Was the apology at the end of the statement not an apology?
Not going to lie, I missed the small one line apology in the very last sentence of a rather large post. That doesn't change the fact that it took them five days to talk about it though.
I don't think you're going to see a large company talk about anything like this until they fully understand the details of the incident. 5 days isn't unreasonable to me if it took them a while to figure out exactly what went wrong.
I wish that Valve would make the concession of allowing general purpose phone authenticators (you know, the ones Microsoft, Amazon, and other small companies have incorporated) in their security system as oppose to insisting on their own unique authenticator.
I'm sure they have their reasons (good or bad) but it's slightly annoying. That being said, I don't have a natural preference for Steam (for example, if GoG and Steam are both selling something, I will go with GoG 9 times out of ten), but I still make extensive use of Steam naturally.
I have their text message security measure, so it's not all bad. I'd just like having that extra option. On the other hand, I don't give two shits about the community marketplace or the discount the authenticator affords people, so it doesn't really matter to me?
+1
Options
TetraNitroCubaneThe DjinneratorAt the bottom of a bottleRegistered Userregular
The Steam mobile authenticator being tied to the mobile app is really strange. I don't particularly like it myself. You can set it up easily enough, and it does afford you extra security, but it forces you into that mobile app, which is a whole different kettle of fish from what an authenticator is supposed to be.
When I set it up, I immediately logged out of the mobile app on my phone with the intent of only using it to get 2-factor security going. But even when signed out on my desktop and mobile, that caused me to be stuck in online mode. So imagine my surprise when I came back to a ton of messages of people asking me why I was ignoring them. Had to change my password in order to go offline with the friends list again. It's not necessarily a big deal, but it's certainly nothing that should happen as a consequence of 2-factor auth.
+1
Options
TetraNitroCubaneThe DjinneratorAt the bottom of a bottleRegistered Userregular
Just a quick reminder to all that ad-blocking software is, indeed, security software. Regardless of how much you trust the ad-hosting page.
But seriously, I'm curious how the new round of anti ad-blocking tech works. Are they talking with ad servers on the backend to find out if your IP actually requested an ad? If not, it's all client side script in the end so you would think we would have seen an update to ad-blockers to circumvent it.
"I don't even know what to say," exasperated researcher tells TrendMicro official.
Antivirus provider TrendMicro has released an emergency product update that fixes critical defects that allow attackers to execute malicious code and to view contents of a password manager built in to the malware protection program. The release came after a Google security researcher publicly castigated a TrendMicro official for the threat.
Details of the flaws became public last week after Tavis Ormandy, a researcher with Google's Project Zero vulnerability research team, published a scathing critique disclosing the shortcomings. While the code execution vulnerabilities were contained in the password manager included with the antivirus package, they could be maliciously exploited even if end users never make use of the password feature. Those who did use it were also susceptible to hacks that allowed attackers to view hashed passwords and the plaintext Internet domains they belonged to.
"I don't even know what to say—how could you enable this thing *by default* on all your customer machines without getting an audit from a competent security consultant?" Ormandy wrote in an exchange with a TrendMicro official. "You need to come up with a plan for fixing this right now. Frankly, it also looks like you're exposing all the stored passwords to the internet, but let's worry about that screw up after you get the remote code execution under control."
Elsewhere in the exchange, Ormandy criticized company developers for failing to move faster to contain the threat and renewed his call for them to seek help from outside security professionals. He wrote:
So this means, anyone on the internet can steal all of your passwords completely silently, as well as execute arbitrary code with zero user interaction. I really hope the gravity of this is clear to you, because I'm astonished about this.
In my opinion, you should temporarily disable this feature for users and apologise for the temporary disruption, then hire an external consultancy to audit the code. In my experience dealing with security vendors, users are quite forgiving of mistakes if vendors act quickly to protect them once informed of a problem, I think the worst thing you can do is leave users exposed while you clean this thing up. The choice is yours, of course.
Ormandy said it took him only about 30 seconds to find one of many code-execution holes in the antivirus program. In the past few days, TrendMicro began testing an emergency fix it planned to push out to end users. Ormandy said the update resolves the issue but that he remained concerned that the password manager continues to expose more than 70 potentially dangerous programming interfaces to the open Internet. In the past few years, Ormandy has exposed critical vulnerabilities in a host of security products, including those from Sophos, Kaspersky Lab, AVG, and FireEye.
