- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Re: SHA-1 has been officially broken, FVS devices don't support SHA-2
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
SHA-1 has been officially broken, FVS devices don't support SHA-2
I replied to an "Idea Exchange" post, but figured I would post this here as well.
SHA-1 has been successfully shown to have weaknesses. The Github repository website suffered a data corruption recently that was due to SHA-1 collisions. As of now, there is no support for any VPN hashing algorithm higher than SHA-1, in either the P1/P2 transport algorithms or the certificate. This makes the device too insecure to use for VPN purposes. Google, Microsoft, SSLabs, and many other security organizations have been warning about this for over 6 years......
This needs to be fixed! I get it, the FVS firmware hasn't had any major feature updates in a long time, so if you're just waiting until the next hardware rev to fix this, please at least respond & say so.
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: SHA-1 has been officially broken, FVS devices don't support SHA-2
Hi train_wreck,
Thanks for posting this information. This has been raised to the engineering team.
Regards,
DaneA
NETGEAR Community Team
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: SHA-1 has been officially broken, FVS devices don't support SHA-2
Just for information, the latest update to Cisco's RV042G router (a direct competitor to the FVS336G) has been updated to resolve this issue....
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: SHA-1 has been officially broken, FVS devices don't support SHA-2
Did you hear that? I heard a whip cracking! lol!
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: SHA-1 has been officially broken, FVS devices don't support SHA-2
So frustrating that Netgear is not taking security serriously. Netgear VPN firewalls do not support SHA-2. That's crazy.
And no one can give an ETA
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: SHA-1 has been officially broken, FVS devices don't support SHA-2
Honestly, I think Netgear may have given up on any substantial updates to the FVS line. The current devices (FVS318G, FVS336G) were released over 6 years ago, and the FVS line itself stretches back over 15 years. Just looking at the GUI interface, they certainly feel "old". Hell, it was only with the most recent 4.3.5 firmware last month that they bothered to get the copyright date on the interface updated from "2014".
Unfortunately, I see many of these devices still out in the wild....
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: SHA-1 has been officially broken, FVS devices don't support SHA-2
Unfortunatley, i think you hit the nail on the head. I wish Netgear would be more forthcoming. Maybe by not acting or offering more insight, they're saying all they need to say..... "we're not interested in security or updates."
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: SHA-1 has been officially broken, FVS devices don't support SHA-2
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: SHA-1 has been officially broken, FVS devices don't support SHA-2
I'm going to give netgear another 90 days to solve this and support SHA-256.
I don't have high hopes- but my fingers are crossed.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: SHA-1 has been officially broken, FVS devices don't support SHA-2
Hello,
are there any news on it? We need the SHA-2 support for our FVS318N too!
Additional question. The certificate for the https login to the config webpage is SHA-1 too. This need to be changed to SHA-2 certificate too! Will this be supported by Netgear in one of the next Firmware releases?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content