Microsoft releases anti-POODLE Fix It

Borg 386

ADHD Senior Member
Guru
Gold Member
VIP
Local time
6:28 AM
Messages
5,489
Location
In a house with a cat trying to kill me
By default, Internet Explorer on Windows client systems supports SSL version 3.0, the version recently found vulnerable to attack. Now there's another way to turn it off.

Microsoft has released a Fix It to disable the feature which was the subject of the POODLE attack. The Fix It, a program which implements changes in the registry, makes the process simpler than the alternatives.
POODLE is a design flaw in SSL/TLS and so there is no patch to fix the bug. Instead, vendors are disabling support for SSL 3.0, a protocol which is old and deprecated anyway. The number of server systems which require SSL 3.0 is said to be small, but users of those servers will start having problems connecting as client systems begin to have their SSL 3.0 support removed.

Disabling SSLv3 support for Internet Explorer wasn't all that hard without the Fix It. Users could do so by unchecking the "Use SSL 3.0" option in the Advanced tab of the Tools-Internet Options dialog box. A group policy setting is available for managed environments (Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> Internet Control Panel -> Advanced Page -> Turn off encryption support).
Microsoft releases anti-POODLE Fix It | ZDNet
 

My Computer My Computer

At a glance

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1,...Intel Core 2 Duo 2.93GHzNot much with my ADHDATI Radeon HD 4350
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Dell Hell oh Well
OS
Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
CPU
Intel Core 2 Duo 2.93GHz
Memory
Not much with my ADHD
Graphics Card(s)
ATI Radeon HD 4350
Monitor(s) Displays
24" HDTV/Monitor
Screen Resolution
Blurry after a Scotch or 2
Hard Drives
1 HDD 250 GB, 1 HDD 1 TB, 3 - 1 TB Externals
Case
Don't get on my case...man :D
Cooling
I have an Air Conditioner & Diet Pepsi
Keyboard
Saitek Cyborg
Mouse
10 yr old MS optical mouse that still works
Internet Speed
Never fast enough
Antivirus
Various
Browser
Various
I deselected "Use SSL 3.0" as soon as the word was out on the Poodle "bug" and haven't had any problems accessing websites. If I ever do, I wouldn't want to use it anyway.
 

My Computer My Computer

At a glance

Win 7 Ultimate 64 bitIntel i7-3930KKingston HyperX Genesis 32GB Kit (8x4GB Modul...MSI R7850 Twin Frozr 2GD5/OC Radeon HD 7850 2...
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build
OS
Win 7 Ultimate 64 bit
CPU
Intel i7-3930K
Motherboard
ASUS P9X79 WS
Memory
Kingston HyperX Genesis 32GB Kit (8x4GB Modules) 1600MHz DDR
Graphics Card(s)
MSI R7850 Twin Frozr 2GD5/OC Radeon HD 7850 2GB 256-bit GDDR
Sound Card
Asus Xonar Essence STX
Monitor(s) Displays
3x Asus VG248QE 24", Vizio 32" TV
Screen Resolution
1920 x 1080, ?
Hard Drives
Samsung 128GB 840 Pro SSD (1),
Samsung 4TB 850 EVO SSDs (4)
Samsung 4TB 850 EVO SSDs (16) external backup drives used in 2.5" hot swap bays in the computer.
PSU
Corsair HX750w
Case
Antec Two Hundred v2 (modified)
Cooling
Cooler Master GeminII S524 120mm (fan replaced with a 140mm)
Keyboard
Logitech G510s
Mouse
Logitech M525 (two in use)
Internet Speed
=< 32Mbps down, 8Mbps up
Antivirus
AVAST!, MBAM, SAS, Spybot S&D (all but MBAM free) Glary Util
Browser
IE11
Other Info
LSI 9211-8i HBA card (8 SATA III ports), 2.5" & 3.5" Hot Swap Bays, HooToo HT-CR001 PCI-E to USB 3.0 Internal Hub + 6 Slot Card Reader, and LG Model CH12LS28 BD-ROM Optical Drive. Also, ScanSnap S1500 ADF duplexing scanner, Canon 9000F flat bed scanner, Corsair SP2500 2.1 speakers, Samsung CLP 415nw laser color printer, Cyberpower PP2200SW UPS

