Each month, we publish a review that covers essential activities of the last 30 days. This month, we discuss current TLS recommendations, new features in Firefox and Chromium, and the war of instant messengers.
Always stay in the loop!
Subscribe to our RSS/Atom feed.
News of the month
Let us recap the following news:
Current recommendations for the server-side TLS configuration
In January, the National Security Agency and the Dutch National Cyber Security Centre published current TLS guidelines.
We summarize their recommendations:
- Enable TLS 1.3 and 1.2 only.
- Allow strong TLS 1.2 cipher suites only. ECDHE for key exchange, ECDSA or RSA for authentication, AES_256_GCM or AES_128_GCM or CHACHA20_POLY1305 for encryption, and SHA-384 or SHA-256 for the MAC. TLS 1.3 uses strong cipher suites only.
- An RSA key should be at least 3072 bits long.
- For elliptic curves, the NSA especially suggests using secp384r1. A widely supported alternative is Curve25519.
- Disable server-side cipher preference.
- Disable TLS 1.3 0-RTT.
- Disable TLS renegotiation (all modes).
- Disable TLS compression.
- Enable OCSP stapling.
As always, you should evaluate whether these recommendations fit your threat model and use cases. See the External links below to read NCSC’s “IT Security Guidelines for Transport Layer Security.”
Firefox 85 adds ‘client-side storage partitioning’ and ‘Encrypted Client Hello’
In December, we covered Mozilla’s plan to add “client-side storage partitioning.” The new feature isolates certain network resources to improve tracking resistance. Firefox 85 enables “client-side storage partitioning” by default.
Apart from this, Firefox 85 replaces the deprecated “Encrypted Server Name Indication” (ESNI) with “Encrypted Client Hello” (ECH). ECH is an improved version of ESNI, which encrypts the entire Client Hello instead of only the SNI extension. Firefox 85 implements the “draft-ietf-tls-esni-08.” Mozilla plans to update to the latest “draft-ietf-tls-esni-09” in another release. It is still experimental; however, you can enable it. Go to about:config, and set both “network.dns.echconfig.enabled” and “network.dns.use_https_rr_as_altsvc” to True. Note that ECH requires TLS 1.3.
Chromium brings ‘upgraded HTTPS navigations’ in the future
Chromium tries to load a website via HTTPS first in the future. If it can’t connect, it falls back to HTTP. This feature, called ‘upgraded HTTPS navigations,’ is another approach to use HTTPS instead of HTTP as the default.
The war of instant messengers (again)
People started to talk about other instant messengers again due to a recent change of WhatsApp’s documentation on processing personal data. Some discussions revolve around which instant messenger is “the most secure” and “best for your privacy.”
While dozens of instant messengers exist, we only recommend the Signal messenger for years. Some people “demanded” that we recommend Matrix-based messenger; others suggested that we add Threema as its client is open-source now. Of course, a handful of readers e-mailed long lists of reasons against Signal. Lately, people have asked for a messenger comparison chart.
We repeat our position as before:
- There is no “most secure” or “most private” instant messenger. Every instant messenger has its benefits and drawbacks. Please also read our section on secure messaging.
- We only recommend products and services that we use or own. For us, it doesn’t make sense to recommend something that we only know from hearsay.
- Comparison charts try to convert complex topics into distinct features. The conversion can lead to oversimplification. Even worse, some comparison charts consist of arbitrary features to highlight the favorite item of the author. Other charts are inconsistent.
Again: Use the instant messenger that fits your needs and use cases. We can create a comparison chart that presents our favorite messenger as perfect; however, such a chart doesn’t help anybody.
Data breaches and leaks
In January, Have I Been Pwned added information about the following breaches:
- GeniusU (breached in November 2020)
- Glofox (breached in March 2020)
- Jobandtalent (breached in February 2018)
- Romwe (breached in mid-2018)
- Nitro (breached in September 2020)
- Bonobos (breached in August 2020)
Check if you were affected, and change your credentials.
Plans for early 2021
As written in the last Monthly Review, we plan to release a small number of revised and new articles. An upcoming article summarizes our latest lecture on social engineering at the University of Regensburg.
Apart from this, we evaluate a different theme for the InfoSec Handbook.
If you are interested in contributing, please visit our repository "blog-content" on codeberg.orgexternal link.
- NCSC: IT Security Guidelines for Transport Layer Security (TLS)external link
- TLS Encrypted Client Helloexternal link