The Firing Line Forums

Go Back   The Firing Line Forums > Forum Support > Site Questions and Tech Support (NO FIREARMS QUESTIONS)

Reply
 
Thread Tools Search this Thread
Old January 26, 2017, 04:18 PM   #1
foolzrushn
Senior Member
 
Join Date: April 29, 2015
Location: middle of the Santa Fe Trail
Posts: 396
TLS handshake failed

I have a 'not so smart' LG TV from which until recently, I was able to access TFL forums. This last week something changed, and now I get a message that the TLS handshake failed. Has there been a change in TLS protocol very recently at TFL? The TV browser seems to work on other forums and everything else as usual, only TFL has changed and gives me the error message.

TV manufacturers are bad about continuing to issue updates for their browsers, so I am probably stuck there. I miss being able to access the forum from bed at all hours when something wakes me. I know, but reading helps me get sleepy again. If I got up to use the computer I would be wide awake.

thx
__________________
If you feel that you're pretty important...you should think about your significance to the Universe....and re-evaluate !

certified 'soap welder'
foolzrushn is offline  
Old January 27, 2017, 09:47 AM   #2
tyme
Staff
 
Join Date: October 13, 2001
Posts: 3,355
Due to just-released (firefox) and imminent (chrome) requirements that all pages with login forms be served over ssl, TFL is now ssl-only as of about Jan 25.

Most likely, your TV wasn't using SSL before, and now it's forced to. Previously, SSL was available but there was no redirect, which meant that, for most people, there was effectively no SSL. Now there is. For those who had been using SSL, no SSL-related settings or parameters changed, as far as I know.

TFL is reverse-proxied through cloudflare. If your TV isn't compatible with cloudflare's SSL settings, there's an excellent chance that your TV's requirements are broken and/or insecure. I realize that shifting blame doesn't help fix the situation, but the only options are:

- TV manufacturer fixes whatever SSL limitation it has that's breaking things.
- TFL ditches cloudflare and goes back to normal. I'm hesitant to do this on the basis of one report of a (how old?) smart TV failing to deal with cloudflare's well-considered though perhaps slighly aggressive ssl configuration.

I'll add one other thing: if you can get diagnostic information (the REASON the tv was unable to complete the ssl handshake), and take a picture where the info is readable, that wouldn't hurt. However, it's also not very likely to help fix anything; it would probably only help identify what the TV is doing wrong.
__________________
“The egg hatched...” “...the egg hatched... and a hundred baby spiders came out...” (blade runner)
“Who are you?” “A friend. I'm here to prevent you from making a mistake.” “You have no idea what I'm doing here, friend.” “In specific terms, no, but I swore an oath to protect the world...” (continuum)
“It's a goal you won't understand until later. Your job is to make sure he doesn't achieve the goal.” (bsg)
tyme is offline  
Old January 27, 2017, 10:11 PM   #3
foolzrushn
Senior Member
 
Join Date: April 29, 2015
Location: middle of the Santa Fe Trail
Posts: 396
I guess I'm a little surprised that I'm the only one using a TV to access TFL. My LG is about 3 years old (not exactly sure..47LM6400-UA 47" 3D), and I am not sure what the browser OS is, really.

I would guess that other TVs might have the same problem with the switch to SSL only. It may be that I will lose other websites soon as, or if, they also switch to SSL.

I'm afraid that TV support for firmware is dismal...probably for all brands. I have read that the latest firmware push was to speed up gaming on the TV, but bundled with that is code to collect viewing/surfing information.

The updates had stopped until LG reconsidered an update as a revenue stream. There are some ULA changes associated with it and you can't back out once you start.

Using a TV for the Net is a stretch anyway. You have pinpointed the reason for the change, and I can see the dilemma. Security improvement. Should more complaints generate a change in situation, please let me know.

thanks

"the needs of the many outweigh the needs of the few"--Spock
__________________
If you feel that you're pretty important...you should think about your significance to the Universe....and re-evaluate !

certified 'soap welder'
foolzrushn is offline  
Old January 29, 2017, 08:40 AM   #4
tyme
Staff
 
Join Date: October 13, 2001
Posts: 3,355
I realize you don't want viewing habits and telemetry data leaked to LG, but refusing to update firmware on an internet-connected TV is probably even worse. And there's at least a chance that it would fix this problem.

Your TV is probably insecure. Your TV's browser is probably even worse. Browsing the web from a TV is begging to have your TV hacked.