1. The vulnerable roaming code can be permanently disabled by adding the
undocumented option "UseRoaming no" to the system-wide configuration
file (usually /etc/ssh/ssh_config), or per-user configuration file
(~/.ssh/config), or command-line (-o "UseRoaming no").
0
Options
OrthancDeath Lite, Only 1 CalorieOff the end of the internet, just turn left.Registered User, ClubPAregular
But seriously, I'm curious how the new round of anti ad-blocking tech works. Are they talking with ad servers on the backend to find out if your IP actually requested an ad? If not, it's all client side script in the end so you would think we would have seen an update to ad-blockers to circumvent it.
I believe it's all client side. Hence we have this true wonder of a project name: FuckFuckAdblock
A simple userscript that acts like FuckAdBlock.js (A well known adblock detector) but always says that no adblock was detected. Just install it using Tampermonkey (chrome) or Greasemonkey (Firefox) by clicking here and try it out at http://sitexw.fr/fuckadblock/. FuckFuckAdBlock works on any version of FuckAdBlock. It's kinda like a trace buster buster
I really hope nobody is reading this at work.
0
Options
TetraNitroCubaneThe DjinneratorAt the bottom of a bottleRegistered Userregular
So someone managed to distribute and install malware on the computer systems used by Hyatt hotels. They did this at over 250 locations, and the malware was active from July 30, 2015 to December 8, 2015. The malware was used to steal CC information, basically skimming every customer that used their systems.
I have to say that it's impressive that an infection of this scale lasted basically four entire months before someone noticed.
Or maybe it's not impressive. Maybe it's commonplace, and the corporations that we're basically forced to trust don't know security from a hole in the ground. ¯\_(ツ)_/¯
0
Options
ShadowfireVermont, in the middle of nowhereRegistered Userregular
We're up to... what, 135 or so years of credit monitoring?
I'd rather have something in place that stops the fire.
----
As for the Hyatt systems; I'm not entirely surprised. To my knowledge, all major hotel chains offload their computer system support to third-party companies. If said company hadn't performed an audit or hadn't updated their security protocols in a while, this could very easily happen.
I'd rather have something in place that stops the fire.
----
As for the Hyatt systems; I'm not entirely surprised. To my knowledge, all major hotel chains offload their computer system support to third-party companies. If said company hadn't performed an audit or hadn't updated their security protocols in a while, this could very easily happen.
Chicago-based Hyatt joins a crowded list of other hotel chains similarly breached in the past year, including Hilton, Starwood, Mandarin Oriental, White Lodging (twice) and the Trump Collection.
Also, on the credit report front. I'm convinced it's basically useless. I'm freezing my reports as soon as we purchase a house, which will actually stop identity theft before it occurs (for loans/credit taken out in my name at least). Not much else you can do really. Your information is pretty much guaranteed to be for sale on the black market at this point unless you live completely off the grid.
I'm just tired of having my credit card replaced due to breaches. Yesterday, I received my 4th amex replacement in the last year, and logging in to change all of my online accounts and bill pays is annoying. I think I need a separate card just for those accounts, so that they are isolated from the card I use for day to day purchases.
Gah, not sure if this is the right place but my folks just fell victim to the Windows Security scam. When I got to their house my dad had actually already given control of his new laptop to the scammer and was in the process of entering his credit card.
I pulled the battery and did a restore on the laptop but should I just do a complete wipe and reinstall Windows? We also canceled dad's credit card.
I've told them to reset their email password and then any other passwords.
What else am I missing?
0
Options
ShadowfireVermont, in the middle of nowhereRegistered Userregular
Go through startup and make sure there are no more remnants of any sort of LogMeIn, GoToMeeting, TeamViewer, etc.
Run MBAM just in case?
The latest operating system has been mired in controversy since before it was even launched. It was discovered by users that Microsoft is secretly downloading 6GB of Windows 10 files onto machines that haven't upgraded... Even Internet Explorer seems to have Get Windows 10 ad generators included.
Regardless of how good Windows 10 is or isn't, this ongoing issue has been scummy. There have been varying reports of forced updates, and the malware like intrusion just feels wrong. Even if it's officially from Microsoft, when my computer does something I didn't tell it to do and didn't want it to do, it somehow feels unsafe.
