Netscape Security Lies
We have just tested Netscape's security page and it seems they are either lying or have a major bug. All you have to do to confirm this is to go to their page http://home.netscape.com/newsref/ref/netscape-security.html#test and click on the link under the heading Testing the Secure Server link "Here is a secure server you can visit. Do an iptrace and analyse of the interaction between the server and their browser version 3.05bgold and 3.05b, of which both reports that they are not even running a secure version of the server there. We decided to test further and found that the RSA secure server is only SSL 2 and SSL 3 which is what Netscape seems to be touting to the resting of the world saying they have it NOW. Later, if not much later seems far more realistic. I do not like being lied to, mislead or steam rolled by, how about you?
source@iaccess.za writes:
We have just tested Netscape's security page and it seems they are either lying or have a major bug.
All you have to do to confirm this is to go to their page http://home.netscape.com/newsref/ref/netscape-security.html#test and click on the link under the heading Testing the Secure Server link "Here is a secure server you can visit.
I checked this out with baited breath, hoping to find a juicy Netscape security hole as promised. Unfortunately, all it is is a mis-configured httpd server at rsa.com. It should be doing SSL but it's not. A bummer, but probably not a lie and certainly not a major bug.
We decided to test further and found that the RSA secure server is only SSL 2 and SSL 3 which is what Netscape seems to be touting to the resting of the world saying they have it NOW. Later, if not much later seems far more realistic.
Try ssl3.netscape.com:443. It's doing ssl3.
I do not like being lied to, mislead or steam rolled by, how about you?
Not at all. So quit doing it. -- Eric Murray ericm@lne.com ericm@motorcycle.com http://www.lne.com/ericm PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03 92 E8 AC E6 7E 27 29 AF
source@iaccess.za writes: : We have just tested Netscape's security page and it seems they are either lyi : ng : or have a major bug. : : All you have to do to confirm this is to go to their page : http://home.netscape.com/newsref/ref/netscape-security.html#test : and click on the link under the heading Testing the Secure Server link : "Here is a secure server you can visit. It seems secure enough to me. It won't even let me make a connection, always saing that ``a network error occurred while Netscape was receiving data''. I am running the new non-export strength Netscape beta for Linux and have my cookies file set to ReadOnly. -- Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH Internet: junger@pdj2-ra.f-remote.cwru.edu junger@samsara.law.cwru.edu
participants (3)
-
Eric Murray -
Peter D. Junger -
source@iaccess.za