3DES_EDE_CBC cipher is weak in the current TBB configuration!
From The Design and Implementation of the Tor Browser [DRAFT]:
we also enable TLS False Start via the Firefox Pref security.ssl.enable_false_start. From TLS False Start https://tools.ietf.org/html/draft-bmoeller-tls-falsestart-00 generally symmetric ciphers with an effective key length of 128 bits or more can be considered strong. In TLS 1.2 [RFC5246], this allows all cipher suites except those using the NULL or 3DES_EDE_CBC ciphers Detected by https://www.ssllabs.com/ssltest/viewMyClient.html TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa) 112 In
trueWhy is this security hole still present?