My Computer My Computer

At a glance

Win-7-Pro64bit 7-H-Prem-64biti7-5930K 2nd i9-9940x both water blocked VRM'...Trident-z 3200C14 2nd Trident-z 3600C16EVGA 1080ti ftw3 2nd Titan Xp both water blocked
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom assembled by me :}
OS
Win-7-Pro64bit 7-H-Prem-64bit
CPU
i7-5930K 2nd i9-9940x both water blocked VRM's too
Motherboard
ASUS SABERTOOTH X99 2nd ASUS x299 Apex
Memory
Trident-z 3200C14 2nd Trident-z 3600C16
Graphics Card(s)
EVGA 1080ti ftw3 2nd Titan Xp both water blocked
Sound Card
Built-in Realtek
Monitor(s) Displays
1-AOC G2460PG 24"G-Sync 144Hz/ 2nd 1-ASUS VG248QE 24" 144Hz
Screen Resolution
1920 x 1080 144Hz
Hard Drives
2-Samsung M.2 Evo & Evo Plus
2-Samsung 850 EVO 500GB SSD's/ 3-2.5 W.D. Black 1tb-&3-1tb/3-3.5 WD Black 1tb hdd's
PSU
EVGA SuperNOVA 1000-P2 2nd 1200-P2
Case
2-Corsair Obsidian Series 450D Black ATX Mid Tower
Cooling
Custom water loops
Keyboard
Logitech G710+/ 2nd Logitech G910
Mouse
2-RedDragon M901 Perdition 16400 dpi Gaming mouse = wired
Internet Speed
Comcast Ping 19ms 89.31mbps download speed 6.12mbps upload
Antivirus
Malwarebytes Pro/ Superantispyware Pro
Browser
FireFox & Pale moon
Other Info
2nd ASUS X299 Apex/Intel i9-9940x with Custom water loop/7H-Prem-x64/Corsair 450D case/Ram Trident-z 3600C16 4x8gb / Samsung970Evo plus 500gb SSD/Dual ssd EZ swap evo/PSU EVGA SuperNova 1200w-P2 80+Platinum/GPU Titan Xp /8-ML-140 on push-pull on 2-280GTX rads
Please make sure you use the fix posted by Borg 386 to disable SSL 3.0 or you may run into issues with Amazon.com as well...

Amazon Browser Warning.PNG

For IE11, it's rather simple...

Disable SSL 3.0 and enable TLS 1.0, TLS 1.1, and TLS 1.2 in Internet Explorer:

You can disable the SSL 3.0 protocol in Internet Explorer by modifying the Advanced Security settings in Internet Explorer.

To change the default protocol version to be used for HTTPS requests, perform the following steps:

1 - On the Internet Explorer Tools menu, click Internet Options.

2 - In the Internet Options dialog box, click the Advanced tab.

3 - In the Security category, uncheck Use SSL 3.0 and check Use TLS 1.0, Use TLS 1.1, and Use TLS 1.2 (if available).

4 - Note It is important to check consecutive versions. Not selecting consecutive versions (e.g. checking TLS 1.0 and 1.2, but not checking 1.1) could result in connection errors.

5 - Click OK.

6 - Exit and restart Internet Explorer.

IE11 Security Settings.PNG

Direct source to procedures: Microsoft Security Advisory 3009008

DO NOT assume this was already done by patch or update!!! I'm running Windows 8.1, with the latest version of IE11, and SSL 3.0 was STILL ticked!

I'm sure the procedures has been posted here somewhere, but just in case.

And for those of you still hanging on to those old browsers, it might be time to update... if for no other reason but for security, and/or banking/shopping convenience. I'm just saying ;)

Peace :cool:
 

My Computer My Computer

At a glance

Windows 10 ProIntel Core i7-4770K (3.5Ghz)32 gig Corsair Dominator Platinum (4x8Gig)Sapphire Tri-X R9 Fury
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom built by me.
OS
Windows 10 Pro
CPU
Intel Core i7-4770K (3.5Ghz)
Motherboard
Gigabyte G1 Sniper 5 (F10 Bios)
Memory
32 gig Corsair Dominator Platinum (4x8Gig)
Graphics Card(s)
Sapphire Tri-X R9 Fury
Sound Card
Soundblaster ZXR
Monitor(s) Displays
NEC PA242W 24" LCD Monitor
Screen Resolution
1920 x 1200
Hard Drives
Primary - Samsung 850 Pro (512gig), Samsung 840 Pro (256gig), 2TB WD Caviar Black.
PSU
EVGA Supernova 1000 G2
Case
Cooler Master HAF X
Cooling
Corsair H100i with Corsair Air Series SP120 Quiet Fans
Keyboard
Logitech Wireless Wave
Mouse
Logitech Performance MX
Internet Speed
High Speed Cable
Antivirus
Norton Security
Browser
IE11
Other Info
Memory Timings - 1866MHz @ 9-9-9-27-1T @ 1.5 volts
Oh snaps !!! :shock:

Disabling SSL 3.0 blocks me from using my school's website. And unfortunately I have to be able to access it to do my tests and in class projects :(

My School log-in.PNG

Well that puts me somewhere between a rock and hard space :eek:
 

