I just wanted to check if OpenWRT accepts Bitcoin or other crypto
https://www.spi-inc.org/projects/openwrt/
It sounds like I need to enable insecure stuff? I don't wish to take that risk
Again...this post provides little information.
I assume it means: "When I browse to the SPI website on Firefox, I'm told that the site doesn't support TLS 1.2; and I don't want to change by browser settings."
Do you want us to troubleshoot your Firefox browser???
No. I wish to report a bug. For me as a non-expert this looks like a bug
https://bugzilla.mozilla.org/enter_bug.cgi
???
Hummmmm....(From a previous thread, I leaned not to ask "really?" or "is this serious?").
(I honestly think they'll tell you to hit the "Enable TLS 1.0 and 1.1" button, like it says.)
Not a Mozilla issue, to the web server operator of www.spi-inc.org
https://www.ssllabs.com/ssltest/analyze.html?d=www.spi-inc.org
This server supports weak Diffie-Hellman (DH) key exchange parameters. Grade capped to B. MORE INFO »
The server supports only older protocols, but not the current best TLS 1.2 or TLS 1.3. Grade capped to C. MORE INFO »
This server does not support Forward Secrecy with the reference browsers. Grade capped to B. MORE INFO »
This server does not support Authenticated encryption (AEAD) cipher suites. Grade capped to B. MORE INFO »
This server supports TLS 1.0. Grade capped to B. MORE INFO »
1 Like
So you want every owner of web servers on planet Earth to enable TLS 1.2 for you...because you deem it a bug...due to your position as a "non-expert"???
Is this making sense to anyone else...?
1 Like
Let's wait what others comment, maybe I am wrong.
But for you I recommend more sleep and offline times. It doesn't matter which time I am online, a few minutes later you are also online.
1 Like
Paranoia. Just check my activity. I was gone about 24 hours. As far as I know, there's no means to see a logged in user.
You'll also see, I responded jokingly to a commercial discussion with the donation link you now present...how odd you now make this false claim that I proceeded you!!!
BTW...just like your false assertion, your error isn't that hard to prove either:
SPI does not take Bitcoin or other cryptocurrency. All of the methods to pay a donation are processed through third parties, which should have secure sites.
https://www.spi-inc.org/donations/
- Credit cards via Click&Pledge
- PayPal
- Amazon Smile
- Mailed checks (to NYC USA)
2 Likes
I really don't want to add noise to this discussion, but ... yeah, this is actually not a point of contention. TLS 1.0 (it's 21 years old!) and 1.1 are considered "weak" and being deprecated all over the board. All the major browsers announced deprecating it a long time ago, Firefox is now displaying a warning/interstitial and Chrome will be following with the next release (84). It really is an oversight that should be corrected by the server administrator.
6 Likes
Which has what to do with OpenWrt?
The issue is with the https://spi-inc.org not updating their Certificate suite on their server..
@Naftali, you can email SPI and let them know they aren't secure, although the may not need TLS-secured connections if they don't do any transactions - Donation links are external (as the site works fine without https)
For website related questions, please contact webmaster@spi-inc.org
2 Likes
spi-inc.com is using an obsolete protocol and should have switched to using TLS 1.2 plus better cipher and key exchange, etc. (Note TLS 1.3 is coming online soon as more servers get access to the appropriate libraries).
There is also problems with their security headers configuration but then that gets into consulting area for me.
1 Like
"although the may not need TLS-secured connections if they don't do any transactions" If they do that they may find in a couple of years time that very few people will be able to view their web site as the trend is for browsers to only support https in future.
1 Like
Oh, no doubt. Even Google assigns a lower rank to sites who are not TLS. However, they are using HTTPS, just with a depreciated suite. They may either not be aware (which is why i provided the information for it to be reported if it bothered @Naftali enough to do so), or they are doing it for compatibility issues, although it's getting harder and harder to justify things like that for compat with those who only used IE.
Still.. Not an issue with OpenWrt, which was the point considering the subject of this thread and the OP...
1 Like
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.