Protect Google Chrome against Logjam Vulnerability



Determine if you're vulnerable to the Logjam Attack - go to https://weakdh.org/ with your chrome browser and see if you get a blue bar (good) or a red one (bad).

When I tried this Firefox was OK, Google Chrome was not.

I fixed this by editing /usr/bin/google-chrome and adding the --cipher-suite-blacklist parameter.

# Make sure that the profile directory specified in the environment, if any,
# overrides the default.
if [[ -n "$CHROME_USER_DATA_DIR" ]]; then
  # Note: exec -a below is a bashism.
  exec -a "$0" "$HERE/chrome" --user-data-dir="$CHROME_USER_DATA_DIR" --cipher-suite-blacklist=0xcc15,0x009e,0x0039,0x0033 "$@"
else
  exec -a "$0" "$HERE/chrome" --cipher-suite-blacklist=0xcc15,0x009e,0x0039,0x0033 "$@"
fi

as shown above.

https://cc.dcsec.uni-hannover.de/ will tell you which ciphers your browser currently supports.

Comments

Popular posts from this blog

Hit failing alternator with a hammer to confirm diagnosis of failing alternator due to bad brushes

alternatives --install gets stuck: failed to read link: No such file or directory

Using SSH, SOCKS, tsocks, and proxy settings to create a simultaneous "dual use" work/home computer