Error: A secure connection cannot be established because this site uses an unsupported protocol.
-
A Former User last edited by
I'm so tired of all this security ruining my web browsing experience. Can't even log into Chase bank anymore in 12.17
-
blackbird71 last edited by
I'm so tired of all this security ruining my web browsing experience. Can't even log into Chase bank anymore in 12.17
I realize your frustration. Nevertheless, take a closer look at what you've written: 'security is ruining your web browsing experience.' What you probably meant was: the problems resulting from evolving security protocols are ruining your web experience. Two realities exist: the level of security necessary to doing something on the web depends on the importance of what that 'something' is; and the eternal enemy of necessary security is convenience.
Older security protocols are being deprecated because they inadequately protect against the evolving penetration threat world. Newer protocols, while having their own security limitations, are deemed better than the old ones at countering penetration. Setting up secure Internet connections involves a browser and a website negotiating both an adequate communication protocol and an accompanying encryption scheme, all specified and supported by a published site certificate. The protocols, encryption schemes, and certs that are available for use depend on the user's OS, the browser, and the website's server. All of them have to fully line up properly in a manner compatible with the negotiating methodology supported by both the site and browser. In some ways, it's a minor miracle that it all works, ordinarily.
But add to this mix the issues of aging OS's, aging browsers, differing browser security design philosophies, websites that aren't properly set up (or whose operators simply don't care about a particular browser), and certs that are not appropriate or kept up-to-date, and a difficult situation can easily become impossible. That is, the secure connection of browser and website cannot be achieved using the elements at a hand for a particular user. This problem is becoming particularly acute for a browser as old as Opera 12.xx (or earlier). What passed for 'secure' at the time of its design is no longer deemed so secure; how its certs are kept up to date is no longer the way most browsers achieve it; its security protocol negotiations don't reflect the current most-secure philosophies, protocols, and encryption schemes being incorporated across the web; and, last but certainly not least, it's no longer being maintained by its designers - which means there are only so many band-aids or tweaks that can be applied by a knowledgeable user to get around the resulting clashes of protocols, encryption schemes, certs, and software. At best, a user can only apply whatever remedies he comes across (from threads in these or other forums), but at the end of the day, the situation is what it is and will only grow worse for Presto Opera users trying to employ Presto Opera for secure communications links.
Like it or not, Presto Opera users needing secure connections will ultimately be forced by the press of reality to upgrade their browsers to more modern versions, be it Opera or others. That, in turn, may require further kinds of upgrades to hardware and/or OS's at some point. When these points are reached depends on the user and what he needs to do, and at which secure sites. For me, the browser upgrade point was reached over a year ago, and I only now use Presto Opera for some non-secure browsing that requires speed and is tolerant of website incompatibilities. For all else, I use a couple of modern browsers that I keep updated to remain current.
-
thedoctor2000 last edited by
so what do i do??
If the problem is related to what i've pointed, the site's server needs to be updated.
Ok, not my site. Is there a way to visit it without doing it...
-
blackbird71 last edited by
so what do i do?? If the problem is related to what i've pointed, the site's server needs to be updated.
... Is there a way to visit it without doing it...
If a browser's security design prevents it from working with a particular site server that is using obsolete security techniques, either the server has to be updated or a different browser has to be used (one that is less rigorous about protecting the user's connection security). Only the user can determine whether the site presents a meaningful risk to the user's security should he access it with a browser that's less demanding of good or proper security. Even if a tweak exists to somehow 'fool' the secure browser into viewing a site with obsolete security, the same situation exists: the user has to decide if the security risks inherent in using the reduced security outweigh the benefits of such a tweak.
-
A Former User last edited by
So you want to use you bank on an unsecured connection do you I doubt your bank will let you so here's how to fix your little problem
1: STOP using an ancient browser (by tech/security standards)
2: Install the latest version of Opera
3: Enjoy a safer internet -
blackbird71 last edited by
It's not a bank it's a game
Actually, @laingman in the third post brought up banking security-block issues while using Opera 12.17. But not all https sites involve banking or financial transactions, as you point out. This is why I indicated earlier that only the user can determine whether a less-than-secure server situation presents meaningful risk to him. In the case of accessing a game, the only normal risks might be hijacking of a user's credentials and/or game-accumulated resources (if any), so ironclad browser connection security is probably not as important for that situation as for banking.
My thinking would be in such cases, if all else fails, simply use a different browser that you find will work with the game site for your gaming. But in any case, don't expect a tight-security browser design to be changed to accommodate such sloppy-security situations - that presents too great a user risk for those cases where security truly matters.
-
A Former User last edited by
So you want to use you bank on an unsecured connection do you I doubt your bank will let you so here's how to fix your little problem
1: STOP using an ancient browser (by tech/security standards)
2: Install the latest version of Opera
3: Enjoy a safer internetI have opera developer something installed and I don't like how it works or the looks of it. The banks nowadays will allow access if they can verify the identity with by sending a code to verify identity. I have many banks and they all work in old opera, except Chase started not to work some time back. When the proper code and passwords are entered it keeps coming back to the same screen saying they don't recognize the machine and to please go through the verification process.
Calling them, they have no problem letting use use whatever browser, its just that something they did inadvertently broke down the process to grant access to their site in old opera (or something opera did ). and they say it should work but they don't know why and of course they are not going to fix it because opera (new or old) it's not one of the browsers they support.
For me there is no such thing as "enjoying" a new browser whether it be safer or not, just painful
-
blackbird71 last edited by
A while back, Chase changed to the TLS 1.2 protocol, but still (apparently) allows the weak SHA1 and the RC4 cipher in their connection negotiations. I'm frankly not sure whether Olde Opera is capable of communicating with the combinations now offered by Chase, or whether the Chase cert even points Opera in the right direction. Moreover, there's always that old bug-a-boo: browser sniffing, that can cause all manner of grief because of whatever their site code does with it.