For anyone on Windows 7 or 8 that wants to stop Windows 10, or at least upgrade on your own terms, I highly recommend the GWX Control Panel. It will search for the relevant updates, files, and registry keys associated with the Get Windows X upgrade, remove them, and block them. You can also have it run as a system tray tool to monitor for changes, in case another bout of Windows Updates unhides and reactivates the forced upgrade updates... Which has happened a few times now.
+2
Options
OrcaAlso known as EspressosaurusWrexRegistered Userregular
At least I have the *choice* of allowing these patches (or not). Windows 10 doesn't give me the option, and they've already shown they're willing to go down the road of putting ads in the OS.
That they're willing to go to these extremes to get me to upgrade makes me extremely suspicious of their motivations.
I flat out stopped watching broadcast TV 10 years ago because I couldn't stand the ads. I will not tolerate it on my OS.
Notwithstanding this issue, which is reminiscent of their monopoly days when they got in trouble for pushing software bundles with the OS, I don't get the reluctance to update to 10 at the consumer level. Still on 7 for work so can't say if it's better or worse there.
Performance seems to be as good or better than 8, and the features that it does add aren't all that major (re-adding the start menu) or can be ignored (cortana). It feels more like a service pack for 8 than a separate version.
edit: Totally get the ad thing though. Up until we cut the cord, I would switch channels whenever an ad came on. I still do it with radio in the car.
Notwithstanding this issue, which is reminiscent of their monopoly days when they got in trouble for pushing software bundles with the OS, I don't get the reluctance to update to 10 at the consumer level. Still on 7 for work so can't say if it's better or worse there.
Upgrading to Windows 10 would break some software that I rely on heavily, and would be a massive pain in the ass to configure for some other applications.
I'm running Sandboxie, which is Win 10 compatible, but wouldn't play nice through an upgrade process (Numerous applications installed and tailored to their own Sandboxes). It would require a reinstall if and when I upgrade. That would be my preferred method, anyhow, but I'd prefer to do it on my own terms instead of SURPRISE! update.
Right now my system works, and I feel zero reason to move to Win 10 and risk that?
All current stuff seems fine. I imagine older stuff just got worse (Rainbow Six won't run for me in 7 or 10).
0
Options
ShadowfireVermont, in the middle of nowhereRegistered Userregular
I've had no problems running 10 on my machine, but we get no end of problems when working on clients' computers. There are all the typical Windows problems like broken registries, malware, and drivers mucking things up, plus the bonus of store apps being incredibly unstable. It's especially fun when the start menu and Cortana break, because 90% of the time the only way to fix it is to create a new user account and migrate the data.
I mean, I like it on my machine. But it has problems.
I've had no problems running 10 on my machine, but we get no end of problems when working on clients' computers. There are all the typical Windows problems like broken registries, malware, and drivers mucking things up, plus the bonus of store apps being incredibly unstable. It's especially fun when the start menu and Cortana break, because 90% of the time the only way to fix it is to create a new user account and migrate the data.
I mean, I like it on my machine. But it has problems.
Interesting, we haven't had any problem with our machines at home, or those of extended family. I don't think anyone has been doing store apps though?
Gaming hasn't been an issue, but I've only tried current games and a few really old ones via dosbox.
My work machine might make it to windows 10 by 2020 judging by our current rate of upgrades.
My laptop runs 10, but this forced bullshit is the exact reason why I'm still holding out upgrading on my desktop. I was actually in the "ok, I'll do it when I get time" camp, and then all this forced update stuff started surfacing.
Simply put: there's got to be a better way. I have a bigger issue with less computer-literate friends and family who have this happen and are just fucked. At least I'm proactive and knowledgeable enough to delay the inevitable.
+3
Options
ShadowfireVermont, in the middle of nowhereRegistered Userregular
I've had no problems running 10 on my machine, but we get no end of problems when working on clients' computers. There are all the typical Windows problems like broken registries, malware, and drivers mucking things up, plus the bonus of store apps being incredibly unstable. It's especially fun when the start menu and Cortana break, because 90% of the time the only way to fix it is to create a new user account and migrate the data.
I mean, I like it on my machine. But it has problems.
Interesting, we haven't had any problem with our machines at home, or those of extended family. I don't think anyone has been doing store apps though?
Gaming hasn't been an issue, but I've only tried current games and a few really old ones via dosbox.
My work machine might make it to windows 10 by 2020 judging by our current rate of upgrades.
