

What do you think of Backblaze utilizing subpar encryption? - masta
https://www.ssllabs.com/ssltest/analyze.html?d=backblaze.com

======
masta
A ssllabs scan of backblaze.com shows that they are using horrible encryption
at least on the webservers. TLS1.0, RC4 only, no Forward-Secrecy. I was
thinking about using their service for offsite-backups, but seeing this I'm
really uncomfortable with that idea.

I've contacted them about two months ago and had a brief discussion with their
support about that. Back then SSL3 was still enabled, so was compression. They
also supported 3DES. Now they've disabled 3DES (WTH?), compression and SSL3,
but left RC4 as the only cipher in place.

What do you think?

