Unable to access a particular site since Yesterday ...

blackbird71

blackbird71

(duplicate post deleted - BB. Something keeps mis-firing with the forum right now where edits are sometimes being posted as new posts.)

rseiler

rseiler

News of this unprompted update was slipped in at the end of this blog post, in case anyone was curious:
http://blogs.opera.com/security/2014/10/security-changes-opera-25-poodle-attacks

It has a most negative impact here (12.17, Windows 8.1) in that it causes Opera to crash. I've had quite a fun week changing the settings back, only to find them flipped again. I'm not sure why security protocols would cause this, but they definitely do, at least here. I'm curious if anyone else has seen it happen.

I need the original settings: SSL3 and TLS1 on only for stability. When they're flipped off and TLS2/TLS3 are flipped on, at some seemingly random point later, Opera crashes.

I'm not quite sure yet how to stop Opera from changing it on me, as disabling automatic updates doesn't do it. Blocking autoupdate.opera.com at the hosts/firewall level may do it, but that's not confirmed.

blackbird71

blackbird71

News of this unprompted update was slipped in at the end of this blog post, in case anyone was curious:
http://blogs.opera.com/security/2014/10/security-changes-opera-25-poodle-attacks
It has a most negative impact here (12.17, Windows 8.1) in that it causes Opera to crash. I've had quite a fun week changing the settings back, only to find them flipped again. I'm not sure why security protocols would cause this, but they definitely do, at least here. I'm curious if anyone else has seen it happen.
I need the original settings: SSL3 and TLS1 on only for stability. When they're flipped off and TLS2/TLS3 are flipped on, at some seemingly random point later, Opera crashes.
I'm not quite sure yet how to stop Opera from changing it on me, as disabling automatic updates doesn't do it. Blocking autoupdate.opera.com at the hosts/firewall level may do it, but that's not confirmed.

I've not had any instability issues with my several Presto Opera versions since the SSL3 updating was announced. However, I had already manually disabled SSL3 on them some time back, when suspicions first emerged about SSL3 security... and whether that affected Opera's 'pushed' SSL3-blocking update to my installations, I can't say.

What I have seen is some website incompatibility in the SSL3-blocked Opera versions, akin to that described in this thread, but no browser instability. Likewise, I had manually tweaked my 11.52 version back to enable SSL3 a couple of days ago, and when I checked it tonight, it was still set that way (and operating appropriately with an SSL3 test site)... so I can't verify that Opera is continually pushing a block of the SSL3 setting - at least to installations like mine that have their auto-updating "turned off".

rseiler

rseiler

@blackbird, auto-updating turned to off didn't stop it for me. It changed it several times after doing that. So far, at least, blocking autoupdate.opera.com has stopped it, but I won't be 100% sure until tomorrow.

When you set yours manually, you're unchecking SSL3 and checking the other three items? Or are you unchecking SSL3 and leaving only TLS1 checked? I'm just wondering if the way you're setting it matches the way Opera is so we're sure that it's a direct comparison.

johnwaynecrazy

johnwaynecrazy

I'm having the same problem with Opera 12.17 randomly crashing on Windows 8.1. Sometimes it will be fine for an hour or so and then crash, sometimes it crashes back to back every few minutes. I'm using the x64 version.

I'll try changing the SSL3 setting and see if that stops the problem for me.

blackbird71

blackbird71

... When you set yours manually, you're unchecking SSL3 and checking the other three items? Or are you unchecking SSL3 and leaving only TLS1 checked? ...

When I manually set it, I uncheck SSL3 and check (or leave checked) all the others.

A Former User

This is interesting, as my Opera 12.17 has been crashing a lot recently too.
I thought it was being caused by the Flash plugin, but now I'm not so sure of course!
I can be using the browser perfectly normally, and suddenly without any warning or error messages, it will just suddenly shut down.
I've even seen it do it when it was minimised to the system tray and not being used!
On restart I always send the error report, but as usual it only ever says "there is no detailed information about this crash".

Deleted User

Deleted User

On restart I always send the error report, but as usual it only ever says "there is no detailed information about this crash".

Dave, the answer has to be that the devs are simply totally involved on working on the new browser. In all probability, there is not only no development of the Presto version but no maintenance of it as well. Reports of crashes are in all likelihood ignored at this juncture. That's a guess, mind you, but I would expect that is now the case.

A Former User

Almost certainly true sadly, but I don't actually remember crash reports ever saying anything other than that when Opera 12 WAS the current version!
Anyway, it's just my sad "whistling in the wind" way of trying to remind the guys at Opera that there ARE people actually still using Opera 12.
I still always send the crash reports from Windows XP to Microsoft as well, for the same reason!
:jester:

A Former User

Microsoft still sends me security updates time to time.
I alwayss choose "manual" to see what's in the parcel*:)*

rseiler

rseiler

Is anyone who's experiencing crashing attributable to this settings change (i.e. change it back, no crashes) not running Win81? So far, everyone who's mentioned it is, but the sampling is small so far so it doesn't mean much yet.

Maybe we can figure out a way to actually have SSL3 disabled and have stability too. I should note that due to another issue with 12.x and some https sites, I have OCSP verification disabled. I did that a week or two ago though, and so that alone is not causing the instability. However, it's another variable in this worth mentioning.

BTW, those interested should check out the blog post comments at the link I posted above. Håvard has commented on the issue.

Deleted User

Deleted User

@rseiler: is "this" what you were referring to:
"Finally, Opera 12 on desktop is taking the lead with disabling SSLv3 support! Since we are not able to apply the countermeasure to all of the remaining Opera 12 installations (and it also does not support TLS_FALLBACK_SCSV), we have remotely turned off SSLv3. This will be automatically distributed to all Opera 12 desktop installations in the next few days. We’re allowing ourselves to be a bit experimental with this, so users who have not yet upgraded to Opera 25 may see more of the broken servers, and we will get some experience in turning off SSLv3..."?

blackbird71

blackbird71

Simply 'turning off' SSL3 shouldn't crash the browser. It might affect how or if a site responds to Opera, but it shouldn't have direct impact to Opera (the program itself). I've manipulated the Presto manual SSL/TLS settings on and off for years and never seen any adverse effects beyond some site suddenly appearing to act up (usually it appears as a notice of being unable to complete the connection). So whatever is going on would seem to be beyond just a simple flipping of the SSL3 setting... that is, there has to be more to it than just that setting alone, with regard to the crashes.

rseiler

rseiler

It is more than disabling SSL3 though: it's also enabling TLS11 and TLS12, so a total of three changes are being pushed out (though that's the way you're running without incident). I've been meaning to test just disabling SSL3 (i.e. TLS1 is the only thing enabled), but I'm not in a period right now where I can crash out again. I'll try it soon though. Unfortunately, this is not the sort of thing you can easily test in that when it happens seems completely random. I have not id'd particular sites that trigger it, so replicating it on demand isn't possible yet.

BTW, do you also have OCSP disabled? And what OS do you have?

blackbird71

blackbird71

(Duplicate post - deleted by BB. I continue to get duplicates occasionally instead of "edited" ones upon submission in this forum)

blackbird71

blackbird71

...
BTW, do you also have OCSP disabled? And what OS do you have?

I'm running Win7Pro-64 most of the time; occasionally I run XP. No, I've not disabled OCSP on any of my Opera installations.

A Former User

I re-enabled SSL3 as a test, and didn't have any crashes for several hours.
The browser has just crashed again however, and I checked and SSL3 was still enabled, along with the others which I didn't change.
I've now disabled everything except TLS1, so I'll see how that goes.
I'm on 32bit XP BTW.

andrey-vi

andrey-vi

"Thanks" for "updating" Opera 12.x…

First crash for me dating back to October 16 and browser is not usable from that day because of infinite crashes.

Opera 12.17 x64, Windows 8.1 x64.

Does anyone know how to fix this?

If this is impossible I have to switch to Firefox after 10 years with Opera. Opera based on Chromium is not usable for me.

unstandable

unstandable

I am using 12.17 on Windows 8.1 and had been having the same crashing problem recently. I was able to stop the crashing by typing "opera:config" into the address bar, searching for "SSL" and checking "Enable SSL v3", then searching for "TLS" and unchecking "Enable TLS v1.1" and "Enable TLS v1.2".

rseiler

rseiler

Opera employee Håvard said (in the above blog post, comments section) that "If you manually change the tls settings through opera:config, the Opera 12.17 update system will leave them alone," so that should be one way to stop it. I haven't tested that way.

Blocking autoupdate.opera.com in hosts or firewall also prevents updating.

Original configuration (no problem):
SSL 3: ON
TLS 1: ON
TLS 1.1: OFF
TLS 1.2: OFF

Automatically changed configuration (crashes for some):
SSL 3: OFF
TLS 1: ON
TLS 1.1: ON
TLS 1.2: ON

Working alternative here:
SSL 3: OFF
TLS 1: ON
TLS 1.1: OFF
TLS 1.2: OFF

Enabling of the higher TLS's (one or both) seems to be the issue.