ISC StormCast for Tuesday, February 28th 2017
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 28 February 2017
⏱️ 6 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello, welcome to the Tuesday, February 28, 2017 edition of the Sands and its Storm Center's |
| 0:06.8 | Stormcast. My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida. |
| 0:13.6 | A couple weeks ago with Chrome OS 56, Google implemented TLS 1.3 for the first time. TLS 1.3 being the latest and greatest |
| 0:26.2 | version of TLS. And of course, something a lot of browsers and operating systems are going |
| 0:33.4 | to move to. But sadly, with Google being the first one out of the gate with TLS1.3, |
| 0:41.8 | they're also getting to debug some of the issues in interoperability with TLS1.3. It appears |
| 0:50.6 | that Semantics BlueCode product does implement TLS 1.3 but doesn't do so correctly, |
| 0:59.0 | which does result in TLS connections failing. |
| 1:03.0 | Now typically just like in prior versions of TLS, if TLS version isn't supported, they're supposed to be a downgrade. So Chrome OS was supposed to switch down to TLS. If a TLS version isn't supported, they're supposed to be a downgrade. So Chrome OS was supposed to |
| 1:14.0 | switch down to TLS 1.2 or TLS 1.1. But in this case, due to this bug in blue code, this downcrate |
| 1:23.7 | isn't happening. And the end result is that essentially Chrome OS as of a couple of weeks |
| 1:30.2 | ago is not able to establish any network connection if your network is behind a blue code proxy. |
| 1:38.0 | Blue code is the only product named so far as being not compatible, but the bug note is talking |
| 1:43.5 | about other unspecified products as well. |
| 1:46.7 | Quick fix here, you can turn off TLS 1.3 ineffective versions of Chrome. |
| 1:52.1 | That's probably the best thing you can do at this point. |
| 1:55.4 | And Windows 10 apparently is working on implementing a feature that looks very much like gatekeeper in OS10. |
| 2:03.9 | Gatekeeper on OS10 allows an administrator to lock down a system, so it only allows the user |
| 2:10.8 | to install applications from Apple's App Store or that are signed with a valid Apple certificate. Well, the selection in |
| 2:21.1 | Windows 10 looks very similar. You can either just allow applications from the Microsoft store, |
| 2:29.4 | or you can prefer applications from the Microsoft Store but allow apps from anywhere else. |
| 2:37.0 | A third option is just to turn off the feature and allow apps from anywhere. |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.