Where did you install Firefox from? Help Mozilla uncover 3rd party websites that offer problematic Firefox installation by taking part in our campaign. There will be swag, and you'll be featured in our blog if you manage to report at least 10 valid reports!

Avatar for Username

Tìm kiếm hỗ trợ

Tránh các lừa đảo về hỗ trợ. Chúng tôi sẽ không bao giờ yêu cầu bạn gọi hoặc nhắn tin đến số điện thoại hoặc chia sẻ thông tin cá nhân. Vui lòng báo cáo hoạt động đáng ngờ bằng cách sử dụng tùy chọn "Báo cáo lạm dụng".

Learn More

Chủ đề này đã được lưu trữ. Vui lòng hỏi một câu hỏi mới nếu bạn cần giúp đỡ.

How can I completely disable ssl3.0? about:config does not have security.enable_ssl3

  • 3 trả lời
  • 11 gặp vấn đề này
  • 2 lượt xem
  • Trả lời mới nhất được viết bởi CPATRON144

CPATRON144
CPATRON144
more options

Latest discovery by Google says even though I use TLS, I may be configured to be backward compatible to SSL3.0 and a "Poodle" attack by a predator website might induce me to use SSL3.0 and be vulnerable to attack. They say the cure is: "To prevent POODLE attacks on Firefox, open about.config, search for "security.enable," and set "security.enable_ssl3" to false."

First mistake is "about.config" should be "about:config". Second problem is there is no "security.enable_ssl3" line to be found. I don't know if I'm supposed to create the line, and if so, how do I do that?

Latest discovery by Google says even though I use TLS, I may be configured to be backward compatible to SSL3.0 and a "Poodle" attack by a predator website might induce me to use SSL3.0 and be vulnerable to attack. They say the cure is: "To prevent POODLE attacks on Firefox, open about.config, search for "security.enable," and set "security.enable_ssl3" to false." First mistake is "about.config" should be "about:config". Second problem is there is no "security.enable_ssl3" line to be found. I don't know if I'm supposed to create the line, and if so, how do I do that?

Giải pháp được chọn

hello CPATRON144, you can turn off SSL3 in firefox like this: enter about:config into the firefox address bar (confirm the info message in case it shows up) & search for the preference named security.tls.version.min. double-click it and change its value to 1.

https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/

Đọc câu trả lời này trong ngữ cảnh 👍 13

Tất cả các câu trả lời (3)

the-edmeister
the-edmeister
  • Moderator
more options

A new extension has been released to "fix" Firefox 26 and later versions, until Firefox 34 is released on Nov 25th with the fix built-in. https://addons.mozilla.org/en-US/firefox/addon/ssl-version-control/

philipp
philipp
  • Moderator
more options

Giải pháp được chọn

hello CPATRON144, you can turn off SSL3 in firefox like this: enter about:config into the firefox address bar (confirm the info message in case it shows up) & search for the preference named security.tls.version.min. double-click it and change its value to 1.

https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/

CPATRON144
CPATRON144 Người tạo câu hỏi
more options

Thanks. I appreciate the reply.