Do you have a laptop or tablet with chrome? I think you could then "cast" that browser to a chromecast-enabled TV (or probably amazon fire tv, or roku, too). That's by far a better solution for browsing from a TV. It requires no direct internet connection, which is good because I don't trust TV manufacturers to implement or maintain anything internet-related.

How do you even browse TFL from a TV? Are you just looking at threads without typing anything, or do you have a better input setup than using the remote to direct the cursor over the on-screen keyboard? That seems like it would be extremely aggravating and painful.
__________________
“The egg hatched...” “...the egg hatched... and a hundred baby spiders came out...” (blade runner)
“Who are you?” “A friend. I'm here to prevent you from making a mistake.” “You have no idea what I'm doing here, friend.” “In specific terms, no, but I swore an oath to protect the world...” (continuum)
“It's a goal you won't understand until later. Your job is to make sure he doesn't achieve the goal.” (bsg)
tyme is offline  
Old January 29, 2017, 07:51 PM   #5
foolzrushn
Senior Member
 
Join Date: April 29, 2015
Location: middle of the Santa Fe Trail
Posts: 396
tyme

It's not that I don't want my viewing sold to someone. I'm just mad because I think LG didn't do this update to improve the processor speed/function for general surfing, but instead for tying up the ULA a little tighter.

Yes surfing is quite aggravating. The RAM in the TV is very limited. Too many pictures and it will crash. It is also very slow. The LGs have a 'magic remote' which is a motion activated rf remote. You need to peck out each letter, and if the text is too long (memory small) it may freeze and not file the post to TFL. The cursor drops off after about 5 seconds of inactivity, and will start to creep even when the remote is not being moved. It's a real task.

Several times I have typed up a post only to not be able to actually post it. However all that said, if it's 3 or 4 in the morning, it's more convenient to use the TV than to get up to use the computer.

I don't think I understand how you would 'cast' (connect the laptop and TV) a browser to the TV. I guess you are speaking of a bluetooth connection. Does that take another black box on the laptop? The TV can search for WIFI connections, but I have not investigated how to cast from the laptop. I use Firefox on my computer.

I share you concerns about security of the TV, but think that the TV may not be sophisticated enough to generally accept code from anyone but LG. I suspect that they have some special encoding when they push updates. Hackers may be more interested in hacking phones. People do a lot of financial things on phones.

I have a ROKU hardwired to the TV. I haven't gone through to LG store for apps. They have a limited selection. Some of the forums say it's a hassle and not very good. They want a credit card and I will not do that, because I might incur charges for things I don't want.

I think the browser may be an earlier version of Safari, but that's just what someone said on a forum. I don't know how I would be able to tell what it is. I would probably need to get into the maintenance menu to find it. Not for the general consumer.

Since I don't consider my TV to be all that old, I am wondering what will happen if all the log on sites go SSL only. Surely I am not the only one using the TV part time. Ebay, Yahoo, other forums, Utube, Craig's List...well TFL is the only log on site that prevents my use so far.
__________________
If you feel that you're pretty important...you should think about your significance to the Universe....and re-evaluate !

certified 'soap welder'
foolzrushn is offline  
Old January 31, 2017, 06:17 AM   #6
tyme
Staff
 
Join Date: October 13, 2001
Posts: 3,355
I expect any site that uses cloudflare would have the same problem, and that you've been fortunate in not encountering another one yet.

Update the TV's firmware. Hedging that hackers won't be interested in your TV is naive. If you don't like its spying features, don't connect the TV directly to the internet. Since you have a Roku and a laptop, I don't understand why you're using your TV's built-in internet functionality at all. If you disconnect it, which you should, it won't report anything to LG no matter what the EULA says.

Here's what "casting" means (different devices have slightly different ways of going about it):
https://www.cnet.com/how-to/roku-scr...droid-windows/
https://support.google.com/chromecas.../3228332?hl=en
__________________
“The egg hatched...” “...the egg hatched... and a hundred baby spiders came out...” (blade runner)
“Who are you?” “A friend. I'm here to prevent you from making a mistake.” “You have no idea what I'm doing here, friend.” “In specific terms, no, but I swore an oath to protect the world...” (continuum)
“It's a goal you won't understand until later. Your job is to make sure he doesn't achieve the goal.” (bsg)
tyme is offline  
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 08:40 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
This site and contents, including all posts, Copyright © 1998-2021 S.W.A.T. Magazine
Copyright Complaints: Please direct DMCA Takedown Notices to the registered agent: thefiringline.com
Page generated in 0.04642 seconds with 8 queries