1. 23

See also:

  1. 6

    One of my power distribution units (PDUs) has a web-based interface. Not strictly because of this announcement, but I’m no longer able to use Firefox to access it–the SSL/TLS supported by the PDU and the SSL/TLS supported by Firefox no longer overlap.

    By and large all of our network equipment is configured over serial, rather than https, but this one exception is now twice noteworthy to me–both in being web-based rather than serial and in speaking a no longer supported dialect of https.

    1. 8

      I think anything “legacy” (like your case) or “retro” (trying to browse the modern web on Windows 98) in the TLS world will soon require (MitM) proxying.

      1. 4

        This seems like the sensible solution to me to scary unpatchable crap kit. If the vendor can’t or won’t patch a given box any more, put another box in between it and the rest of the scary scary world which you can patch whose purpose is to lets absolutely minimum traffic touch the insecure bit.

        1. 2

          Good prediction. The RTOS vendors are already doing offerings for stuff like that for embedded and IoT markets. Gateway-style products.

      2. 4

        This is excellent (and also a great justification for people to use telemetry in Free / Open Source software).

        1. 1

          Only trillions? I’m not sure why, but I expected more.