So, store apps also includes things like the stock Mail client, Edge, and Cortana. These break all the damn time. Sometimes you can use powershell to restore the program, sometimes you can go in and delete the program and reinstall from the store to fix it, and occasionally dism is the go to. But often it's just a broken user profile and there's no fix.
I guess having crossed over to macs for awhile has altered my perception. I didn't upgrade my macbook when I had the chance to do it cheaply and quickly fell behind on OS upgrades. It was fine until suddenly software stopped supporting the version I was running, which seems to happen much much faster in the mac world than on PC.
At this point, staying static on a given version of an OS is anathema to me. Keeping current is basically just another upkeep task like flipping my mattress or cleaning the gutters. Just good practice that makes my life simpler if I keep on top of it.
That said, I can see how deciding to stay on 7 or 8 awhile would make the ads aggravating, and it would certainly sour me on the new OS as well. There is definitely a better way to encourage people to upgrade than repeatedly berating them with notifications they can't easily disable.
ShadowfireVermont, in the middle of nowhereRegistered Userregular
Yeah, what I've seen on Mac is the new os advertised in the app store, and once in a great while a notification in the corner that goes away. The notification in win 7/8 tends to hang out on the screen and sometimes not be able to close.
How does gaming handle 10? I know a lot of games had issues with 8.
Given the similarity, "as good, or slightly worse" than 8. There are old, old titles that can be tricked into working with 8, but will not work with 10 necessarily, but those are rare.
How does gaming handle 10? I know a lot of games had issues with 8.
Given the similarity, "as good, or slightly worse" than 8. There are old, old titles that can be tricked into working with 8, but will not work with 10 necessarily, but those are rare.
If be coming from 7, which is why I'm so hesitant.
How does gaming handle 10? I know a lot of games had issues with 8.
Given the similarity, "as good, or slightly worse" than 8. There are old, old titles that can be tricked into working with 8, but will not work with 10 necessarily, but those are rare.
If be coming from 7, which is why I'm so hesitant.
I don't blame you in the least. I've upgraded my Surface Pro 1 to Windows 10 (and will probably do the same to my Surface Pro 3 soon), but I've kept my gaming desktop on Windows 8.1 for almost exclusively gaming related reasons:
1. My awesome custom tiles are, again, awesome replacements for shortcuts, especially when gaming on my Vizio 4K. Currently there is no true replacement for Oblytile on Windows 10, just a pair of Tile creator applications which aren't as good, unfortunately.
2. I run a lot of older non-English games that are not necessarily guaranteed to run on Windows 10, especially after they were patched to run on Windows 8.1. I'm sure the large majority of my games would, but I can think of more than a few that likely wouldn't.
In my own experience, this is once again a case of game compatibility in iterations, as it's always been. Windows XP games can work on Vista, and 7 (though Vista is likely a safer bet). Windows 7 games will likely work with 8, and probably 10 (but 8 is a safer bet). I'm sure you can find a Windows 7 game that works on 10 but not 8, but that's more an exception that proves the rule, so to speak.
Of course, it's entirely possible that the benefits to Windows 10 outweigh losing a few old games. They just don't for me in the present (which is why both times I've switched over, I've reverted via boot disk image).
Also, can I just say that boot disk images are pretty damn awesome? I only discovered them recently, as a precaution for upgrading Windows. Via free software, in a few hours (if that), I can create a perfect copy of my 500 GB Samsung EVO Pro boot drive. Granted, restoring it off the USB storage drive where it's stored takes 4 to 5 hours, but let me tell you--perfect restoration, compared to Windows 10's reversal tool.
Sigh, I work IT/Computer security for a state gov't agency. A website that was built by the central IT agency above us appears to ONLY use RC4 as it's sole HTTPS cipher. Last month, I warned them about IE retiring RC4 this month and pressed them to fix their encryption or else we won't be able to use the site (chrome and firefox already retired RC4) It finally looks like they were going to fix it...only to find out that Microsoft is going to DELAY their RC4 retirement "due to customer feedback" which ensures that the website in question won't get fixed till much later now.
Fuck you Microsoft for making the Internet less safe. Still pisses me off that in their earlier IE browsers, they had TLS 1.1 and 1.2 support, but was disabled by default, thus ensuring no one would turn it on except for those interested in security and not afraid of editing the registry, which had the side of effect of making sure websites wouldn't make an effort to add TLS 1.1/1.2 support since MS left it disabled.