My Computer My Computer

At a glance

Windows 10 ProIntel Core i7-4770K (3.5Ghz)32 gig Corsair Dominator Platinum (4x8Gig)Sapphire Tri-X R9 Fury
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom built by me.
OS
Windows 10 Pro
CPU
Intel Core i7-4770K (3.5Ghz)
Motherboard
Gigabyte G1 Sniper 5 (F10 Bios)
Memory
32 gig Corsair Dominator Platinum (4x8Gig)
Graphics Card(s)
Sapphire Tri-X R9 Fury
Sound Card
Soundblaster ZXR
Monitor(s) Displays
NEC PA242W 24" LCD Monitor
Screen Resolution
1920 x 1200
Hard Drives
Primary - Samsung 850 Pro (512gig), Samsung 840 Pro (256gig), 2TB WD Caviar Black.
PSU
EVGA Supernova 1000 G2
Case
Cooler Master HAF X
Cooling
Corsair H100i with Corsair Air Series SP120 Quiet Fans
Keyboard
Logitech Wireless Wave
Mouse
Logitech Performance MX
Internet Speed
High Speed Cable
Antivirus
Norton Security
Browser
IE11
Other Info
Memory Timings - 1866MHz @ 9-9-9-27-1T @ 1.5 volts
Oh snaps !!! :shock:
Hi Drew,

Although a valid concern, it's not the end of the world. I understand Microsoft is planning a system wide Update to secure for the SSL3 vulnerability in this month's Patch Tuesday (Nov. 11th).

What I would do:

  • Talk with your Course Professor's and ask if they are aware of the problem and what are their plans if not only you, but other students in their class can't interact with their courses online.

  • Ask if the University has any contingency plans if students can't interact with their courses or the school online. i.e. Time to make a payment$$ or buy new books$$$$.

  • Contact St.Leo's IT Dept.. If they don't have one then someone in the Administrative office. Express your concerns and ask them if they have a timeline as to when they will be up to speed with the SSL3 vulnerability.

  • Have corroborating evidence if anyone tries to brush off the SSL3 vulnerability as insignificant.
It is convenient for the Professor's, the school, and the students to have online interaction, instead of an onrush of students queuing after class or in the office. It is the University's responsibility to make sure their portal is secure, and accessible to all.

Can you see where I'm going with this? Put the ball squarely in the University's court, and the more students you can garner to put mild pressure on the school and Professor's, should produce action on their part.


Steve
 

My Computer My Computer

At a glance

Originally Win 7 Hm Prem x64 Ver 6.1.7600 Bui...Intel i3 530 2.93GHz, 2933MHz 2 Cores 4 Logic...6GB of 1,333MHz DDR3 SDRAM32MB Intel Graphics Media Accelerator HD IGChip
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Gateway DX4831-01e (Mid-Tower Desktop)
OS
Originally Win 7 Hm Prem x64 Ver 6.1.7600 Build 7601-SP1 | Upgraded to Windows 10 December 14, 2019
CPU
Intel i3 530 2.93GHz, 2933MHz 2 Cores 4 Logical Processors
Motherboard
Gateway H57M01 133 megahertz
Memory
6GB of 1,333MHz DDR3 SDRAM
Graphics Card(s)
32MB Intel Graphics Media Accelerator HD IGChip
Sound Card
Realtek High Definition Audio
Monitor(s) Displays
Gateway HX2000 20inch TFT active matrix TN
Screen Resolution
1600 x 900 x 59 hertz
Hard Drives
WDC WD10EADS-00M2B0 [HDD] (1000.20 GB) -- drive 0,
HL-DT-ST DVDRAM GH41N [CD-ROM dr]
Four card readers, and Four USB 2.0
PSU
300watts.
Case
Mid-Tower Desktop
Cooling
Stock from Gateway
Keyboard
Natural Ergonomic Keyboard 4000, see Other Info
Mouse
Orig. Gateway wore out now using Insignia USB wired optical
Internet Speed
Vz FIOS 10ms png 57.64Mbps down 65.53Mbps up Speedtest.org
Antivirus
Zamana Anti-logger with Anti-malware, MSE, Windows Firewall,
Browser
IE11.0.9600.19399-Upd ver11.0.135, Firefox 68.0.1 x64
Other Info
System Specs by Belarc.

BIOS: American Megatrends Inc. P01-A0 11/17/2009

Replaced the MS 'Natural' Standard PS/2 Enhanced 101-102 Keyboard with a new Natural Ergonomic Keyboard 4000 on August 1st 2014.

Canon Pixma MG3222 Printer.

Updated to IE11 on 12102015 | Fios Quantum Router g1100

Additional AV: SpywareBlaster, manual Mbam, SAS
FireFox all the way in (Even though it's eating almost 1GB of ram for random reasons)
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64-BITAMD A8 7200P8GB 1600mhzRadeon R5 (APU) + Radeon R5 M230 2GB Dual Gra...
Computer type
PC/Desktop
Computer Manufacturer/Model Number
ASUS X550ZE
OS
Windows 7 Home Premium 64-BIT
CPU
AMD A8 7200P
Motherboard
N/A
Memory
8GB 1600mhz
Graphics Card(s)
Radeon R5 (APU) + Radeon R5 M230 2GB Dual Graphics
Sound Card
Realtek ALC269 with SonicMaster
Monitor(s) Displays
Laptop Display
Screen Resolution
1920 x 1080 @60hz
Hard Drives
WDC WD50 00LPVX-80V0TT0 (500GB)
PSU
Laptop Charger
Mouse
ARMAGGEDON TEXTRON SCORPION 7
Internet Speed
100 mbps DOWN / 50 mbps UP
Antivirus
Windows Defender
Browser
Mozzila FireFox, Valve Steam in-game internet browser
FireFox all the way in (Even though it's eating almost 1GB of ram for random reasons)

Didn't/doesn't Firefox use SSL 3.0 as well??? :sarc:

With that... how does it become a "better" choice in this SSL 3.0 situation?
 

