A simple SSL tweak could protect you from GCHQ/NSA snooping

http://www.theregister.co.uk/2013/06/26/ssl_forward_secrecy/

 

Another article about it here:

Perfect Forward Secrecy can block the NSA from secure web pages, but no one uses it

http://blogs.computerworld.com/encryption/22366/can-nsa-see-through-encrypted-web-pages-maybe-so

 

FWIW, in Wireshark you can:

1) Right click on a column, select Column Preferences, then add a custom column with properties: title Ciphersuite, field type custom, field name ssl.handshake.ciphersuite. Then make that column visible.

2) Create and apply a display filter: (ip.dst == YourIPAddress) && ssl.handshake.ciphersuite

Then using which ever browser, email client, etc you want, initiate SSL traffic and observe the ciphersuite selected by the various servers that are contacted. This approach has some limitations, such as the Source field often won't exactly match the host in the URL due to the DNS situation, and if you are doing SSL over non-standard ports you'll want to use the "Decode as..." feature to inform Wireshark of which protocols are being used. Yet, it is one way to survey things in a non-piecemeal fashion.

You can, if you wish, use File->Export Packet Dissections->As CSV to export those packets to a csv file, then in the csv file remove rows with duplicate Source fields, then sort things to get a boiled down list of the servers your machine contacted and the Ciphersuites that were used. Or look into cmdline/script approaches for a more elegant solution to deduping, sorting, etc.

 

You can also just use SSL test: https://www.ssllabs.com/ssltest/

e.g. a test for Wilders: https://www.ssllabs.com/ssltest/analyze.html?d=https://www.wilderssecurity.com/

Issues: No TLS 1.1/1.2, no forward secrecy, use of compression.

 

I suppose server operators trying to keep their load down might not like such ideas, but...

What about an addon/feature that allows you to specify, on a per-server basis, a reduced set of ciphersuites (known to be supported by the server through prior investigation)... thereby forcing the server to pick a stronger one than it would if the client offered the default set?

Perhaps this could even be automated, such that the client first offers a small set of strongest ciphersuites and if the server doesn't support one of those than the client offers its default set. I don't know if the SSL/TLS protocol supports that on the fly or whether it would require a full restart.

 

The article subjects: "A simple SSL tweak could protect you from GCHQ/NSA snooping" and "Perfect Forward Secrecy can block the NSA from secure web pages" is pretty misleading, what they fail to mention in both articles is that Perfect Forward Secrecy does not protect the website from a man-the-middle attack (using a CA-cert), it's only protecting against passive wiretapping.