SoylentNews is people
SoylentNews
So, I know its been a bit quiet here, but we're working through getting through the last few items relating to cutting over to newer infrastructure. As such, its been working through the bug list, and there's one issue I want to get some feedback on.
Back in November when the infrastructure was upgraded to Ubuntu 22.04, a few users with older devices stopped being able to connect to SoylentNews. This confused me, since we've been using the same NGINX SSL termination setup that has been in use since at least 2016. Well, I finally found the root cause, and as it turns out, Canonical bumped up the minimum OpenSSL security level, which disabled several ciphers, and broke devices not supporting TLS 1.2 or later.
By testing the site with the SSL Labs site checker, it appears anything older than Android 4.0, or iOS 5 is broken. This mostly seems to be devices that are over a decade old at this point, and won't be able to browse the vast majority of sites on the Internet as is. We discussed this internally a bit, and I'm of the opinion that its not worth re-enabling the older ciphers to allow these devices to reconnect, especially since we're working to modernize the stack, and get it as up to date as we can get it. I also believe we had very few users who were actually affected by this, however, as the editors did get a few emails about SN breaking after the site upgrade, I wanted to poll the community, and make sure this is not a more widespread issue than initially believed.
Ultimately, this is going to be part of a broader discussion on what we will and won't support on SoylentNews going forward, and this seems as good of place as any to get the ball rolling.
~ NCommander
(Score: 3, Interesting) by NotSanguine on Wednesday July 05 2023, @02:42PM (2 children)
But TLS1.3 [rfc-editor.org] is now five years old.
The computer I'm writing this comment on is eleven years old and runs an OS that was EOL'd more than three years ago.
Even so, my browser reports that this connection is encrypted with the aforementioned TLS1.3 (TLS_AES_256_GCM_SHA384, 256 bit keys).
So it's possible to run old hardware/software with TLS 1.3 (old phones can be an issue, and I ran into that issue myself and moved to more recent versions of Android via custom ROMs to address those issues -- as for old iOS devices, you're on your own and that's your fault for using Apple crap). [note: I guess that is a judgement, despite the comment's title. Oops.]
That said, it's understandable that those using old hardware/software would be annoyed that they cannot connect via TLS.
WRT Ubuntu, I assume that "normal" browser installs (via apt) will use the local shared TLS libraries, which may or may not (depending on revision) support TLS 1.1/1.2/1.3. In such cases, it may be useful to install your browser via Snap [ubuntu.com] packages which are fully self-contained (i.e., don't use system libraries) and presumably have the latest revs of various libraries.
I don't think we should restrict folks from accessing SN insecurely if they need/choose to do so. At the same time, TLS downgrade [wikipedia.org] attacks really are a thing which could compromise/reduce the security of TLS connections even for those with the latest gear/software.
Perhaps a reasonable solution (as was suggested elsewhere in this discussion) would be to have two ingress points for SN -- a modern TLS secured ingress (the default) and an unsecured (i.e., straight HTTP) ingress point.
It's not a perfect analogy, but something along the lines of www.reddit.com vs. old.reddit.com providing similar access with a different ingress point makes sense to me.
From a broader perspective, widespread encryption of traffic across the 'net is, on the whole, a very good thing. Is it absolutely necessary for many sites? Probably not. At the same time, requiring decent quality encryption reduces the ability of bad actors to compromise systems and connections.
I'd also note that Qualys [ssllabs.com] (IPv6 [ssllabs.com], although the IP version shouldn't matter) claims that Android/iOS versions using TLS1.2 (which is eleven years old at this point) are fully supported by https://soylentnews.org. [soylentnews.org.]
Again, it's not a perfect analogy, but we (the general "we") don't support the 'r' tools (rsh, rcp, etc.) or telnet any more either. Because they're insecure and no one complains about that do they?
I get that some folks are into "retro" computing, which is great. But I don't want to be subject to downgrade attacks and/or other issues because someone wants to use their 25 year-old OS to browse the web. I'm sure some will disagree, but that's my take.
I think supporting an eleven year-old TLS version goes far enough back to address this -- with unencrypted access available for those who want (need?) to connect via devices that don't support decade-old standards.
No, no, you're not thinking; you're just being logical. --Niels Bohr
(Score: 2) by gnuman on Wednesday July 05 2023, @06:39PM (1 child)
To be fair, Apple supports their OS far far longer than Android. Basically, 6 years and counting for new OS. Android? well, good luck with that.
https://support.apple.com/guide/iphone/supported-models-iphe3fa5df43/ios [apple.com]
(Score: 2) by NotSanguine on Wednesday July 05 2023, @10:24PM
A fair point. They certainly do. But once that six years is done, you're on your own. That's not true for Android devices.
Show me an Apple device old enough to be out of support (and you're stuck on whatever version of iOS was current when support ended) and I'll show you an Android device of the same vintage which while likely unsupported by the manufacturer much sooner, but there are *still* custom ROMs that work on those devices.
No, no, you're not thinking; you're just being logical. --Niels Bohr