My Computer My Computer

At a glance

Windows 10 ProIntel Core i7-4770K (3.5Ghz)32 gig Corsair Dominator Platinum (4x8Gig)Sapphire Tri-X R9 Fury
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom built by me.
OS
Windows 10 Pro
CPU
Intel Core i7-4770K (3.5Ghz)
Motherboard
Gigabyte G1 Sniper 5 (F10 Bios)
Memory
32 gig Corsair Dominator Platinum (4x8Gig)
Graphics Card(s)
Sapphire Tri-X R9 Fury
Sound Card
Soundblaster ZXR
Monitor(s) Displays
NEC PA242W 24" LCD Monitor
Screen Resolution
1920 x 1200
Hard Drives
Primary - Samsung 850 Pro (512gig), Samsung 840 Pro (256gig), 2TB WD Caviar Black.
PSU
EVGA Supernova 1000 G2
Case
Cooler Master HAF X
Cooling
Corsair H100i with Corsair Air Series SP120 Quiet Fans
Keyboard
Logitech Wireless Wave
Mouse
Logitech Performance MX
Internet Speed
High Speed Cable
Antivirus
Norton Security
Browser
IE11
Other Info
Memory Timings - 1866MHz @ 9-9-9-27-1T @ 1.5 volts
Oh snaps !!! :shock:
Hi Drew,

Although a valid concern, it's not the end of the world. I understand Microsoft is planning a system wide Update to secure for the SSL3 vulnerability in this month's Patch Tuesday (Nov. 11th).

(...)

It is convenient for the Professor's, the school, and the students to have online interaction, instead of an onrush of students queuing after class or in the office. It is the University's responsibility to make sure their portal is secure, and accessible to all.
Hi Steve,

You're right of course, but it can be a pain in the arse if the issue isn't resolved soon. Example, while Amazon is warning against SSL 3.0 usage and may not allow SSL 3.0 enabled browsers to do checkouts with them, I also need it enabled to get my school work done because most courses (99 percent) are requiring log in to the school's site for on-line material to include discussion questions as well as exams. Additionally, professors are now requiring that you turn in any and all written papers through the school's Turn-It-In system to fight plagiarism.

Anyway this is a school wide issue, and yes, the university's IT department is aware, but until a fix is secured, who knows how long we'll be stuck with SSL 3.

But as you say, it's not the end of the world so I'll just leave it enabled until it's fixed, hopefully by Patch Tuesday.

Thanks.
 

My Computer My Computer

At a glance

Windows 10 ProIntel Core i7-4770K (3.5Ghz)32 gig Corsair Dominator Platinum (4x8Gig)Sapphire Tri-X R9 Fury
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom built by me.
OS
Windows 10 Pro
CPU
Intel Core i7-4770K (3.5Ghz)
Motherboard
Gigabyte G1 Sniper 5 (F10 Bios)
Memory
32 gig Corsair Dominator Platinum (4x8Gig)
Graphics Card(s)
Sapphire Tri-X R9 Fury
Sound Card
Soundblaster ZXR
Monitor(s) Displays
NEC PA242W 24" LCD Monitor
Screen Resolution
1920 x 1200
Hard Drives
Primary - Samsung 850 Pro (512gig), Samsung 840 Pro (256gig), 2TB WD Caviar Black.
PSU
EVGA Supernova 1000 G2
Case
Cooler Master HAF X
Cooling
Corsair H100i with Corsair Air Series SP120 Quiet Fans
Keyboard
Logitech Wireless Wave
Mouse
Logitech Performance MX
Internet Speed
High Speed Cable
Antivirus
Norton Security
Browser
IE11
Other Info
Memory Timings - 1866MHz @ 9-9-9-27-1T @ 1.5 volts
Drew, just keep one browser with SSL v3 enabled, and only use that for the one site. A Guy
 

My Computer My Computer

At a glance

Windows 10 Home x64INTEL Core i5-750 Quad-Core 3.37GHzHyperX Fury Black Series 8GB (2 x 4GB) 1866MhzEVGA GeForce GTX 750 Superclocked 1GB 128-Bit...
Computer type
PC/Desktop
OS
Windows 10 Home x64
CPU
INTEL Core i5-750 Quad-Core 3.37GHz
Motherboard
ASUS P7P55D
Memory
HyperX Fury Black Series 8GB (2 x 4GB) 1866Mhz
Graphics Card(s)
EVGA GeForce GTX 750 Superclocked 1GB 128-Bit GDDR5
Monitor(s) Displays
LG 32MA68HY 32" IPS
Screen Resolution
1920 x 1080
Hard Drives
Samsung 840 Evo 120GB, SEAGATE 500GB Barracuda® 7200.12, SATA 3 Gb/s, 7200 RPM, 16MB cache
PSU
ANTEC TruePower New TP-550, 80 PLUS, 550W
Case
ANTEC Three Hundred Illusion
Cooling
COOLER MASTER Hyper 212 Plus, 4 x 120mm 1 x 140mm Noctua's
Internet Speed
85 + Mbps
Antivirus
Avast
Browser
Vivaldi
Yeah Bill I could do that but I'll just keep using IE and with SSL enabled until the supposed fix. Plus I'm very careful about where I visit so we'll see. If nothing happens by Tuesday I might look at a plan B.