Speaking of TLS protocols and ciphers...It appears Chrome 50 redecorated a bit and moved all the security info out of where it usually is. Instead of clicking on the padlock icon and moved it to the developer tools under security. But the only info I can find is whether or not chrome considers it secure or not, where do I see what specific protocol/cipher is used? My google searches are failing me.
EDIT: took forever, but I found it. You have to reload the page to get the cipher details. Way more annoying now, miss the old way.
Posts
Not going to lie, I missed the small one line apology in the very last sentence of a rather large post. That doesn't change the fact that it took them five days to talk about it though.
I'm sure they have their reasons (good or bad) but it's slightly annoying. That being said, I don't have a natural preference for Steam (for example, if GoG and Steam are both selling something, I will go with GoG 9 times out of ten), but I still make extensive use of Steam naturally.
I have their text message security measure, so it's not all bad. I'd just like having that extra option. On the other hand, I don't give two shits about the community marketplace or the discount the authenticator affords people, so it doesn't really matter to me?
When I set it up, I immediately logged out of the mobile app on my phone with the intent of only using it to get 2-factor security going. But even when signed out on my desktop and mobile, that caused me to be stuck in online mode. So imagine my surprise when I came back to a ton of messages of people asking me why I was ignoring them. Had to change my password in order to go offline with the friends list again. It's not necessarily a big deal, but it's certainly nothing that should happen as a consequence of 2-factor auth.
But seriously, I'm curious how the new round of anti ad-blocking tech works. Are they talking with ad servers on the backend to find out if your IP actually requested an ad? If not, it's all client side script in the end so you would think we would have seen an update to ad-blockers to circumvent it.
OpenSSH has an undocumented roaming feature that can leak a clients private key. Requires a malicious server to execute. Luckily there's an easy mitigation,
I believe it's all client side. Hence we have this true wonder of a project name: FuckFuckAdblock
I really hope nobody is reading this at work.
I have to say that it's impressive that an infection of this scale lasted basically four entire months before someone noticed.
Or maybe it's not impressive. Maybe it's commonplace, and the corporations that we're basically forced to trust don't know security from a hole in the ground. ¯\_(ツ)_/¯
I'd rather have something in place that stops the fire.
----
As for the Hyatt systems; I'm not entirely surprised. To my knowledge, all major hotel chains offload their computer system support to third-party companies. If said company hadn't performed an audit or hadn't updated their security protocols in a while, this could very easily happen.
Frankly, I'm surprised this isn't more prevalent.
It's not exactly uncommon at the moment.
I'm just tired of having my credit card replaced due to breaches. Yesterday, I received my 4th amex replacement in the last year, and logging in to change all of my online accounts and bill pays is annoying. I think I need a separate card just for those accounts, so that they are isolated from the card I use for day to day purchases.
I pulled the battery and did a restore on the laptop but should I just do a complete wipe and reinstall Windows? We also canceled dad's credit card.
I've told them to reset their email password and then any other passwords.
What else am I missing?
Run MBAM just in case?
Eset also have a free online scanner that's pretty thorough, but takes ages.
Nintendo Network ID: AzraelRose
DropBox invite link - get 500MB extra free.
http://www.infoworld.com/article/3042155/microsoft-windows/windows-patch-kb-3139929-when-a-security-update-is-not-a-security-update.html
Regardless of how good Windows 10 is or isn't, this ongoing issue has been scummy. There have been varying reports of forced updates, and the malware like intrusion just feels wrong. Even if it's officially from Microsoft, when my computer does something I didn't tell it to do and didn't want it to do, it somehow feels unsafe.
For anyone on Windows 7 or 8 that wants to stop Windows 10, or at least upgrade on your own terms, I highly recommend the GWX Control Panel. It will search for the relevant updates, files, and registry keys associated with the Get Windows X upgrade, remove them, and block them. You can also have it run as a system tray tool to monitor for changes, in case another bout of Windows Updates unhides and reactivates the forced upgrade updates... Which has happened a few times now.
So you can get the ad?
Windows 10 is the best double digit Windows.
At least I have the *choice* of allowing these patches (or not). Windows 10 doesn't give me the option, and they've already shown they're willing to go down the road of putting ads in the OS.
That they're willing to go to these extremes to get me to upgrade makes me extremely suspicious of their motivations.
I flat out stopped watching broadcast TV 10 years ago because I couldn't stand the ads. I will not tolerate it on my OS.
