Re: Forum doesn't support TLS renegotiation?

A similar (known) problem was reported by Deviant Ollam a while back.

A word of warning, in case you don't know... Opera Mini effectively does a "Man-in-the-Middle" service interruption when you use it to visit sites over https. What they have claimed they do is provide encryption from your Opera Mini Client to one of their servers, then their server requests the page and content for you and the opera server in the middle can see your plain-text content you GET or POST, and the replies from the server you want to talk to. Their idea is to have encrypted content from the server you want to talk to them, then again from them to your client, but it is not truly "end-to-end" encryption , but if it works as they have claimed, means only encrypted content on wires, but unencrypted content in memory and maybe disk on the server that your Opera Mini client connects to to ask be your https proxy for you.

On Android 4.1, 4.2 devices I've tested recently, the default browser worked, and so does Firefox and Chrome without complaint or error. I don't have any older Android devices to use in testing. (I had a 1.0, 1.5 and 1.6 device, but it is dead.)

Probably. Settings on the firewall have been changed since last year.

Does this problem only affect you visits to the forum or other https available content on other defcon servers:

https://defcon.org/ (this has a different issue)

https://www.defcon.org/ (does this give you the same error as the forums?)

http://www.tamperevidentwiki.com/showwiki.php

https://pics.defcon.org/

If you see the same problem on all of these, then it is almost certainly a setting on the firewall, or ciphers, hashes, SSL version / features, or TLS versions/features have been disabled due to known security issues, and older browsers do not support the newer versions of one or more of these.

If you could provide more troubleshooting information, it could likely help to see this problems addressed or resolved.

It is likely DT who would be the guy to resolve this if there is enough information to diagnose the issue.

Hope this helps,
-Cot

Re: Forum doesn't support TLS renegotiation?

ack! < Opera Mini quickly uninstalled, Opera Mobile installed instead > Thanks for the tip!

the exact message in the default browser is:
"Data connectivity problem

A secure connection could not be established."

A quick google makes me think it might have been fixed in later versions of android.
I wouldn't have mentioned it but for desktop Opera 12.14 also indicating a problem.

The first two do NOT work.
The last two DO work.

Let me know what else I can do to help.

Re: Forum doesn't support TLS renegotiation?

The TLS renegotiation is a known issue with the software we are using, and I have filed a bug / feature request to see if engineering will fix it.

That said we support only two algorithms:

Encryption: AES256, MAC: SHA-1, Key Exchange: RSA or DH, Authentication: RSA, Protocol TLS v1

Re: Forum doesn't support TLS renegotiation?

Since this is Defcon, it is good to cite resources so claims are not just pulled from posteriors:

URL1=http://www.opera.com/mobile/help/faq/?list#mobile

URL2=http://www.opera.com/mobile/specs/
And URL2 only claims compression from their servers to the Opera Mini Client. (Omission of encryption between Opera Mini and Server in this document does not mean it is not used, but doesn't mean it is, either.)
But this second URL shows that even "Opera Mobile" resorts to using the Opera Compressions servers to pre-fetch content for you if you are not on a WiFi connection.

This looks to me to be actionable information on the trouble, where settings can be compared. I've left a message for DT with a reference to this thread, and the version of Android that is having trouble. According to Wikipedia (and all of the reliability that implies) android OS earlier than 4.0 still make up nearly 60% of the android market.

Re: Forum doesn't support TLS renegotiation?

Circling back on this. Is it working or still broken for you on those devices?

TIA,
-Cot