I did a Amazon purchase this evening with SSL and all went well so who knows :confused:

Thanks.
 

My Computer My Computer

At a glance

Windows 10 ProIntel Core i7-4770K (3.5Ghz)32 gig Corsair Dominator Platinum (4x8Gig)Sapphire Tri-X R9 Fury
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom built by me.
OS
Windows 10 Pro
CPU
Intel Core i7-4770K (3.5Ghz)
Motherboard
Gigabyte G1 Sniper 5 (F10 Bios)
Memory
32 gig Corsair Dominator Platinum (4x8Gig)
Graphics Card(s)
Sapphire Tri-X R9 Fury
Sound Card
Soundblaster ZXR
Monitor(s) Displays
NEC PA242W 24" LCD Monitor
Screen Resolution
1920 x 1200
Hard Drives
Primary - Samsung 850 Pro (512gig), Samsung 840 Pro (256gig), 2TB WD Caviar Black.
PSU
EVGA Supernova 1000 G2
Case
Cooler Master HAF X
Cooling
Corsair H100i with Corsair Air Series SP120 Quiet Fans
Keyboard
Logitech Wireless Wave
Mouse
Logitech Performance MX
Internet Speed
High Speed Cable
Antivirus
Norton Security
Browser
IE11
Other Info
Memory Timings - 1866MHz @ 9-9-9-27-1T @ 1.5 volts

My Computer My Computer

At a glance

Windows 7 Home Premium 64-BITAMD A8 7200P8GB 1600mhzRadeon R5 (APU) + Radeon R5 M230 2GB Dual Gra...
Computer type
PC/Desktop
Computer Manufacturer/Model Number
ASUS X550ZE
OS
Windows 7 Home Premium 64-BIT
CPU
AMD A8 7200P
Motherboard
N/A
Memory
8GB 1600mhz
Graphics Card(s)
Radeon R5 (APU) + Radeon R5 M230 2GB Dual Graphics
Sound Card
Realtek ALC269 with SonicMaster
Monitor(s) Displays
Laptop Display
Screen Resolution
1920 x 1080 @60hz
Hard Drives
WDC WD50 00LPVX-80V0TT0 (500GB)
PSU
Laptop Charger
Mouse
ARMAGGEDON TEXTRON SCORPION 7
Internet Speed
100 mbps DOWN / 50 mbps UP
Antivirus
Windows Defender
Browser
Mozzila FireFox, Valve Steam in-game internet browser
This flaw needs a few things to be true...

I do want to stress something here (confirmed elsewhere as well):

"Of course, all security flaws like this should be taken seriously, but on the “sky is falling” scale, this seems lower than the other recent big-news vulnerabilities, as it does require an active man-in-the-middle attack — an attacker can’t just probe the web for it or automatically attack a client connecting to a malicious server. (The main risk is when you’re on an untrusted network, like wifi at a cofffeeshop or at a conference.)"

Source: What you need to know about the SSLv3 ?POODLE? flaw (CVE-2014-3566) | Fedora Magazine

What this tells me, and everything I have read about this vulnerability is this would be more devastating for those with laptops connecting to public open wifi (in which case you really should not be going on banking, "secure" websites to begin with) then a desktop sitting at home plugged in by ethernet or a mobile phone using 3g, 4g.


Is the flaw serious? Absolutely.
Should we panic? No.
 

My Computer My Computer

At a glance

Windows 10 ProAMD Ryzen 5 2400G Processor with Radeon RX Ve...G.SKILL Ripjaws V Series 16GB (2 x 8GB) 288-P...2047MB NVIDIA GeForce GTX 1060 6GB (EVGA)
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Built
OS
Windows 10 Pro
CPU
AMD Ryzen 5 2400G Processor with Radeon RX Vega 11 Graphics
Motherboard
ASRock X470 Master SLI/AC AM4 AMD Promontory X470 SATA 6Gb/s
Memory
G.SKILL Ripjaws V Series 16GB (2 x 8GB) 288-Pin DDR4 SDRAM D
Graphics Card(s)
2047MB NVIDIA GeForce GTX 1060 6GB (EVGA)
Sound Card
Motherboard Built in
Monitor(s) Displays
Acer R240HY bidx 23.8-Inch IPS HDMI DVI VGA (1920 x 1080) Wi
Screen Resolution
1920 x 1080
Hard Drives
1TB Sandisk SSD PLUS (Main drive)
500 GB Seagate 7200 RPM (Games)
500 GB Western Digital 7200 RPM (Virtual Machines)
PSU
CORSAIR TX Series TX650M 650W 80+ Gold Modular Power Supply
Case
CORSAIR CARBIDE SPEC-02 Mid-Tower Gaming Case, Red LED Fan
Cooling
220mm, two 120mm, and four 60mm fans
Keyboard
Wired Dell keyboard
Mouse
Wireless Logitech mouse
Internet Speed
250mb down, 30mb up
Antivirus
Panda Cloud Antivirus
Browser
Chrome-ish x64
Other Info
Your awesome for reading this.
This flaw needs a few things to be true...