Performance seems to be as good or better than 8, and the features that it does add aren't all that major (re-adding the start menu) or can be ignored (cortana). It feels more like a service pack for 8 than a separate version.
edit: Totally get the ad thing though. Up until we cut the cord, I would switch channels whenever an ad came on. I still do it with radio in the car.
Upgrading to Windows 10 would break some software that I rely on heavily, and would be a massive pain in the ass to configure for some other applications.
I'm running Sandboxie, which is Win 10 compatible, but wouldn't play nice through an upgrade process (Numerous applications installed and tailored to their own Sandboxes). It would require a reinstall if and when I upgrade. That would be my preferred method, anyhow, but I'd prefer to do it on my own terms instead of SURPRISE! update.
Right now my system works, and I feel zero reason to move to Win 10 and risk that?
I mean, I like it on my machine. But it has problems.
Interesting, we haven't had any problem with our machines at home, or those of extended family. I don't think anyone has been doing store apps though?
Gaming hasn't been an issue, but I've only tried current games and a few really old ones via dosbox.
My work machine might make it to windows 10 by 2020 judging by our current rate of upgrades.
Simply put: there's got to be a better way. I have a bigger issue with less computer-literate friends and family who have this happen and are just fucked. At least I'm proactive and knowledgeable enough to delay the inevitable.
So, store apps also includes things like the stock Mail client, Edge, and Cortana. These break all the damn time. Sometimes you can use powershell to restore the program, sometimes you can go in and delete the program and reinstall from the store to fix it, and occasionally dism is the go to. But often it's just a broken user profile and there's no fix.
At this point, staying static on a given version of an OS is anathema to me. Keeping current is basically just another upkeep task like flipping my mattress or cleaning the gutters. Just good practice that makes my life simpler if I keep on top of it.
That said, I can see how deciding to stay on 7 or 8 awhile would make the ads aggravating, and it would certainly sour me on the new OS as well. There is definitely a better way to encourage people to upgrade than repeatedly berating them with notifications they can't easily disable.
Given the similarity, "as good, or slightly worse" than 8. There are old, old titles that can be tricked into working with 8, but will not work with 10 necessarily, but those are rare.
If be coming from 7, which is why I'm so hesitant.
I don't blame you in the least. I've upgraded my Surface Pro 1 to Windows 10 (and will probably do the same to my Surface Pro 3 soon), but I've kept my gaming desktop on Windows 8.1 for almost exclusively gaming related reasons:
1. My awesome custom tiles are, again, awesome replacements for shortcuts, especially when gaming on my Vizio 4K. Currently there is no true replacement for Oblytile on Windows 10, just a pair of Tile creator applications which aren't as good, unfortunately.
2. I run a lot of older non-English games that are not necessarily guaranteed to run on Windows 10, especially after they were patched to run on Windows 8.1. I'm sure the large majority of my games would, but I can think of more than a few that likely wouldn't.
In my own experience, this is once again a case of game compatibility in iterations, as it's always been. Windows XP games can work on Vista, and 7 (though Vista is likely a safer bet). Windows 7 games will likely work with 8, and probably 10 (but 8 is a safer bet). I'm sure you can find a Windows 7 game that works on 10 but not 8, but that's more an exception that proves the rule, so to speak.
Of course, it's entirely possible that the benefits to Windows 10 outweigh losing a few old games. They just don't for me in the present (which is why both times I've switched over, I've reverted via boot disk image).
Also, can I just say that boot disk images are pretty damn awesome? I only discovered them recently, as a precaution for upgrading Windows. Via free software, in a few hours (if that), I can create a perfect copy of my 500 GB Samsung EVO Pro boot drive. Granted, restoring it off the USB storage drive where it's stored takes 4 to 5 hours, but let me tell you--perfect restoration, compared to Windows 10's reversal tool.
Fuck you Microsoft for making the Internet less safe. Still pisses me off that in their earlier IE browsers, they had TLS 1.1 and 1.2 support, but was disabled by default, thus ensuring no one would turn it on except for those interested in security and not afraid of editing the registry, which had the side of effect of making sure websites wouldn't make an effort to add TLS 1.1/1.2 support since MS left it disabled.
Enlist in Star Citizen! Citizenship must be earned!
EDIT: took forever, but I found it. You have to reload the page to get the cipher details. Way more annoying now, miss the old way.
Enlist in Star Citizen! Citizenship must be earned!