3

I have a tablet from 2011 (Prestigio MultiPad PMP3384B) with Android 2.3 which I use occasionally. I’ve experienced recently that I cannot view some webpages (https://www.nytimes.com/, for example) as they force using HTTPS (even if they provide public information mostly…). Presumably, it’s caused by a TLS version the device does not know.

screnshot of the tablet with an error “A secure connection could not be established.”

On the contrary, https://www.google.com loads and http://www.google.com also works well (no redirection).

screenshot of displaying https://www.google.com/ screenshot of displaying http://www.google.com/

I checked the TLS version supported by www.nytimes.com (by following the article How to check what SSL/TLS versions are available for a website?):

$ nmap --script ssl-enum-ciphers -p 443 www.nytimes.com | grep TLSv | TLSv1.2:

The output for Google is:

$ nmap --script ssl-enum-ciphers -p 443 www.google.com | grep TLSv | TLSv1.0: | TLSv1.1: | TLSv1.2:

What I’ve also tried:

Is there any way to view TLS 1.2 only websites on such a device?

Improve this question
5
  • 2
    Have you looked to see if there's any opensource firmware available for the tablet? If not, it shouldn't be utilized for internet access or be connected to any kind of network due to being a massive security risk (it's missing 9yrs of security patches). Commented Nov 22, 2019 at 11:28
  • Alternatively, does the tablet allow installing custom HTTPS CA certificates (some manufacturers disallow this)? I was looking into making a Squid proxy that would intercept TLS, for my Win9x VMs. Commented Nov 22, 2019 at 12:00
  • @JW0914 Of course, I’m not going to use it for online banking, just viewing public webpages… I have found some forum topic regarding the alternative firmware but as it’s closed source and anonymous, it could be a security risk, too. Commented Nov 22, 2019 at 12:38
  • @grawity A proxy server intercepting TLS (and possibly converting it to HTTP as Connect to an https service using an http-only client suggests) would help but I’d prefer being able to view the web without turning on the PC (in another room). Commented Nov 22, 2019 at 12:42
  • @Melebius I know this doesn't address your question, but I believe the following important to stress: That device makes any network it's connected to vulnerable, so if it's on your LAN, you're taking a significant risk. Android 2.3 is as bad as running WinXP on a PC and using it for internet access - it's ill-advised due to the hundreds of known security exploits and it's likely vulnerable to all known forms of ransomware. If you must use the tablet, please don't store data on it & put it on its own vLAN (prevent it from accessing any other device and any other device from accessing it). Commented Nov 22, 2019 at 12:54

1 Answer 1

Reset to default
0

You can use Opera Mini, which still supports Android 2.3 and uses its servers to compress data.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.