Ubuntu
chromium-browser package

chromium-browser still supports insecure RC4?!

Asked by Tim Beil on 2014-01-03

Dear Sirs,

I learned the RC4 encryption is considerd as insecure. I saw at https://cc.dcsec.uni-hannover.de/ that chromium-browser still supports several kinds of RC4 support.

To stop chromium-browser doing that, one has to add
chromium-browser --cipher-suite-blacklist=0x0004,0x0005,0xc011,0xc007 %U
as start command.

I propose to switch off insecure RC4 - protocolls as default.

Regards
Tim Beil

Question information

Language:: English Edit question

Status:: Answered

For:: Ubuntu chromium-browser Edit question

Assignee:: No assignee Edit question

Last query:: 2014-01-03

Last reply:: 2014-01-03

Link existing bug

Revision history for this message

actionparsnip (andrew-woodhead666) said on 2014-01-03:

I suggest you run:

ubuntu-bug chromium-browser

and report the bug

Can you help with this problem?

Provide an answer of your own, or ask Tim Beil for more information if necessary.

To post a message you must log in.

Ask a question

Edit question

Ubuntuchromium-browser package

chromium-browser still supports insecure RC4?!

Question information

Related bugs

Related FAQ:

Can you help with this problem?

Subscribers

Ubuntu
chromium-browser package