I do want to stress something here (confirmed elsewhere as well):

"Of course, all security flaws like this should be taken seriously, but on the “sky is falling” scale, this seems lower than the other recent big-news vulnerabilities, as it does require an active man-in-the-middle attack — an attacker can’t just probe the web for it or automatically attack a client connecting to a malicious server. (The main risk is when you’re on an untrusted network, like wifi at a cofffeeshop or at a conference.)"

Source: What you need to know about the SSLv3 ?POODLE? flaw (CVE-2014-3566) | Fedora Magazine

What this tells me, and everything I have read about this vulnerability is this would be more devastating for those with laptops connecting to public open wifi (in which case you really should not be going on banking, "secure" websites to begin with) then a desktop sitting at home plugged in by ethernet or a mobile phone using 3g, 4g.


Is the flaw serious? Absolutely.
Should we panic? No.

Nobody is spreading panics around here...It is enough hard to dig articles about flaws and security over internet that are hidden or not accessible to end-users.

If Online Sites begin to warn people its that there is a real danger, no matter the level of it.
 

My Computer My Computer

At a glance

Windows 7 Professional SP1 - x64 [Non-UEFI Boot]Ivy Bridge Core i5 3570K (Delidded)G.Skill "Ares" DDR3 PC3-12800 - 1600MHz (16Gb)Asus Dual-RX480-O4G
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build
OS
Windows 7 Professional SP1 - x64 [Non-UEFI Boot]
CPU
Ivy Bridge Core i5 3570K (Delidded)
Motherboard
Asus P8Z77-V LE PLUS
Memory
G.Skill "Ares" DDR3 PC3-12800 - 1600MHz (16Gb)
Graphics Card(s)
Asus Dual-RX480-O4G
Sound Card
Creative Sound Blaster Z w/5.1 sound system
Monitor(s) Displays
Asus IPS 23"
Screen Resolution
16/9
Hard Drives
Internal:
500Go Sata 6Gb/s (x2)
500Go Sata 3Gb/s (x2)
SSD 60Go Sata 6Gb/s
PSU
In Win C 900W Series 80+ Platinum
Case
Thermaltake Chaser A71
Cooling
Custom Water Cooling Loop
Keyboard
Cooler Master QuickFire XTi
Mouse
Razer Imperator 2012 (4G)
Antivirus
MSE
Browser
IE 11.0.xxx Rtm
Other Info
"Raid0" with Intel Smart Response Technology (HDD/SSD)
This SSL thing is reminiscent of the Y2K problem, remember how everyone scrambled because they thought the sky was falling?

I agree with Andrew; Is the flaw serious? Absolutely. Should we panic? No; And NoN, To do nothing is as bad as the flaw itself.

FireFox all the way in (Even though it's eating almost 1GB of ram for random reasons)

Didn't/doesn't Firefox use SSL 3.0 as well??? :sarc:

With that... how does it become a "better" choice in this SSL 3.0 situation?
For now yes,
Firefox 34 which is to be released on Nov 25th will have SSL3.0 disabled by default, and follow up with SCSV support in Firefox 35.

Chrome already supports TLS_FALLBACK_SCSV

There is an about:config setting that until the new versions of FF come out, you can modify to stop any SSL3 connections.

FF v33.0 Settings:
Rather than use the FF add-on I set my security.tls.version.min from about:config, the original setting was 0 and I changed it to 3, but had to switch back to 2 because of all places I couldn't reach https://support.mozilla.org

0 means SSL 3.0 and higher is enabled, 1 means TLS 1.0 and higher is enabled, 2 means TLS 1.1, and higher is enabled.

The security.tls.version.max was originally 3 and I left it as is.

I set my tls.version to 2 because I've been seeing reports that TLS1.0 is becoming vulnerable. So far I don't have any problems surfing with FF.

Drew, you're gonna have to sit tight until the University gets things squared away. In the meantime I agree with Bill, only use one browser that's SSL3 compliant for the University's site, and harden another one for casual surfing.


Roaster, with 5tabs open in FF I'm using 0.351GB of RAM (working set).
 

