Home / Companies / Cloudflare / Blog / Post Details
Content Deep Dive

End of the road for RC4

Blog post from Cloudflare

Post Details
Company
Date Published
Author
John Graham-Cumming
Word Count
550
Company Posts That Month
11
Language
English
Hacker News Points
-
Summary

On February 23, 2015, Cloudflare disabled the RC4 encryption algorithm for all SSL/TLS connections to its sites due to security concerns. The company had previously deprecated RC4 in May 2014 and noted that some users still required it, particularly those using old mobile phones and Windows XP. However, recent data showed a significant decline in RC4 usage, with almost all remaining requests coming from old phones and Windows XP users. Additionally, some connections were traced back to SSL-intercepting proxy software using RC4. Cloudflare decided to disable the protocol completely due to its lack of security and the availability of more secure alternatives.

Trends Found in this Post

No tracked trend matches for this post yet.