eBay has already killed off SSL 3.0 connections to its website, one of undoubtedly many major companies clamping down on the now-insecure transport protocol. If you’d like to be proactive about the problem, it is possible, using the proper options, to disable or reject SSL connections right from your browser.
As gHack’s Martin Brinkmann explains, all major browsers allow you to set what protocols they use — the difference is the difficulty.
Oddly enough, Chrome is the most fiddly, requiring a command line option to set the minimum supported protocol. Firefox asks you to tinker with settings in about:config
, while Internet Explorer is the easiest of the bunch, allowing you to toggle protocols on and off via a listbox.
If you just want to see what connections a certain site accepts, you can plug its domain name into SSL Labs’ SSL Test. You’ll get a bunch of stats — the ones you’re looking for are shown below:
SSL 3.0 vulnerability discovered. Find out how to protect yourself [gHacks]
Comments
2 responses to “Configure Your Browser To Disable SSL 3.0 Connections”
Bit late to the party there LifeHacker.
What’s going on.