Server has a weak ephemeral..."
09-07-2015 | 09:19 AM
#11
Thread Starter
On Reserve
Joined: Jul 2008
Posts: 156
Likes: 0
Thanks for the help. I installed the FF plugin. That way, I could easily undo it since that plugin defeats the security stuff that both FF and Chrome have created specifically to protect the end users against badly configured servers. I see in the ALPA Scheduling Committee brief that UAL knows something is wrong. Hopefully it gets fixed shortly so this workaround isn't needed.
Thanks again!
Thanks again!
09-07-2015 | 12:40 PM
#12
Line Holder
Joined: Jun 2010
Posts: 943
Likes: 0
From: 747 Captain, retired
Thanks for the help. I installed the FF plugin. That way, I could easily undo it since that plugin defeats the security stuff that both FF and Chrome have created specifically to protect the end users against badly configured servers. I see in the ALPA Scheduling Committee brief that UAL knows something is wrong. Hopefully it gets fixed shortly so this workaround isn't needed.
Thanks again!
Thanks again!
09-07-2015 | 01:10 PM
#13
Prime Minister/Moderator
Joined: Jan 2006
Posts: 44,882
Likes: 681
From: Engines Turn or People Swim
Here is the quick fix for Firefox that does not require installing anything.
In address line in Firefox browser type: about:config
In the page that opens up, look for these two entries:
security.ssl3.dhe_rsa_aes_128_sha
security.ssl3.dhe_rsa_aes_256_sha
Toggle to FALSE for both
In address line in Firefox browser type: about:config
In the page that opens up, look for these two entries:
security.ssl3.dhe_rsa_aes_128_sha
security.ssl3.dhe_rsa_aes_256_sha
Toggle to FALSE for both
09-08-2015 | 08:47 AM
#15
Line Holder
Joined: Feb 2013
Posts: 88
Likes: 0
With it set to FALSE Firefox will still warn you that you are connecting to a dangerous or weak server (UAL) and ask if you wish to continue at your own risk. With it set to TRUE, it forbids you from connecting to such server - it makes the decision for you.
The danger of having it set to FALSE is that you could potentially try connecting to a phishing server unintentionally (a server pretending to be your bank and try to steal you login credentials), and even after being warned by Firefox, agree to continue putting your identity and computer at risk.
If you choose to have it set to FALSE just be sure that you never ignore the server security warning and only agree to continue if you are certain that you are connecting to your intended server (connecting via CCS link or such.)
I use Firefox only for company business (CCS & Skynet); Apple Safari with high security restrictions for all Banking; and Chrome for general goofing around the web - that way even if some malicious tracker sneaks by Chrome, it will remain isolated from my work or banking.
The danger of having it set to FALSE is that you could potentially try connecting to a phishing server unintentionally (a server pretending to be your bank and try to steal you login credentials), and even after being warned by Firefox, agree to continue putting your identity and computer at risk.
If you choose to have it set to FALSE just be sure that you never ignore the server security warning and only agree to continue if you are certain that you are connecting to your intended server (connecting via CCS link or such.)
I use Firefox only for company business (CCS & Skynet); Apple Safari with high security restrictions for all Banking; and Chrome for general goofing around the web - that way even if some malicious tracker sneaks by Chrome, it will remain isolated from my work or banking.
Thread
Thread Starter
Forum
Replies
Last Post
