Dreamhost offers free SSL/TLS through SNI for their shared hosting accounts. When this service was first released, it was limited to an RC4 ciphersuite and TLSv1.0. For most applications, RC4 is no longer a preferred cipher within the cryptographic community (Matthew Green’s blog post).
Dreamhost now supports TLSv1.0, TLSv1.1, and TLSv1.2 with the following cipher suites:
Other than Triple-DES being a little on the weak side, this is now a very solid and modern list of ciphers.
In viewing one of those "…you won’t believe what happens next…" sites, I ran across a pretty well formed fraudulent website attempting to get me to install malware/spyware. I’m used to most of these attempts sounding very alarmist as they try to get me to download and install something.
Other than the Chrome logo and the URL, this is a well formatted and convincing page. It’s even accurate. I was using Chrome 35 on Windows.
tidgubi.com was not affected by the Heartbleed bug. For HTTPS connections, tidgubi.com uses OpenSSL without the vulnerable heartbeat feature enabled.
For any iOS users that gave up on Google Wallet due to the inability to login using an Authenticator, Version 2.0.13611 Released February 4, 2014 fixes this bug. Now that I can authenticate, I happy to have another option to Passbook for the sake of having options and to add my rewards programs that don’t work with Passbook.
This bug made it impossible to authenticated to Google Wallet if you had a single device with Google Authenticator and Google Wallet as well as a long & complex password. Backgrounding the Google Wallet App, would cancel the authentication process, so you would have to copy your Authenticator code before entering your password. If it took longer than 30 seconds to switch apps and enter your password, your code would expire…