HelioHost Posted April 28, 2018 Posted April 28, 2018 Tommy now supports forward secrecy. Without forward secrecy if someone recorded all of your encrypted communications, and then some day was able to crack the encryption they would be able to decrypt all of the recorded data as well. With forward secrecy enabled a new key is used for each communication so an attacker would have to crack each message individually. You can read more about forward secrecy at https://en.wikipedia.org/wiki/Forward_secrecy You can test your site at https://www.ssllabs.com/ssltest/ This change on Tommy may affect people using older operating systems and older browsers. If things stop working for you let us know and if enough people have the same issue we may be forced to revert the change. Let us know if it's working for you.
ziad87 Posted April 28, 2018 Posted April 28, 2018 Very nice! And now I got an A on ssllabs SSL test!
ziad87 Posted April 29, 2018 Posted April 29, 2018 The only thing is that I don't have a dedicated IP.But that only affects Internet Explorer on Windows XP.I don't think that will affect many people as its unsupported anyways
Krydos Posted April 29, 2018 Posted April 29, 2018 When we released HelioMine https://www.heliohost.org/heliomine/ we found out that a surprisingly large number of people still use windows xp, but yeah they really shouldn't be anymore. It's been discontinued for a very long time.
wolstech Posted April 30, 2018 Posted April 30, 2018 WinXP is also surprisingly popular for embedded devices despite its age...things get installed and never replaced until failure. Vendors also love to crank out the same things year after year in that world despite being obsolete right off the line. Source: Helpe install some brand new control equipment running XP for my job two week ago. :-/ Manufactured December 2017...
ziad87 Posted April 30, 2018 Posted April 30, 2018 (edited) Well there's thatThe other day I do recall seeing an ATM booting WinXP And it was manufactured 2017? Oh wow. Microsoft should make an upgrade program for machines like that Edited April 30, 2018 by ziad0
wolstech Posted April 30, 2018 Posted April 30, 2018 Yeah, 2017. Most don't realize that XP POSReady and XP Embedded are still supported until 2020. In fact, if you change a registry setting on a regular Windows xp computer, it will happily utilize the additional 6 years of security updates meant for posready.
Piotr GRD Posted April 30, 2018 Posted April 30, 2018 (...) But that only affects Internet Explorer on Windows XP. (...) Internet Explorer on Windows XP do not support SNI, so it does not really matter on a shared webhost like HelioHost if it support Forward Secrecy or not. From my end:XP + Firefox 3.6 = worksXP + Opera 12 = worksXP + (Chrom)Opera 30 = works Offtopic:Yes, I am still using Windows XP. And as long as everything that I need works on it, I will still use it. Later on, when in the future it will really by unusable I may consider Windows 7 or some distribution of Linux. No, I don't need up to date system or software, software from 2000-2005 has all functionality that I need or want, except of web browsers. I even prefer older software because it works good on old hardware, it needs less disk space, less memory, accept slower CPUs, does not need advanced GPUs. And as long as old hardware still works, I see no reason in replacing it. There's enough trash and we use more resources of this planet than we should already, I don't need to add my trash and use my part of planet resources
ziad87 Posted April 30, 2018 Posted April 30, 2018 That's what I meant about winXP that it doesn't support SNI
Recommended Posts