Showing posts from July, 2015

Protect Google Chrome against Logjam Vulnerability

Determine if you're vulnerable to the Logjam Attack - go to with your chrome browser and see if you get a blue bar (good) or a red one (bad).

When I tried this Firefox was OK, Google Chrome was not.

I fixed this by editing /usr/bin/google-chrome and adding the --cipher-suite-blacklist parameter.

# Make sure that the profile directory specified in the environment, if any,
# overrides the default.
if [[ -n "$CHROME_USER_DATA_DIR" ]]; then
  # Note: exec -a below is a bashism.
  exec -a "$0" "$HERE/chrome" --user-data-dir="$CHROME_USER_DATA_DIR" --cipher-suite-blacklist=0xcc15,0x009e,0x0039,0x0033 "$@"
  exec -a "$0" "$HERE/chrome" --cipher-suite-blacklist=0xcc15,0x009e,0x0039,0x0033 "$@"

as shown above. will tell you which ciphers your browser currently supports.