You are not logged in.
- Topics: Active | Unanswered
Announcement
Pages: 1
#1 Re: Epic Privacy Browser - Help & Troubleshooting » Guidance on SSLv3 "POODLE" bug » 2014-10-21 05:24:19
No problem, thanks for responding!
Can you investigate why the SSLLabs test says EB is vulnerable?
Is there a way to disable SSL3 completely in EB (excluding the method listed in the original post)?
Surprisingly the ONLY browser which has an easy method of disabling SSL3 and passes every poodle test I have used... is Internet Explorer!
#2 Re: Epic Privacy Browser - Help & Troubleshooting » Guidance on SSLv3 "POODLE" bug » 2014-10-20 01:29:14
Hello, you retweeted the following on your Twitter...
"Thank you @epicbrowser for being poodleproof right out of the box! i now have 2 browsers that are poodle proof 
#epicbrowser"
Source: https://twitter.com/jdfrasure/status/523109520789504000
Is this vulnerability already squashed in the current release? Why does the SSLLabs test say otherwise? Thanks.
#3 Epic Privacy Browser - Help & Troubleshooting » Guidance on SSLv3 "POODLE" bug » 2014-10-16 20:37:15
- alexlangley
- Replies: 4
Can you please give us some guidance on protecting EpicBrowser against this bug?
I tried the following, but all it did was replace my on startup set of pages to the flag.
"CHROME
Chrome users don't have an option in the GUI to disable SSLv3 as Google removed it due to confusion over whether SSLv3 or TLSv1 was better with one having a higher numeric value. Instead you can add the command line flag --ssl-version-min=tls1 to enforce the use of TLS and prevent any connection using the SSL protocol. In Windows, right click on your Chrome shortcut, hit Properties and add the command line flag as seen in the image below."
Instead of opening my homepage it opens the flag.
I used the following tool to test if it was still enabled: https://www.ssllabs.com/ssltest/viewMyClient.html
"SSL 3 Yes"
Pages: 1