DuckDuckGo Privacy Essentials rates synoforum.com B+

Currently reading
DuckDuckGo Privacy Essentials rates synoforum.com B+

3,979
1,369
NAS
DS4l8play, DS202j, DS3623xs+, DSM 7.3.3-25847
Two reports noted (similar to the "Community"...
Xop8aWj.png


dbjgf75.png
 
there isn’t problem of the synoforum.com site

based on ToS;DR:
Regarding the DuckDuckGo extension, when a site review hasn’t been uploaded to our database, the extension sets its rating to B+ by default, but shouldn’t necessarily represent our official rating.

whether it seems to me that the number of nonsensical steps leading to the feeling of virtual privacy is becoming so complicated that the system is damaging itself.
 
Last edited:
To sooth your mind, you can always run a check on Qualys SSL Labs :) It Ranked the page with an A

A+ could be achived by settings the server configuration to:
- remove weaker TLSv1.2 ciphers (at the cost of loosing old clients)
- enforce OCSP Stapling (not sure if this realy adds to the calculated score)

Those TLSv1.2 ciphers can be removed savely:
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384

Though removing the TLSv1.2 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA cipher, would cause problems with severall older Safari versions:
- Safari 6 on iOS 6.0.1
- Safari 7 on iOS 7.1 and OS X 10.9
- Safari 8 on iOS 8.4 and OS X 10.10
 
Last edited:
Can somebody point me to a site other than the DDG home page that isn't B+ or lower.
I don't think I've ever seen an A site in all those I browse
 
I've just run the Qualsys tests on my forum portal and ended up in a fit of the giggles. Okay I got an A+ rating, but.....

BEAST attack Mitigated server-side (more info)
POODLE (SSLv3) No, SSL 3 not supported (more info)
POODLE (TLS) No (more info)
Zombie POODLE No (more info)
GOLDENDOODLE No (more info)
Sleeping POODLE No (more info)

Still chuckling.....
 
Last edited:
I am not sure if we interpret the results as the same:
my understanding is that you setup does not "support" (as in is not affected by) those attack vectors. I guess one would need to run very old versions of nginx or apache to be affected by those attacks.

True, the names are kind of odd...
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

Oh no :( The cave is the only option.
Replies
2
Views
2,279
We all know that FB will surreptitiously find a way to grab photos without user consent, and when they're...
Replies
1
Views
1,171

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top