Jump to content


Photo

Forward Secrecy


  • Please log in to reply
10 replies to this topic

#1 HelioHost

HelioHost

    Announcements

  • Moderators
  • 5,077 posts
  • Gender:Not Telling

Posted 28 April 2018 - 09:05 PM

Tommy now supports forward secrecy. Without forward secrecy if someone recorded all of your encrypted communications, and then some day was able to crack the encryption they would be able to decrypt all of the recorded data as well. With forward secrecy enabled a new key is used for each communication so an attacker would have to crack each message individually. You can read more about forward secrecy at https://en.wikipedia...Forward_secrecy You can test your site at https://www.ssllabs.com/ssltest/ This change on Tommy may affect people using older operating systems and older browsers. If things stop working for you let us know and if enough people have the same issue we may be forced to revert the change. Let us know if it's working for you.
This is an unmonitored account for announcements only.
Wiki | Facebook | Twitter
Posted ImagePosted ImagePosted Image
Posted ImagePosted ImagePosted Image

#2 ziad87

ziad87

    Rank III Member

  • Members
  • PipPipPip
  • 171 posts
  • Gender:Male

Posted 28 April 2018 - 09:47 PM

Very nice! And now I got an A on ssllabs SSL test!


~Ziad "He likes to play with WHM / Cpanel, and he totally messed it up fixed it." server_uptime_t.gifserver_load_t.gif

What? I did nothing wrong! :rolleyes:  Server: Tommy, domain ziad87.heliohost.org, user ziad87

 
 


#3 Luigi123

Luigi123

    Rank X Member

  • Moderators
  • 1,532 posts
  • Gender:Male
  • Location:Winnipeg, Manitoba, Canada

Posted 28 April 2018 - 11:58 PM

Same with me.

server_load_s.gifserver_load_j.gifserver_load_t.gif
server_uptime_s.gifserver_uptime_j.gifserver_uptime_t.gif

 


#4 ziad87

ziad87

    Rank III Member

  • Members
  • PipPipPip
  • 171 posts
  • Gender:Male

Posted 29 April 2018 - 09:57 PM

The only thing is that I don't have a dedicated IP.

But that only affects Internet Explorer on Windows XP.

I don't think that will affect many people as its unsupported anyways


~Ziad "He likes to play with WHM / Cpanel, and he totally messed it up fixed it." server_uptime_t.gifserver_load_t.gif

What? I did nothing wrong! :rolleyes:  Server: Tommy, domain ziad87.heliohost.org, user ziad87

 
 


#5 Krydos

Krydos

    Rank X Member

  • Root Admin
  • 18,179 posts
  • Gender:Male

Posted 29 April 2018 - 11:41 PM

When we released HelioMine https://www.heliohost.org/heliomine/ we found out that a surprisingly large number of people still use windows xp, but yeah they really shouldn't be anymore. It's been discontinued for a very long time.

#6 wolstech

wolstech

    Rank X Member

  • Root Admin
  • 10,588 posts
  • Gender:Male
  • Location:Pennsylvania

Posted 30 April 2018 - 01:12 AM

WinXP is also surprisingly popular for embedded devices despite its age...things get installed and never replaced until failure. Vendors also love to crank out the same things year after year in that world despite being obsolete right off the line.

Source: Helpe install some brand new control equipment running XP for my job two week ago. :-/ Manufactured December 2017...

Please do not PM me for support. Posting on our forums lets all of us learn.
Do you play Minecraft? | Server Monitors | And the Dumbass of the Decade award goes to...


#7 ziad87

ziad87

    Rank III Member

  • Members
  • PipPipPip
  • 171 posts
  • Gender:Male

Posted 30 April 2018 - 08:25 AM

Well there's that

The other day I do recall seeing an ATM booting WinXP

 

And it was manufactured 2017? Oh wow. Microsoft should make an upgrade program for machines like that


Edited by ziad0, 30 April 2018 - 08:27 AM.

~Ziad "He likes to play with WHM / Cpanel, and he totally messed it up fixed it." server_uptime_t.gifserver_load_t.gif

What? I did nothing wrong! :rolleyes:  Server: Tommy, domain ziad87.heliohost.org, user ziad87

 
 


#8 wolstech

wolstech

    Rank X Member

  • Root Admin
  • 10,588 posts
  • Gender:Male
  • Location:Pennsylvania

Posted 30 April 2018 - 09:54 AM

Yeah, 2017. Most don't realize that XP POSReady and XP Embedded are still supported until 2020. In fact, if you change a registry setting on a regular Windows xp computer, it will happily utilize the additional 6 years of security updates meant for posready.

Please do not PM me for support. Posting on our forums lets all of us learn.
Do you play Minecraft? | Server Monitors | And the Dumbass of the Decade award goes to...


#9 ziad87

ziad87

    Rank III Member

  • Members
  • PipPipPip
  • 171 posts
  • Gender:Male

Posted 30 April 2018 - 04:33 PM

Oh yeah, I forgot about that


~Ziad "He likes to play with WHM / Cpanel, and he totally messed it up fixed it." server_uptime_t.gifserver_load_t.gif

What? I did nothing wrong! :rolleyes:  Server: Tommy, domain ziad87.heliohost.org, user ziad87

 
 


#10 Piotr GRD

Piotr GRD

    Rank IV Member

  • Contributors
  • 215 posts
  • Location:Stettin, Poland (Szczecin, Polska)

Posted 30 April 2018 - 06:13 PM

(...) But that only affects Internet Explorer on Windows XP. (...)

 

Internet Explorer on Windows XP do not support SNI, so it does not really matter on a shared webhost like HelioHost if it support Forward Secrecy or not.

 

From my end:

XP + Firefox 3.6 = works

XP + Opera 12 = works

XP + (Chrom)Opera 30 = works

 

 

Offtopic:

Yes, I am still using Windows XP. And as long as everything that I need works on it, I will still use it. Later on, when in the future it will really by unusable I may consider Windows 7 or some distribution of Linux. No, I don't need up to date system or software, software from 2000-2005 has all functionality that I need or want, except of web browsers. I even prefer older software because it works good on old hardware, it needs less disk space, less memory, accept slower CPUs, does not need advanced GPUs. And as long as old hardware still works, I see no reason in replacing it. There's enough trash and we use more resources of this planet than we should already, I don't need to add my trash and use my part of planet resources



#11 ziad87

ziad87

    Rank III Member

  • Members
  • PipPipPip
  • 171 posts
  • Gender:Male

Posted 30 April 2018 - 09:34 PM

That's what I meant about winXP that it doesn't support SNI


~Ziad "He likes to play with WHM / Cpanel, and he totally messed it up fixed it." server_uptime_t.gifserver_load_t.gif

What? I did nothing wrong! :rolleyes:  Server: Tommy, domain ziad87.heliohost.org, user ziad87

 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users