mozilla :: #security

16 Mar 2017
05:47b0tttjr: Hi
13:56snorpdveditz: I think we can just close bug 1341590, any concerns?
13:56firebothttps://bugzil.la/1341590 UNCONFIRMED, nobody@mozilla.org potentially malicious files are downloaded without asking
15:40tjrhttps://www.us-cert.gov/ncas/alerts/TA17-075A
15:41tjr"HTTPS Interception Weakens TLS Security"
15:41tjrUnfortunetly it backs away from saying "Just don't do it"
20:05jcjmwobensmith: Do you recall if there were any SHA1 TLS canary runs before January? (I only see the one in the description on tlscanary.m.o)
20:37mwobensmithjcj: No, the first run I did for SHA1 was on Jan 16.
20:38jcjOK, thanks mwobensmith!
20:54ulfrjcj: mwobensmith: made me curious... here's alexa top 100k as of a few days ago https://gist.github.com/jvehent/8014e26ed8c6adf8dd6e4193fe54a7d9
20:55Peng_"8 | MD5WithRSA" ...
20:57ulfrfor real! https://getpaint.net
17 Mar 2017
No messages
   
Last message: 158 days and 12 hours ago