maemo.org - Talk - View Single Post

	Halftux	2020-03-31 , 13:16
	Posts: 878 \| Thanked: 2,535 times \| Joined on Feb 2012 @ Germany	#70

As a reminder if you are using microb with tls 1.0, by using https requests or without a proxy, you could make it a little bit more secure by removing certificates and disabling some ciphers and ssl3.

Removing certificates

chrome://pippki/content/certManager.xul

Disabling ciphers and ssl3 search for: ssl3

about:config

You could also edit /home/user/.mozilla/microb/prefs.js for disabling ssl3 and unsecure rc4 ciphers.

Code:

user_pref("security.enable_ssl3", false);
user_pref("security.ssl3.rsa_fips_with_3des_ede_cbc_sha", false);
user_pref("security.ssl3.ecdh_ecdsa_rc4_128_sha", false);
user_pref("security.ssl3.ecdh_rsa_rc4_128_sha", false);
user_pref("security.ssl3.ecdhe_ecdsa_rc4_128_sha", false);
user_pref("security.ssl3.ecdhe_rsa_rc4_128_sha", false);
user_pref("security.ssl3.rsa_rc4_128_md5", false);
user_pref("security.ssl3.rsa_rc4_128_sha", false);

For changing the user agent you could use "hide user agent" or "User Agent Tool" aswell in about:config general.useragent.vendor.

If you are using the proxy and wonna disable old https behavior you should add a https proxy 127.0.0.1:44 for example which points to nowhere. So that these requests can't get to the outside. But this will effect not only microb it is temporaly a solution, and also not really needed!!! Maybe you could add only the proxy to about:config or you need to setup a https proxy with ssl bump.

__________________
N900: gpxsee, fahrplan, gpscon, genwall, qrcode, hextool, libjansson4, libevent-2.0-5, cnee, psi-plus, mihphoto, shc

Maemo flasher/rescue live image.
Fremantle Harmattan SDK VM

Last edited by Halftux; 2020-04-01 at 12:01.

Quote & Reply |

The Following 2 Users Say Thank You to Halftux For This Useful Post:
juiceme, Maemish