Unable to access a particular site since Yesterday ...
-
christoph142 last edited by
Opera ASA remotely disabled SSLv3 on all Opera Presto installations to fight POODLE.
Your mentioned site is probably one of those 1% that still don't support any proper security protocol.You can read more about it here.
-
blackbird71 last edited by
What are those TTLLSSLLSSSssses?
Both SSL and TLS refer to Internet security protocols. "TLS" (transport layer security) protocols grew out of (but is intended to eventually replace) the SSL (secure socket layer) protocols. Because 'eventually' has not yet fully happened, there's currently some overlap, and the SSL, TLS, and https terms are often blurred. TLS 1, 1.1, and 1.2 (along with their associated protocols and ciphers) are the current TLS versions, with 1.3 still in the works. SSL3 is the term applied to a manifestation of SSL. The two kinds of protocols (TLS and SSL) differ in what ports are used, what the handshaking sequence is, and various other details. The key point is that the "Poodle" exploit has shown that SSL3 can be readily be broken procedurally and is no longer deemed able to preserve user data security over the Internet.
As things are supposed to work, a user's computer and a website are intended to negotiate over the best (toughest) security protocol and ciphers mutually available to use for the communications session. If a given form is not available, then the next best form is negotiated, and so on. Not all sites bother to support the negotiation or implement it properly, and instead just push their SSL3; likewise, not all browsers handle equally the negotiation to a different-than-intial protocol level. Hence "stuff" happens, especially as SSL3 is now being deprecated, both in browsers and at sites... but not necessarily in the same way by all the players.
-
blackbird71 last edited by
Opera ASA remotely disabled SSLv3 on all Opera Presto installations to fight POODLE. ...
@christoph142, thank you for that comment! Somehow, I had run right past the statements about Presto when I earlier read the material in that link - I only picked up their references to Opera 25 and such. I commend Opera for their responsibility in sending the SSL3-disable update to existing Presto installations, since the data-compromise threat otherwise is very real and will only become more so in coming weeks.
-
blackbird71 last edited by
So, am I officially disabled or am I TLS'd?
Make sure by checking: Ctrl+F12 > Advanced > Security > Security Protocols > verify that "Enable SSL3" is UNchecked > OK > OK. Though whether you're officially disabled might require a doctor's assessment.
-
A Former User last edited by
Yeah, I've made sure;)
And by the way, this site's - TLS v1.2 128 bit AES (1024 bit DHE_RSA/SHA). -
blackbird71 last edited by
... this site's - TLS v1.2 128 bit AES (1024 bit DHE_RSA/SHA)?
That means it's using the TLS 1.2 protocol version, and the other terms refer to the encryption standard and cipher suites being used.
-
blackbird71 last edited by
(duplicate post deleted - BB. Something keeps mis-firing with the forum right now where edits are sometimes being posted as new posts.)
-
rseiler last edited by
News of this unprompted update was slipped in at the end of this blog post, in case anyone was curious:
http://blogs.opera.com/security/2014/10/security-changes-opera-25-poodle-attacksIt has a most negative impact here (12.17, Windows 8.1) in that it causes Opera to crash. I've had quite a fun week changing the settings back, only to find them flipped again. I'm not sure why security protocols would cause this, but they definitely do, at least here. I'm curious if anyone else has seen it happen.
I need the original settings: SSL3 and TLS1 on only for stability. When they're flipped off and TLS2/TLS3 are flipped on, at some seemingly random point later, Opera crashes.
I'm not quite sure yet how to stop Opera from changing it on me, as disabling automatic updates doesn't do it. Blocking autoupdate.opera.com at the hosts/firewall level may do it, but that's not confirmed.
-
blackbird71 last edited by
News of this unprompted update was slipped in at the end of this blog post, in case anyone was curious:
http://blogs.opera.com/security/2014/10/security-changes-opera-25-poodle-attacks
It has a most negative impact here (12.17, Windows 8.1) in that it causes Opera to crash. I've had quite a fun week changing the settings back, only to find them flipped again. I'm not sure why security protocols would cause this, but they definitely do, at least here. I'm curious if anyone else has seen it happen.
I need the original settings: SSL3 and TLS1 on only for stability. When they're flipped off and TLS2/TLS3 are flipped on, at some seemingly random point later, Opera crashes.
I'm not quite sure yet how to stop Opera from changing it on me, as disabling automatic updates doesn't do it. Blocking autoupdate.opera.com at the hosts/firewall level may do it, but that's not confirmed.I've not had any instability issues with my several Presto Opera versions since the SSL3 updating was announced. However, I had already manually disabled SSL3 on them some time back, when suspicions first emerged about SSL3 security... and whether that affected Opera's 'pushed' SSL3-blocking update to my installations, I can't say.
What I have seen is some website incompatibility in the SSL3-blocked Opera versions, akin to that described in this thread, but no browser instability. Likewise, I had manually tweaked my 11.52 version back to enable SSL3 a couple of days ago, and when I checked it tonight, it was still set that way (and operating appropriately with an SSL3 test site)... so I can't verify that Opera is continually pushing a block of the SSL3 setting - at least to installations like mine that have their auto-updating "turned off".
-
rseiler last edited by
@blackbird, auto-updating turned to off didn't stop it for me. It changed it several times after doing that. So far, at least, blocking autoupdate.opera.com has stopped it, but I won't be 100% sure until tomorrow.
When you set yours manually, you're unchecking SSL3 and checking the other three items? Or are you unchecking SSL3 and leaving only TLS1 checked? I'm just wondering if the way you're setting it matches the way Opera is so we're sure that it's a direct comparison.
-
johnwaynecrazy last edited by
I'm having the same problem with Opera 12.17 randomly crashing on Windows 8.1. Sometimes it will be fine for an hour or so and then crash, sometimes it crashes back to back every few minutes. I'm using the x64 version.
I'll try changing the SSL3 setting and see if that stops the problem for me.
-
blackbird71 last edited by
... When you set yours manually, you're unchecking SSL3 and checking the other three items? Or are you unchecking SSL3 and leaving only TLS1 checked? ...
When I manually set it, I uncheck SSL3 and check (or leave checked) all the others.
-
A Former User last edited by
This is interesting, as my Opera 12.17 has been crashing a lot recently too.
I thought it was being caused by the Flash plugin, but now I'm not so sure of course!
I can be using the browser perfectly normally, and suddenly without any warning or error messages, it will just suddenly shut down.
I've even seen it do it when it was minimised to the system tray and not being used!
On restart I always send the error report, but as usual it only ever says "there is no detailed information about this crash".
-
Deleted User last edited by
On restart I always send the error report, but as usual it only ever says "there is no detailed information about this crash".
Dave, the answer has to be that the devs are simply totally involved on working on the new browser. In all probability, there is not only no development of the Presto version but no maintenance of it as well. Reports of crashes are in all likelihood ignored at this juncture. That's a guess, mind you, but I would expect that is now the case.
-
A Former User last edited by
Almost certainly true sadly, but I don't actually remember crash reports ever saying anything other than that when Opera 12 WAS the current version!
Anyway, it's just my sad "whistling in the wind" way of trying to remind the guys at Opera that there ARE people actually still using Opera 12.
I still always send the crash reports from Windows XP to Microsoft as well, for the same reason!
:jester: -
A Former User last edited by
Microsoft still sends me security updates time to time.
I alwayss choose "manual" to see what's in the parcel*:)* -
rseiler last edited by
Is anyone who's experiencing crashing attributable to this settings change (i.e. change it back, no crashes) not running Win81? So far, everyone who's mentioned it is, but the sampling is small so far so it doesn't mean much yet.
Maybe we can figure out a way to actually have SSL3 disabled and have stability too. I should note that due to another issue with 12.x and some https sites, I have OCSP verification disabled. I did that a week or two ago though, and so that alone is not causing the instability. However, it's another variable in this worth mentioning.
BTW, those interested should check out the blog post comments at the link I posted above. HΓ₯vard has commented on the issue.
-
Deleted User last edited by
@rseiler: is "this" what you were referring to:
"Finally, Opera 12 on desktop is taking the lead with disabling SSLv3 support! Since we are not able to apply the countermeasure to all of the remaining Opera 12 installations (and it also does not support TLS_FALLBACK_SCSV), we have remotely turned off SSLv3. This will be automatically distributed to all Opera 12 desktop installations in the next few days. Weβre allowing ourselves to be a bit experimental with this, so users who have not yet upgraded to Opera 25 may see more of the broken servers, and we will get some experience in turning off SSLv3..."? -
blackbird71 last edited by
Simply 'turning off' SSL3 shouldn't crash the browser. It might affect how or if a site responds to Opera, but it shouldn't have direct impact to Opera (the program itself). I've manipulated the Presto manual SSL/TLS settings on and off for years and never seen any adverse effects beyond some site suddenly appearing to act up (usually it appears as a notice of being unable to complete the connection). So whatever is going on would seem to be beyond just a simple flipping of the SSL3 setting... that is, there has to be more to it than just that setting alone, with regard to the crashes.