Thread: Touch Deregister a Nook Simple Touch Reader
View Single Post
Old 11-22-2020, 05:21 PM   #8
DNSB
Bibliophagist
DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.
 
DNSB's Avatar
 
Posts: 46,681
Karma: 169712392
Join Date: Jul 2010
Location: Vancouver
Device: Kobo Sage, Libra Colour, Lenovo M8 FHD, Paperwhite 4, Tolino epos
Quote:
Originally Posted by rcentros View Post
Basically what they're saying is that, without the security update, your Nook (or other's Kindle or Kobo) can compromise B&N's (or Amazon's or Kobo's) servers, so they reject the connection until you have the newer protocol.
To disagree there, it is not the server being compromised but the communication link. SSL, TLS 1.0 and TLS 1.1 are no longer considered secure protocols so any information sent between your device and the vendor's servers is not protected. It's almost trivial to decrypt the packets and have someone's credentials, payment information, etc. revealed.

If you are using payment cards, you also run into the PCI DSS (Payment Card Industry Data Security Standard) which mandated disabling SSL and TLS 1.0 as of June 30, 2018 with TLS 1.1 being on the chopping block.

For what it's worth, the IETF has deprecated SSL, TLS 1.0 and TLS 1.1.
DNSB is online now   Reply With Quote