Hacker News new | past | comments | ask | show | jobs | submit login
Tell HN: AT&T Fiber is breaking TLS handshakes
8 points by beering 49 days ago | hide | past | favorite | 3 comments
A lot of people didn't realize this was a widespread issue until they saw other people point it out (me included), so I thought I'd post it here. It's at least affecting the Bay Area.

AT&T Fiber seems to be sometimes flipping a bit in the TLS handshake, causing TLS connections to break. This can show up as connections to TLS sites not working on the first try, your browser stuck on "Performing a TLS handshake", SSL_ERROR_BAD_MAC_READ in Firefox, etc.

If you tunnel your browsing through a VPN, that will work around this issue. It doesn't seem like anything else obvious is affected - gaming, video calls, etc. seem to work fine.

I've been seeing this for the better part of a month after changing locations with AT&T Fiber. I thought it was due to my move, but the TLS issue definitely occurs when directly connected to the RG. Even more fun is it only seems to repro with certain sites.

AT&T replaced the RG and I still encounter the same issues.

The TLS issues do not repro when I'm connected to my hotspot.

There also also recent twitter reports on this. https://twitter.com/vikxin/status/1331334687978000385

I'm failing to connect to California DMV (https://www.dmv.ca.gov/) website via Comcast in Bay Area -- curl says "TLS connection was non-properly terminated." But curl from cloud VPS succeeds.

Same issue with DSL, in Palo Alto.

I am sure it's an honest mistake, nothing nefarious.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact