I’m wondering if anyone that knows more about security issues than I do has identified the ways in which ZeroShell is no longer particularly secure. I’m starting to suspect it is the case in most areas where it tries to apply encryption. In particular the Firefox web browser is starting to get offended by ZS using TLS 1.0 for its user interface connection. Firefox is threatening to require TLS 1.2, but for the time being is allowing an exception to be applied to tolerate older versions.
I’m suspicious that the VPN and CA functions are probably using obsolete/weak ciphers as well.
Has anyone figured out how to hack better security into ZS? Or do we need to wait for Fulvio to bring these aspects up to date?