PodcastUtilities and TLS

We have built a new version of PodcastUtilities this month. The source code and a prebuild package for Windows is now available.

We do have plans for PodcastUtilities but for the moment we are doing maintenance releases.

We have started noticing that some podcast providers are using an encrypted channel to distribute podcasts. I am not completely sure what attack vector is being mitigated by this but some providers do and some dont. If a provider does decide to encrypt then there is a problem. The original encrypted standard SSL 3 and its successor TLS 1.0 is no longer considered secure. This standard has deficiencies which were addressed by TLS 1.1 and TLS 1.2. The PCI Council recommend that SSL 3 and TLS 1.0 be prohibited by July 2018.

As a result we have noticed a number of sites that do not offer podcasts on un-encrypted channels and also now refuse a connection using the older TLS 1.0.

This has meant we have seen errors like this.

Error in: Test Match Special
 System.IO.IOException: Received an unexpected EOF or 0 bytes from the transport stream.
   at System.Net.TlsStream.EndWrite(IAsyncResult asyncResult)
   at System.Net.PooledStream.EndWrite(IAsyncResult asyncResult)
   at System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar)

The change in PodcastUtilities is to request that TLS 1.1 or TLS 1.2 be used, however this can only be done if the OS supports these protocols. The support on windows is not uniform and for versions before Windows 8 support needs to be manually added.

Where there is no support, for example Windows XP PodcastUtilities will be unable to download over an encrypted channel however non encrypted channels should continue to work. You could also try using a VPN as it may be acting as a TLS proxy for you.

The new version (2.2.2.0) is now in GitHub and also available as a binary download if you just want to run PodcastUtilities.