Bonum Certa Men Certa

Firefox 93 Disables Triple DES and Doesn’t Mention NSA Backdoors. Windows 11 Continues Degrading VPNs With It If They Use the Native APIs.

Guest post by Ryan, reprinted with permission from the original

Summary: Firefox 93 has finally disabled the NSA-backdoored and weak Triple DES encryption when you connect to “secure” websites.

In their blog post, Mozilla imply that all that’s wrong with it is that it’s obsolete and seen better days, however, the US National Security Agency was involved and weakened the entire scheme to the point where they could easily break it, but thought that nobody else could for a while.



Flash forward to today, and Triple DES can be easily attacked using many known weaknesses and, if you know the terrible security track record of the OpenSSL project, they dropped it by default (and you’d have to turn it back on) in 2016.



What’s amusing, is that Microsoft and their pet lap dogs over at the Linux (Destroying) Foundation, which has little to do with Linux anymore and more to do with producing mountains of whitepapers using indecipherable buzzwords, technobabble, and treknobabble that would probably make Laura Callahan blush, got together with other companies and poured money into OpenSSL. Lots of money.



And the result of this money is…….. that we’re still stuck with a bloated train wreck that has a lot of obsolete code and security issues.



Some GNU/Linux distros tried switching to LibreSSL, but that turned out to be an even bigger disaster in some ways because the OpenBSD people consider the Apache 2 license to be “non-Free” because it doesn’t allow patent trolls to give you a program and then sue you for using it, and since OpenSSL is now under that license, it means they can’t just pull code from it, and pretty much all hope of remaining API/ABI compatible or something close to it went out the window.



"Still, just one of the many lingering security problems regarding Triple DES is that the Windows 10 and now, “11” operating systems continue to use it despite it being known for years to be bugdoored by NSA and vulnerable to known attacks and providing weak security, if you use the built-in implementation of IKEv2 to connect to a virtual private network."And although OpenSSL is a crucial component of every Windows OS out there, anything that goes wrong with it is a “Linux bug” in the media. That’s not an accident. It’s a deliberate red herring.



Still, just one of the many lingering security problems regarding Triple DES is that the Windows 10 and now, “11” operating systems continue to use it despite it being known for years to be bugdoored by NSA and vulnerable to known attacks and providing weak security, if you use the built-in implementation of IKEv2 to connect to a virtual private network. This is one reason why no decent VPN company will touch Windows’ included VPN services and usually bundle OpenVPN or, now, Wireguard.



Microsoft is still out there pretending to give a shit about security, when this is happening. Windows “11” has been a complete disaster of performance-killing bugs, especially for gamers and people who use the AMD Ryzen CPU platform, and that’s assuming folks can even get it to install in the first place.



Internally, Windows rots away and continues its ride into the sunset as a legacy platform, which oddly can now be used by only 15-20% of all PCs out there. Meaning, there’s never been a better time to get away from it.



Yes, that’s right, while the overwhelming majority of PCs out there can install GNU/Linux distributions, Microsoft has deliberately made most of them “incompatible” with a blacklist, or slowed them down with “bugs” so that users go “Welp, time to buy new stuff again!”.



"Microsoft usually sabotages their older products so that people holding out on them or trying to use them on newer computers to forestall having to deal with the latest bloat, bugs, backdoors, and other bullshit give up and throw in the towel."There’s about to be a fire sale of cheap used computers that will run GNU/Linux fine. Many people fall for this old chestnut every few years and never learn.



Microsoft usually sabotages their older products so that people holding out on them or trying to use them on newer computers to forestall having to deal with the latest bloat, bugs, backdoors, and other bullshit give up and throw in the towel.



They talk about “new silicon” (CPUs) “being designed” for their latest OS, but people were installing Windows 7 on Skylake stuff that came with Windows 10, and the only thing that got in the way was Microsoft disabling Windows Update at a certain point if you did.



This goes way back, I’m told, to at least Windows 95.



Hey, Nathan Lineback would probably know. He was doing just about anything to keep Windows 95 trucking along, including figuring out how to use USB thumb drives on it and getting Seamonkey 2.0 to work. Which is oddly dedicated to a Microsoft OS from decades past (for a guy who otherwise seems to hate everything they’ve done), but oh well.



They are easily one of the most dishonest and disreputable companies on the planet. Why, oh why, do people insist on using this?

