SHA-1 Hashing and Old Cipher Suites

While the app does use TLS 1.2, when you actually make connections to, the connections themselves are using antiquated hashing algorithms. After starting the client and connecting, I used Wireshark to find that the app itself was attempting to communicate with - A Blizzard server. If I disable Sha 1 on my system or disable TLS_RSA_WITH_AES_256_CBC_SHA I can no longer connect to Blizzard is using vulnerable encryption algorithms as a requirement to connect to Firstly, SHA 1 is no longer safe to use. Secondly, pick a better cipher suite for your services. While Microsoft may include them by default in Windows, they consider it up to the end user to secure their communications. I normally only use 4 cipher suites that use GCM and forward secrecy with the SHA-1 hashing disabled (this is different for certificate signatures and SHA-1 is just fine for that). Before I can connect to I have to enable vulnerable algorithms (that I previously disabled) which may lead to the compromise of my communications with other systems (since the world doesn’t revolve entirely around Blizzard).

Bottom Line - Get rid of the SHA-1 hashing on - @Blizzard THIS MEANS YOU. If that’s too much to ask for then at least add secure hashing and algorithms for people who want that support (You don’t have to remove the old algorithm but please enable a secure hashing algorithm)