Waterfox: TLS Session Resumption Allows For Permanent User Tracking

First of all, thank you @ilikenwf for the discovery.
Do you plan @MrAlex94 to rectify this matter for the next version (aka WaterFox_v56.2.4) ?

Because as you can see (on these pictures) WaterFox_v56.2.3 has a fews little security trouble...

lockPref("security.tls.version.max",4);
## Otherwise open the page "about:config" and replace it (right now, the current value is 3) !

Then it will enable the TLS_v1.3 because no (at this moment) it isn't already the case.

Apparently it very easy to correct these weaks :

pref("security.ssl3.dhe_rsa_aes_128_sha",false);
pref("security.ssl3.dhe_rsa_aes_256_sha",false);
pref("security.ssl3.rsa_aes_128_sha",false);
pref("security.ssl3.rsa_aes_256_sha",false);
pref("security.ssl3.rsa_des_ede3_sha",false);

What was the trouble with GitHub ? Warning because at the first time I wasn't enable to login...
For now the trouble has vanished.

lockPref("security.enable_tls_session_tickets",false);
lockPref("security.ssl.disable_session_identifiers",true);

Session resumption (either with session id or with encrypted tickets) is necessary to make fast connections to server. Without them browser will have to perform a complete TLS handshake on each connection. There are still websites configured to reset connection after every single HTTP request (to minimize server resources usage). With both session id and tickets disabled, browser will have to reconnect to such server for each image and script used on a page. This will slow down connections significantly.

TLS 1.3 is not much of a solution. Without tickets it does allows you to reconnect without additional packet round trip, but both browser and server have to perform a public-key authentication, which it not a fast thing. However, HTTP/2 is a solution, because it elliminates a need for reconnect.

A practical solution is for browser to expire session id's and tickets after a short period of time - about 2h. According to the paper, Firefox has 1 day validity period for sessions, which i think is too long. Additionaly, disallow session tickets use for cross-origin requests. That should make use of session tickets impractical for tracking purposes, but will still allow browser to load fast. A more advanced solution is possible - allowing longer storage of tickets from servers, if user has a saved password for it.

Finally, while this is a valid concern, there is nothing sessions tickets of today's Firefox allow you to do, that is not possible with tracking IP addresses.

Privacy and security are more important than fast connections...with the resume tickets disabled I notice no difference in speed.

Just a little summary about WaterFox_v56.2.4 !

Since a few days there is one new warning (describe in this picture).
Next time @MrAlex94 could give your opinion about this matter ? Because (the update was done yesterday and) now I can confirm the fact : no you didn't rectify those trouble.

Privacy and security are more important than fast connections...with the resume tickets disabled I notice no difference in speed.

no they aren't.

Just a little summary about WaterFox_v56.2.4 !

Since a few days there is one new warning (describe in this picture).
Next time @MrAlex94 could give your opinion about this matter ? Because (the update was done yesterday and) now I can confirm the fact : no you didn't rectify those trouble.

Set this to 2:

security.tls.version.min

Firefox Test Case 2: TLS protected HTTP request and session resumption
The total time to get the web pages is 0.383s.

Firefox Test Case 3: TLS protected HTTP request and no session resumption
The total time to get the web pages is 0.419s.

See:
https://www.kth.se/social/files/554640caf2765477b39c6c2c/2G1305_Assignment_Asa_Pehrsson_050908.pdf

pref("security.tls.version.min",2);
I had found by my own but thank you @ilikenwf for the help (or the confirmation), truly I appreciate.

How long till this is implemented, so we don't have to tinker it in about:config ourselves/share the link issue to our peers?

I'm using ghacks user.js with a pretty large user.js file
personally...turned off even more stuff (all mozilla.org and google.com
telemetry except for addon updates), enabled some features ghacks disables,
and also setup tor's font list for my separate windows and linux installs.

I think it sets this too. https://github.com/ghacksuserjs/ghacks-user.js

On Sat, Jun 22, 2019 at 11:09 AM SpiritBob notifications@github.com wrote:

How long till this is implemented, so we don't have to tinker it in
about:config ourselves/copy this link explaining the procedure to our peers?

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/MrAlex94/Waterfox/issues/768?email_source=notifications&email_token=AADFIOSNUHVD3W4FBWMHT7TP3YB5BA5CNFSM4F6CHWOKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODYKHC5Q#issuecomment-504656246,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AADFIOVAA75TD7E45LNFUWLP3YB5BANCNFSM4F6CHWOA
.

defaultPref("security.ssl3.rsa_aes_128_sha",false);
lockPref("security.ssl3.dhe_rsa_aes_128_sha",false);
lockPref("security.ssl3.dhe_rsa_aes_256_sha",false);
lockPref("security.ssl3.ecdhe_ecdsa_aes_128_sha",false);
lockPref("security.ssl3.ecdhe_ecdsa_aes_256_sha",false);
lockPref("security.ssl3.ecdhe_rsa_aes_128_sha",false);
lockPref("security.ssl3.ecdhe_rsa_aes_256_sha",false);
lockPref("security.ssl3.rsa_aes_256_sha",false);
lockPref("security.ssl3.rsa_des_ede3_sha",false);
lockPref("security.ssl.enable_false_start",false);
lockPref("security.tls.enable_0rtt_data",false);
lockPref("security.tls.version.min",3);
lockPref("security.tls.version.max",4);

Warning :
It's just another reminder because Firefox-v71 will be release very soon (according to the Mozilla Calendar it will be done in december (then before the next year 2020)).

