Navigation

    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Users
    • Groups
    • Rules
    • Help

    Do more on the web, with a fast and secure browser!

    Download Opera browser with:

    • built-in ad blocker
    • battery saver
    • free VPN
    Download Opera

    Opera 12.17 Build 1863 TLS 1.1 1.2

    Opera for Windows
    5
    12
    2022
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • galabutbul
      galabutbul last edited by

      hello

      is it safe to enable TLS 1.1 and 1.2 and disable the insecure cipher suites ?

      Your client supports cipher suites that are known to
      be insecure:
      TLS_RSA_WITH_RC4_128_MD5: This cipher use RC4 which has insecure biases in its output.
      TLS_RSA_WITH_RC4_128_SHA: This cipher use RC4 which has insecure biases in its output.

      thx for help

      Reply Quote 0
        1 Reply Last reply
      • utfo
        utfo last edited by

        It looks like those are results from howsmyssl.com?

        • Go to Settings - Preferences - Advanced tab - Security.
        • Click the "Security protocols" button.
        • Click the "Details" button.
        • Look under the "Cipher" column, and uncheck :

        128 bit ARC4 (RSA/MD5) and 128 bit ARC4 (RSA/SHA)

        This will improve your results on howsmyssl.com.

        Reply Quote 0
          1 Reply Last reply
        • lando242
          lando242 last edited by

          Nope, its not safe. TLS 1.1 and 1.2 are flawed and you shouldn't use them. That said, you shouldn't be using a web browser that hasn't been updated in 2 years either. So I guess you will have to evaluate the level of risk you are comfortable with and base your decision on that.

          Reply Quote 0
            1 Reply Last reply
          • joshl
            joshl last edited by

            Galabutbul, certain characters are reserved in the local markup renderer, so use backticks to show stuff.

            Your client supports cipher suites that are known to
            be insecure:
            TLS_RSA_WITH_RC4_128_MD5: This cipher use RC4 which has insecure biases in its output.
            TLS_RSA_WITH_RC4_128_SHA: This cipher use RC4 which has insecure biases in its output.

            Reply Quote 0
              1 Reply Last reply
            • utfo
              utfo last edited by

              Nope, its not safe. TLS 1.1 and 1.2 are flawed and you shouldn't use them.

              What should we use? TLS 1.1 and 1.2 are the latest.

              Reply Quote 0
                1 Reply Last reply
              • lando242
                lando242 last edited by

                You shouldn't use TLS at all, its not secure. Theres a draft for 1.3 out but its not finalized and it wont be added to Opera 12 (which is no longer maintained) even if it is. If you are concerned with security you should use better crypto protocols and update your browser.

                Reply Quote 0
                  1 Reply Last reply
                • utfo
                  utfo last edited by

                  You shouldn't use TLS at all, its not secure.

                  Opera 30 uses TLS.

                  Reply Quote 0
                    1 Reply Last reply
                  • lando242
                    lando242 last edited by

                    Right, because Opera 30 has been updated to 'manage' the problems with TLS so its 'secure enough' for general use. Opera 12 has not been updated because it is no longer being maintained. I still try to avoid using TLS because of its known issues. Just like I try to avoid using Flash and Java for anything that requires security.

                    Reply Quote 0
                      1 Reply Last reply
                    • utfo
                      utfo last edited by

                      I still try to avoid using TLS because of its known issues.

                      What do you use instead?

                      Reply Quote 0
                        1 Reply Last reply
                      • A Former User
                        A Former User last edited by

                        I still try to avoid using TLS because of its known issues.

                        Did you not make an https connection using TLS in order to make that post? And how do you avoid TLS while using Opera? I see a flag to set the minimum TLS but nothing about maximum or about disabling TLS.

                        Unless there is an alternative it sounds like a strategy to use no security in order to avoid flawed security. That or give up a large part of my online activity as more and more sites use https. Maybe I am missing something here.

                        Reply Quote 0
                          1 Reply Last reply
                        • lando242
                          lando242 last edited by

                          Did you not make an https connection using TLS in order to make that post?

                          Its not that I don't go to places that use TLS and HTTPS, its that I don't use just TLS and HTTPS to do things that I have security concerns with. If someone compromises the Opera forums and my account the worst case is they get my throwaway email address I used to register with and can make bogus posts in my name. Since I use very strong passwords* and don't reuse passwords between accounts that gets them nothing. Thats not a security concern because I am not risking anything. You wont see me putting out my SSN or CC/bank account info without some extra level of security though.

                          Its like using a cheap padlock vs a 800 lbs safe embedded in the concrete of my basement. The padlock is fine for keeping people out of my backyard shed. I'd definitely want my hundreds of millions of dollars in something more secure though.

                          What do you use instead?

                          Things other than the internet, generally. Its harder for a hacker to perform a man-in-the-middle attack when I've mailed my credit card bill payment via USPS 😉 Its even harder if I setup an automatic bill payment. In either case its out of my hands and someone else's problem. But, as I said above, if you're really concerned with security making sure your browser is up to date goes a long way to improving your security.

                          *My Opera account password is 350 bits. Just want to give a shout out to the team that maintains this site for allowing very long passwords. Good job.

                          Reply Quote 0
                            1 Reply Last reply
                          • A Former User
                            A Former User last edited by

                            Thanks for the security tips Lando.

                            I think the OP and I are in the same boat, wondering how best to hang on to 12.17 for email as long as possible and when to let it go. We need a guru.

                            Reply Quote 0
                              1 Reply Last reply
                            • First post
                              Last post

                            Computer browsers

                            • Opera for Windows
                            • Opera for Mac
                            • Opera for Linux
                            • Opera beta version
                            • Opera USB

                            Mobile browsers

                            • Opera for Android
                            • Opera Mini
                            • Opera Touch
                            • Opera for basic phones

                            • Add-ons
                            • Opera account
                            • Wallpapers
                            • Opera Ads

                            • Help & support
                            • Opera blogs
                            • Opera forums
                            • Dev.Opera

                            • Security
                            • Privacy
                            • Cookies Policy
                            • EULA
                            • Terms of Service

                            • About Opera
                            • Press info
                            • Jobs
                            • Investors
                            • Become a partner
                            • Contact us

                            Follow Opera

                            • Opera - Facebook
                            • Opera - Twitter
                            • Opera - YouTube
                            • Opera - LinkedIn
                            • Opera - Instagram

                            © Opera Software 1995-