My Computer My Computer

At a glance

Originally Win 7 Hm Prem x64 Ver 6.1.7600 Bui...Intel i3 530 2.93GHz, 2933MHz 2 Cores 4 Logic...6GB of 1,333MHz DDR3 SDRAM32MB Intel Graphics Media Accelerator HD IGChip
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Gateway DX4831-01e (Mid-Tower Desktop)
OS
Originally Win 7 Hm Prem x64 Ver 6.1.7600 Build 7601-SP1 | Upgraded to Windows 10 December 14, 2019
CPU
Intel i3 530 2.93GHz, 2933MHz 2 Cores 4 Logical Processors
Motherboard
Gateway H57M01 133 megahertz
Memory
6GB of 1,333MHz DDR3 SDRAM
Graphics Card(s)
32MB Intel Graphics Media Accelerator HD IGChip
Sound Card
Realtek High Definition Audio
Monitor(s) Displays
Gateway HX2000 20inch TFT active matrix TN
Screen Resolution
1600 x 900 x 59 hertz
Hard Drives
WDC WD10EADS-00M2B0 [HDD] (1000.20 GB) -- drive 0,
HL-DT-ST DVDRAM GH41N [CD-ROM dr]
Four card readers, and Four USB 2.0
PSU
300watts.
Case
Mid-Tower Desktop
Cooling
Stock from Gateway
Keyboard
Natural Ergonomic Keyboard 4000, see Other Info
Mouse
Orig. Gateway wore out now using Insignia USB wired optical
Internet Speed
Vz FIOS 10ms png 57.64Mbps down 65.53Mbps up Speedtest.org
Antivirus
Zamana Anti-logger with Anti-malware, MSE, Windows Firewall,
Browser
IE11.0.9600.19399-Upd ver11.0.135, Firefox 68.0.1 x64
Other Info
System Specs by Belarc.

BIOS: American Megatrends Inc. P01-A0 11/17/2009

Replaced the MS 'Natural' Standard PS/2 Enhanced 101-102 Keyboard with a new Natural Ergonomic Keyboard 4000 on August 1st 2014.

Canon Pixma MG3222 Printer.

Updated to IE11 on 12102015 | Fios Quantum Router g1100

Additional AV: SpywareBlaster, manual Mbam, SAS
Poodle - how serious is it?

As far I can work out servers can be compromised so to state that the attack requires a MITM attack via compromising a user's browser when using a wifi hotspot would appear to be misleading. it would appear that the attack can take place at the server end.

Security changes in Opera 25; the poodle attacks - Opera Security - Opera Software

If there's more chance of getting struck by lightning than being a poodle attack victim then I wonder why it's Opera decided to remotely disable SSL v3 in user's browsers.

Quote:

Finally, Opera 12 on desktop is taking the lead with disabling SSLv3 support! Since we are not able to apply the countermeasure to all of the remaining Opera 12 installations (and it also does not support TLS_FALLBACK_SCSV), we have remotely turned off SSLv3. This will be automatically distributed to all Opera 12 desktop installations in the next few days. We’re allowing ourselves to be a bit experimental with this, so users who have not yet upgraded to Opera 25 may see more of the broken servers, and we will get some experience in turning off SSLv3. Opera Classic on Android will also be updated in the next coming days.

Security changes in Opera 25; the poodle attacks - Opera Security - Opera Software
 

My Computer My Computer

At a glance

Microsoft Windows 7 Home Premium 64-bit 7601 ...AMD C-60 APU with Radeon(tm) HD Graphics4.00 GBAMD Radeon HD 6290 Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
ASUS
OS
Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
CPU
AMD C-60 APU with Radeon(tm) HD Graphics
Motherboard
ASUSTeK COMPUTER INC. X501U
Memory
4.00 GB
Graphics Card(s)
AMD Radeon HD 6290 Graphics
Sound Card
(1) AMD High Definition Audio Device (2) Realtek High Defi
Screen Resolution
1366 x 768 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
Hitachi HTS545050A7E380 SATA Disk Device
Antivirus
Comodo CIS & FW, SecureAplus App Whitelisting, Threatfire
Browser
Cyberfox 64bit, Opera 64bit, Airfox
Other Info
Spy-The-Spy, HitmanPro.Alert, Norton Connect Safe, MJRegWatcher, BitDefender TrafficLight, Voodoo Shield, Zemana AntiMalware
Callender,

Thank you for the links. I'm gathering information on how to run various browsers in safe mode and they will help in my research.
 