lockPref("security.ssl3.dhe_rsa_aes_128_sha",false);
lockPref("security.ssl3.dhe_rsa_aes_256_sha",false);
lockPref("security.ssl3.ecdhe_ecdsa_aes_128_sha",false);
lockPref("security.ssl3.ecdhe_ecdsa_aes_256_sha",false);
lockPref("security.ssl3.ecdhe_rsa_aes_128_sha",false);
lockPref("security.ssl3.ecdhe_rsa_aes_256_sha",false);
lockPref("security.ssl3.rsa_aes_256_sha",false);
lockPref("security.ssl3.rsa_des_ede3_sha",false);
lockPref("security.ssl.enable_false_start",false);
lockPref("security.tls.enable_0rtt_data",false);
lockPref("security.tls.version.min",3);
lockPref("security.tls.version.max",4);

If the intention is to lock these preferences in mainstream distributions of Waterfox:

• do not.

defaultPref("security.ssl3.rsa_aes_128_sha",false);
lockPref("security.ssl3.dhe_rsa_aes_128_sha",false);
lockPref("security.ssl3.dhe_rsa_aes_256_sha",false);
lockPref("security.ssl3.ecdhe_ecdsa_aes_128_sha",false);
lockPref("security.ssl3.ecdhe_ecdsa_aes_256_sha",false);
lockPref("security.ssl3.ecdhe_rsa_aes_128_sha",false);
lockPref("security.ssl3.ecdhe_rsa_aes_256_sha",false);
lockPref("security.ssl3.rsa_aes_256_sha",false);
lockPref("security.ssl3.rsa_des_ede3_sha",false);
lockPref("security.ssl.enable_false_start",false);
lockPref("security.tls.enable_0rtt_data",false);
lockPref("security.tls.version.min",3);
lockPref("security.tls.version.max",4);

I've tried this config in my own Waterfox profile before, but some of these settings broke too many needed websites for me, to the point I had to revert it. :frowning_face:

• Did you miss the word ? Which one ? Damn right the "Warning" !
• Did you really take the time to read ? Nevermind @grahamperrin I don't care because it's obvious, you aren't familiar with the file (usually called) "mozilla.cfg".
  Exactly you have made another mistake. There is several syntax and from my point of view, it's good enough to provide one little example because when you have the knowledge, it isn't a trouble !
• My intention ? It's only an alert for the people which are concern by the security.
• And about Waterfox ? It could be a suggestion for the futur (when the browser will be ready to publish one release based on Firefox-v71).

You're right @laniakea64 because it could be a trouble sometimes. That's why these settings could break a website.
But don't forget one thing : I had never mentionned Waterfox (in my previous post). Then in my case the number of website is very very very tiny.

Did you miss the word ?

No.

Which one ? Damn right

Watch your language; mind your manners.

Did you really take the time to read ?

Yes, including your earlier complaint about Alex not rectifying things, from which a person might assume that some other comments _also_ require Alex to change things for you, and for other users of the application.

If https://github.com/MrAlex94/Waterfox/issues/768#issuecomment-544146642 was _not_ about changes to the application you should have made it clear.

Re: language, please be aware that the word _warning_ is sometimes admonitory e.g. "… wagging an admonitory forefinger.". Perceptions such as finger-wagging may be likely where, for example, a person has previously complained about other people not doing things soon enough.

Another liar ! Because this time it's obvious.
My comment is very very very clear by the fact only one browser is mention.
- Remind me which one ? It's simple because like I said it's only about Firefox-v71 and I can't be more precise.
- For which reason ? The result has changed for the SSLtest and as reminder, at the origin the link is (already) on the first post. And if you need another reason December is very close (almost 2 months).
- Lie ? Because you pretend to have read my comment ! So this confusion it's only your fault and for that you are guilty. Don't pretend you made a mistake because you have miss the name of the browser ! And don't even try to find another false excuse !
- Did I ask something to change ? The answer is clearly no ! Despite these facts, the people who care about the security might be interested by my comment.

My language ? Well there is nothing wrong because you can't even be polite (hello, thanks, etc).
Don't you think that's you with this kind of behavior the trouble ? Don't even try to reply because it will sound like another lie. That's not my fault if you can't understand the word warning correctly.
By the way, that's enough and don't forget one thing : blame yourself (couple of liar)..

As you can guess now it's over and I won't try to help this project anymore.
To conclude, I don't except or need a reply. Because I'm already gone and trust me one day, you will have the feeling or sevreral regrets such as : we missed an opportunity to be respectful and now it's too late.

For the record, remind me who has report this issue ? Indeed it was myself and you didn't even take one tiny time to say something like : thank you WagnerGMD because you are right. The trouble wasn't rectify !

PS : By the way @MrAlex94 there is nothing strange. I was absent for several months and my behavior is normal. After all, you can blame @grahamperrin which has create this situation.
As we said in french : Ne jamais faire des conclusions hâtives !

@WagnerGMD, this is the last time I am going to reply to your rude comments, and if you carry on, I'll have to block you - your rudeness is spreading to other people now who volunteer their time to help with Waterfox.

Now, I'm going to reply to your very first comment about TLS 1.3 support. Please note this comment from an OpenBSD developer who knows exactly what he's talking about:

"Since there is effectively nothing wrong with TLS 1.2 with a sanely chosen cipher suite today, we believe a clean careful implementation is more beneficial than early adoption."

I don't think there has been any reason to think that anything has changed in regards to security using TLS 1.2 with good cipher. TLS 1.3 is supported in Waterfox Current if it is specifically needed for whatever reason.

Next, stop calling people liars as you clearly have a lack of understanding for the meaning of the word. Also, this is an issue tracker, not a off-topic discussion forum. It's implied within the context of the issue that you're offering some sort of solution for Waterfox.

I'm going to say this as kindly as I can. Unless you can provide level headed discussion, please do not comment at all.