Tag Archive for 'security'

Enable and test TLS 1.2 in Firefox 26

Firefox has (unfortunately) lagged behind other browsers recently when it comes to implementing the more secure TLS 1.2 and it’s only now officially landing in the upcoming release 27. It can always use more testing though and if you’re running version 26 you can still enable it and test.

Browse to:
about:config

Set the following:
security.tls.version.max:3

This is the maximum supported protocol so it doesn’t mean that the sites you visit will now be using TLS 1.2. If you want to (try and) force it, there is a security.tls.version.min but be warned that probably most of your sites will fail.

You may also wish to disable this deprecated SSL3 algorithm:
security.ssl3.rsa_fips_des_ede3_sha:false

You can test this out by browsing to http://howsmyssl.com.

Calomel is a handy addon (BSD licence) to tell you what your secure connection negotiated to when you visit a site and gives it a score.

If you notice breakage, please report upstream.

Top 20 OpenSSH Server Best Security Practices

Came across a decent collection of tips for SSH by Vivek Gite. If you’re using SSH (and even if you’re not!) it’s worth a look.

-c