My Computer My Computer

At a glance

Originally Win 7 Hm Prem x64 Ver 6.1.7600 Bui...Intel i3 530 2.93GHz, 2933MHz 2 Cores 4 Logic...6GB of 1,333MHz DDR3 SDRAM32MB Intel Graphics Media Accelerator HD IGChip
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Gateway DX4831-01e (Mid-Tower Desktop)
OS
Originally Win 7 Hm Prem x64 Ver 6.1.7600 Build 7601-SP1 | Upgraded to Windows 10 December 14, 2019
CPU
Intel i3 530 2.93GHz, 2933MHz 2 Cores 4 Logical Processors
Motherboard
Gateway H57M01 133 megahertz
Memory
6GB of 1,333MHz DDR3 SDRAM
Graphics Card(s)
32MB Intel Graphics Media Accelerator HD IGChip
Sound Card
Realtek High Definition Audio
Monitor(s) Displays
Gateway HX2000 20inch TFT active matrix TN
Screen Resolution
1600 x 900 x 59 hertz
Hard Drives
WDC WD10EADS-00M2B0 [HDD] (1000.20 GB) -- drive 0,
HL-DT-ST DVDRAM GH41N [CD-ROM dr]
Four card readers, and Four USB 2.0
PSU
300watts.
Case
Mid-Tower Desktop
Cooling
Stock from Gateway
Keyboard
Natural Ergonomic Keyboard 4000, see Other Info
Mouse
Orig. Gateway wore out now using Insignia USB wired optical
Internet Speed
Vz FIOS 10ms png 57.64Mbps down 65.53Mbps up Speedtest.org
Antivirus
Zamana Anti-logger with Anti-malware, MSE, Windows Firewall,
Browser
IE11.0.9600.19399-Upd ver11.0.135, Firefox 68.0.1 x64
Other Info
System Specs by Belarc.

BIOS: American Megatrends Inc. P01-A0 11/17/2009

Replaced the MS 'Natural' Standard PS/2 Enhanced 101-102 Keyboard with a new Natural Ergonomic Keyboard 4000 on August 1st 2014.

Canon Pixma MG3222 Printer.

Updated to IE11 on 12102015 | Fios Quantum Router g1100

Additional AV: SpywareBlaster, manual Mbam, SAS
If there's more chance of getting struck by lightning than being a poodle attack victim then I wonder why it's Opera decided to remotely disable SSL v3 in user's browsers.

Because people actually do get struck by lightening? :huh:

Opera is simply understanding that lightening could strike.
 

My Computer My Computer

At a glance

Windows 10 ProIntel Core i7-4770K (3.5Ghz)32 gig Corsair Dominator Platinum (4x8Gig)Sapphire Tri-X R9 Fury
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom built by me.
OS
Windows 10 Pro
CPU
Intel Core i7-4770K (3.5Ghz)
Motherboard
Gigabyte G1 Sniper 5 (F10 Bios)
Memory
32 gig Corsair Dominator Platinum (4x8Gig)
Graphics Card(s)
Sapphire Tri-X R9 Fury
Sound Card
Soundblaster ZXR
Monitor(s) Displays
NEC PA242W 24" LCD Monitor
Screen Resolution
1920 x 1200
Hard Drives
Primary - Samsung 850 Pro (512gig), Samsung 840 Pro (256gig), 2TB WD Caviar Black.
PSU
EVGA Supernova 1000 G2
Case
Cooler Master HAF X
Cooling
Corsair H100i with Corsair Air Series SP120 Quiet Fans
Keyboard
Logitech Wireless Wave
Mouse
Logitech Performance MX
Internet Speed
High Speed Cable
Antivirus
Norton Security
Browser
IE11
Other Info
Memory Timings - 1866MHz @ 9-9-9-27-1T @ 1.5 volts
Poodle comment explained

If there's more chance of getting struck by lightning than being a poodle attack victim then I wonder why it's Opera decided to remotely disable SSL v3 in user's browsers.

Because people actually do get struck by lightening? :huh:

Opera is simply understanding that lightening could strike.

Sorry. I'm getting threads confused as there's a few threads that have been started on the issue. I thought that this thread contained this post but obviously it doesn't!

On another note I've just installed a Firefox add on (actually I've installed in Cyberfox 5 minutes ago) and it looks promising:

SSL Sleuth for Firefox

SSL security rated and details displayed along with various options.

Screenshots:

SSL strength rated

SSL Cyberfox DuckDuckGo.jpg

Option to globally disable RC4

SSL Cyberfox Google.jpg

Perfect Forward Secrecy displayed

SSL Cyberfox Google 2.jpg

Another add on that I plan to try:

Calomel SSL Validation for Firefox

There's a fair amount of information if you scroll down the above link's page.
 

My Computer My Computer

At a glance

Microsoft Windows 7 Home Premium 64-bit 7601 ...AMD C-60 APU with Radeon(tm) HD Graphics4.00 GBAMD Radeon HD 6290 Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
ASUS
OS
Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
CPU
AMD C-60 APU with Radeon(tm) HD Graphics
Motherboard
ASUSTeK COMPUTER INC. X501U
Memory
4.00 GB
Graphics Card(s)
AMD Radeon HD 6290 Graphics
Sound Card
(1) AMD High Definition Audio Device (2) Realtek High Defi
Screen Resolution
1366 x 768 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
Hitachi HTS545050A7E380 SATA Disk Device
Antivirus
Comodo CIS & FW, SecureAplus App Whitelisting, Threatfire
Browser
Cyberfox 64bit, Opera 64bit, Airfox
Other Info
Spy-The-Spy, HitmanPro.Alert, Norton Connect Safe, MJRegWatcher, BitDefender TrafficLight, Voodoo Shield, Zemana AntiMalware
Back
Top