Page 1 of 1
SSL 3.0 vulnerability "Poodle"- disabling SSL 3.0 support
Posted: Thu Oct 16, 2014 11:57 am
by quest
You all have heard about it, right? This one here:
http://googleonlinesecurity.blogspot.de ... sl-30.html
To disable SSL, Chromium based browsers should be launched with parameter:
Apparently this doesn't work with iron.exe, so what should we do?
Re: SSL 3.0 vulnerability "Poodle"- disabling SSL 3.0 suppor
Posted: Thu Oct 16, 2014 9:42 pm
by trailmax
Same here. Nothing happens when I add this parameter. Tried executing from command line and result: no error and no browser either.
Re: SSL 3.0 vulnerability "Poodle"- disabling SSL 3.0 suppor
Posted: Thu Oct 16, 2014 10:24 pm
by Jerr39
I was able to get the parameter to work by changing the exe name in the shortcut target to chrome.exe. This might open Iron with no extensions, but it worked for me.
Re: SSL 3.0 vulnerability "Poodle"- disabling SSL 3.0 suppor
Posted: Wed Oct 22, 2014 2:14 pm
by quest
Thanks Jerr39, but I still think this problem is not solved. Anyone else? The developer?
Re: SSL 3.0 vulnerability "Poodle"- disabling SSL 3.0 suppor
Posted: Thu Oct 23, 2014 1:50 pm
by lylejk
Just posted this but withdrawn since I didn't see your post. I actually received the info from WIndow's Secrets newsletter. I too tried it and don't get any errors but not sure it really is protecting my browser.
Re: SSL 3.0 vulnerability "Poodle"- disabling SSL 3.0 suppor
Posted: Thu Oct 23, 2014 2:09 pm
by lylejk
Did some further reading and I know this protects Iron.
https://www.poodletest.com/
Re: SSL 3.0 vulnerability "Poodle"- disabling SSL 3.0 suppor
Posted: Sat Nov 22, 2014 6:49 am
by nawaz
Thanks a lot for the link. IP-Secrets looks like something that I have been hunting for since a long time.
