A ssllabs scan of backblaze.com shows that they are using horrible encryption at least on the webservers. TLS1.0, RC4 only, no Forward-Secrecy. I was thinking about using their service for offsite-backups, but seeing this I'm really uncomfortable with that idea.
I've contacted them about two months ago and had a brief discussion with their support about that. Back then SSL3 was still enabled, so was compression. They also supported 3DES. Now they've disabled 3DES (WTH?), compression and SSL3, but left RC4 as the only cipher in place.
I've contacted them about two months ago and had a brief discussion with their support about that. Back then SSL3 was still enabled, so was compression. They also supported 3DES. Now they've disabled 3DES (WTH?), compression and SSL3, but left RC4 as the only cipher in place.
What do you think?