Friday, March 25, 2016

How to make Firefox more secure in a few clicks

I've messing a lot with cipher suites lately and something I always do in my firefox browsers will stop all the non forward secrecy ciphers.

What Forward Secrecy does is use a second dynamic key when encrypting your traffic. So even if the bad guys break a private key on your server's certificate at the later date your traffic is encrypted by another layer.  If you don't use forward secrecy and they capture your data and find the private key it's easy to decrypt. Wireshark will do it on the fly.

So in Firefox

type about:config in the address bar



It will bring up a warning saying be careful.  Click yes you know.

In the search box below the address bar type ssl.  Look at the bottom of the list and find the ones that start security.ssl3.rsa and double click them and will change enabled to false. You should also disable anything that mentions rc4.  The ones that have dhe are good, the ones that have ecdhe are better, and the ones that have chacha20 are best but not everything supports them.




Try you websites and you might need to re-enable some if, say your bank doesn't work.  Alternatively run your bank against this site

https://www.htbridge.com/ssl/

and let them know if they don't get a good score.

Tuesday, March 15, 2016

Linux Kernel 4.5 and amdgpu

My Linux gaming experience has been a bit sub par since upgrading to a Radeon R9-380.

It was just laggy enough to make playing hard. You often don't see the person that's killed you and things like air blasting rockets in TF2 was almost impossible to time right.

However things seems to have turned.  With Kernel 4.5, the amdgpu driver and adding the amdgpu.powerplay=1 to your kernel options in GRUB speed of gaming and even YouTube is quite noticeably improved.

The other problem I had been having was TF2 would freeze after a few games and you had to do the old alt prt-sc REISUB to reboot. Touch wood that also seems to be fixed.

So a big debt of thanks to the Kernel team and particular the amdgpu guys.