8th Feb 2016. Other than this little hick-up they look good to me!
Nathan
Thank You