I have been following a thread on updating the firmware on older model kindles to 3.4.2 to improve security. As my K3 is already at that level I decided to check security with the howsmyssl.com web site mentioned there.
I was somewhat surprised by the output, which declared my SSL client BAD.
Further details were:
Version is improvable, as TLS 1.1 is being used instead of 1.2
Session Ticket Support is not supported and thus could be improved
The reason for the BAD call is that there are included Cipher Suites known to be insecure, specifically RC4 in three of them.
Is there anything we can do to remove the insecure cipher suites? I have not been using the K3 browser for anything critical, but it would be better to have it as secure as possible if a time came when I needed to use it due to lack of other equipment.
Dave
I was somewhat surprised by the output, which declared my SSL client BAD.
Further details were:
Version is improvable, as TLS 1.1 is being used instead of 1.2
Session Ticket Support is not supported and thus could be improved
The reason for the BAD call is that there are included Cipher Suites known to be insecure, specifically RC4 in three of them.
Is there anything we can do to remove the insecure cipher suites? I have not been using the K3 browser for anything critical, but it would be better to have it as secure as possible if a time came when I needed to use it due to lack of other equipment.
Dave