SSL/TLS still seems to be screwed up (retrieving Mail with Thunderbird)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: General Discussion about Arch Linux <arch-general@xxxxxxxxxxxxx>
- Subject: SSL/TLS still seems to be screwed up (retrieving Mail with Thunderbird)
- From: Elmar Stellnberger <estellnb@xxxxxxxxx>
- Date: Sun, 10 Apr 2016 18:32:38 +0200
- Reply-to: General Discussion about Arch Linux <arch-general@xxxxxxxxxxxxx>
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.7.1
While being connected via an insecure VPN I had once more left my
email client open by accident (Thunderbird). Though access to
imap.gmail.com shall be secured by SSL/TLS my gmail password was
malversated within a few seconds; i.e. I got a login attempt from
HongKong and had to change the password after disconnecting.
Is anyone here who can explain the insecurity of SSL/TLS in its
current state? Does Thunderbird support certificate pinning? Or do you
think that there are still errors in the implementation of the protocol?
What about libressl for Linux?
[Index of Archives]
[Linux Wireless]
[Linux Kernel]
[ATH6KL]
[Linux Bluetooth]
[Linux Netdev]
[Kernel Newbies]
[Share Photos]
[IDE]
[Security]
[Git]
[Netfilter]
[Bugtraq]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Linux ATA RAID]
[Samba]
[Device Mapper]