Recent Techrights' Posts

The U.S. Patent and Trademark Office Hijacked Again by Patent Litigation Industry, as President Cheeto Prioritises Aggressors
The "mafia" has taken over the "industry" and the Federal system (justice and constitutions trampled upon)
Ubuntu Slop and FUD Manufactured With LLMs and Funded (by Oneself) 'Studies'
Slop and FUD are ruining the Web
 
Gemini Links 02/04/2025: Books and Cold Tea
Links for the day
Links 02/04/2025: More Layoffs, Nokia Again Takes Advantage of Illegal and Unconstitutional Patent Court With Nokia Staff as 'Judges'
Links for the day
Links 02/04/2025: Seizures and Returns to Windows of 24 Years Ago
Links for the day
LLM Slop Helps Obscure and Distort News About Layoffs (IBM, GAFAM)
It's hard to find accurate information
Links 02/04/2025: Microsoft Developers Are Threatening to Go on Strike, World Backup Day Noted
Links for the day
Gemini Protocol Has Growing Appeal (the Web Got Too Bloated and Full of LLM Slop)
For any "data plan" with bandwidth limits or "tiers" it would be cheaper to use/browse Geminispace
The Web Can Survive LLM Slop, But Only If We Collectively Shun and Discourage Serial Sloppers
Doing nothing ought not be a possibility
Amid Secret Shut-downs and Mass Layoffs at Microsoft (4 Waves of Layoffs in 3 Months of 2025) Some Microsoft Staff Expected to Go On Strike
workers going on strike
Gemini Links 02/04/2025: No more on Mastodon and Gemini Mention Script in Go
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, April 01, 2025
IRC logs for Tuesday, April 01, 2025
My Motion Disbarring or “Striking Off” Brett Wilson LLP for Enabling Violent Americans Who Try to Crush Microsoft Critics in the United Kingdom by Multiple SLAPPs
"Guns for hire" (for Microsoft people who received Microsoft salaries)
Gemini Links 01/04/2025: Games and More
Links for the day
Links 01/04/2025: Apple Fined $162M for Privacy Abuses, Disinformation Online a Growing Concern
Links for the day
Why We're Reporting Brett Wilson LLP for Apparently Misusing Their Licence to Protect American Microsofters Who Attack Women
For those who have not been keeping abreast
Newer Press Reports Confirm That Microsoft Shuts Down 'Hey Hi' (AI) Labs Despite All the Hype
The "hey hi" (AI) bubble is not sustainable
Links 01/04/2025: Mass Layoffs at Eidos and "Microsoft Pulls Back on Data Centers" (Demand Lacking); "Racist and Sexist" Slop From Microsoft
Links for the day
Stefano Maffulli and His Microsoft-Funded OSI Staff Are Killing the OSI and Killing "Open Source" (All for Money!)
This is far from over
Gemini Links 01/04/2025: XKCDpunk and worldclock.py
Links for the day
50 Years of Sabotage and a Gut Punch to Computer Science (and Science in General)
Will we get back to science-based computing rather than cult-like following?
Techrights Headlines as Semaphore
"If you are hearing this, thank you"
3 Months in 2025, 4 Waves of Mass Layoffs at Microsoft, Now Offices Shut Down Permanently
"A recent visit by the South China Morning Post confirmed that the office was dark, unoccupied, and had its logo removed."
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, March 31, 2025
IRC logs for Monday, March 31, 2025
Links 31/03/2025: China Tensions, Bombs Falling in Myanmar After Earthquake
Links for the day
Gemini Links 31/03/2025: Falling Out of Love With Tech, Sunsetting openSNP
Links for the day
R.T.O. at IBM in Texas and Atlanta (State of Georgia) Expected as "Soft Layoffs" Catalyst This Coming Year
It also sounds like more IBM layoffs are in the making
Law Firms Can Also Lose Their Licence for Clearly Misusing It
The bottom line is, never made the false assumption that because you can pile up SLAPPs in a docket you will not suffer from bad reputation or even get disbarred
Link between institutional abuse, Swiss jurists, Debianism and FSFE
Reprinted with permission from Daniel Pocock
LLM Slop Piggybacking News About GNU/Linux and Distorting It
new examples
Links 31/03/2025: Press and Democracy Under Further Attacks in the US, Attitudes Towards Slop Sour
Links for the day
Open Source Initiative (OSI) Privacy Fiasco in Detail: The OSI Does Not Respect Anybody's Privacy
The surveillance mafia that bans dissent or key people (even co-founders) with dissenting views
Gemini Links 31/03/2025: More X-Filesposting and Dreaming in Emacs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, March 30, 2025
IRC logs for Sunday, March 30, 2025