WingNews logo WingNews
top | item 38641809

(no title)

JTon | 2 years ago

> Digital distribution and lock-in are a disaster for historical preservation.

Agreed. This reality slapped me in the face quite hard after I was given an ipad 2 (circa 2011). I figured I'd use it as a couch-side device for spotify. Soon realized nothing worked on it, even with old version apps loaded. Server side shut it down.

discuss

order

dkonofalski|2 years ago

That's partially because of web security, though, if I'm not mistaken. I have an old Windows PC and an old Mac mini that I use as servers and, outside of local stuff that's bridged to the outside network (and heavily crippled), I can't do much on them because of the changes to the TLS protocol for SSL certs. That means that the browsers won't connect to most modern servers, any apps that hardcoded instances of TSL can't connect to the internet, and, if I managed to get something to connect, it would be a huge security risk for anything on those machines.

So, if the connection is being shut down on the server side, it's likely because of the TLS version mismatch. I thought it would be a simple solution just via updated software but was told (by peeps on Reddit, so it's likely to be total nonsense) that, although it can be updated, it won't run reliably on older hardware unless that hardware can also support newer OSs. Win7 and below (?) don't support it and MS won't provide updates with it and MacOS versions before Lion don't have it. I've heard you can also update OpenSSL by breaking the symlinks to the OS's install and get it working again but that's more hassle than I cared to put in.

Also, most of those old iPads are able to be jailbroken. You can update OpenSSL on them and probably get Spotify working again.

gnyman|2 years ago

Yes. Although I would disagree with the statement "it would be a huge security risk for anything on those machines"

Older TLS protocols have vulnerabilities yes, but most of them require a very motivated attacker with the ability to do a MITM.

I wrote a blog post about why I have decided to support older protocols, https://blog.nyman.re/2021/02/07/usability-security.html , the tl.dr. is that only allowing new TLS just means more forced obsoletion. For Banks and other sensitive things, yes it makes sense, for your personal blog, not so much.

I mean... Google still allows TLS 1.0 , if it was a "huge security risk", do you think they would?

The updating OpenSSL/breaking symlinks sounds interesting, do you have more info?

Personally I have a old iPhone 5S running iOS6 which I use for listening to podcasts. I ran in the the TLS issue there and my solution was to use a proxy https://bitbucket.org/ValdikSS/oldssl-proxy

Works well, and until maybe a year ago or I could even browse Apple's Podcast Store, but at some point that stopped working so now I'm stuck with the ones I have there.

(Cydia still works though... Thanks Saurik)