Due to a new attack, Inkbunny has removed support for an old protocol used for secure connections.
Like SHA-1, which we discontinued last week, this protocol has been obsolete for a while now and was primarily used by Internet Explorer 6 on Windows XP. If you're one of the three people who were using it to access Inkbunny, you'll need to change your web browser or upgrade your operating system.
If you're reading this, chances are you don't need to do anything. Modern browsers use TLS by default, so you won't be blocked from using Inkbunny. Chrome and Firefox will soon disable SSL support to protect you when browsing other sites, while Opera has it disabled by default in the latest version.
To protect yourself on other sites, until they or your browsers update: IE - Firefox and Chrome
The latest version of Opera appears to have disabled SSL v3 by default. You can check this in Tools/Preferences.../Advanced/Security/Security Protocols... (There is no need to disable the ciphers in the "Details" list, even if they are marked SSL3.)
The latest version of Opera appears to have disabled SSL v3 by default. You can check this in Tools/
Wow, I thought SSLv3 would be safe, but guess I was wrong. Shoulda read about it myself, but better late than never. Well, it's not late even now, cuz I never had any issues and nobody complained,
Wow, I thought SSLv3 would be safe, but guess I was wrong. Shoulda read about it myself, but better
Nothing is safe forever. That's why upgrades are necessary. This attack has only just been announced, though, and it would require technical sophistication to exploit, so I wouldn't worry too much.
Nothing is safe forever. That's why upgrades are necessary. This attack has only just been announced
If you have Windows 8; the browser that comes with it is fine. You might try Chrome or Firefox instead, but it is not necessary to address this particular problem.
If you have Windows 8; the browser that comes with it is fine. You might try Chrome ( https://www.go
I know! I have it on my test laptop. But we're not getting hits from it, at least as far as I can tell. Maybe two. There's one from Windows 98 in there, too.
I know! I have it on my test laptop. But we're not getting hits from it, at least as far as I can te
That's the literal number of people who used IE 6 yesterday on Inkbunny.
For comparison, the top ten browser versions: Chrome 37: 5312 Firefox 32: 4876 Chrome 38: 1880 Internet Explorer 11: 1121 Android Browser: 713 Chrome Mobile 38.0: 614 Mobile Safari 8: 404 Mobile Safari 7: 378 Opera 24: 218 Chrome 36: 201
That's the literal number of people who used IE 6 yesterday on Inkbunny. For comparison, the top te
If you are using your browser in a trusted location, there should be no problem.
If you're out at some random cafe, there is the teensiest chance that the owner could read your login token from other websites. But almost certainly not; there's no exploit for this yet.
Using Inkbunny should be safe from any location, with the caveat that if you are using a computer you don't own, all bets are off. That's always the case.
If you are using your browser in a trusted location, there should be no problem. If you're out at s
I install OS's for a living and thats one of the first things I do is uncheck those options before the machine hits the internet, my own machine included. Seems some anti-furry is raging with DOS attacks, the 'neer has not updated the site in years so bound to happen.
I install OS's for a living and thats one of the first things I do is uncheck those options before t
Yes, but you can improve your security on other websites by loading "about:config" in your URL bar, searching for "security.tls.version.min", double-clicking it and setting it to 1 (the default is 0).
Chrome users can add "--ssl-version-min=tls1" on the command line to do the same thing.
Yes, but you can improve your security on other websites by loading "about:config" in your URL bar,
Well, I hope it doesn't break down, crash, burn, have problems getting back up, flies off the rails whenever it feels like, and ends up with people screaming in fear not to ride it. Who knows, maybe it'll be as fun as the other rides that do the exact same thing, but let you spin the seats!
Well, I hope it doesn't break down, crash, burn, have problems getting back up, flies off the rails
Cnn't try it here as I'm on mobile phone, Maxthon for Androin have no TLS 1.2 support but yes for TLS 1.1 and 1.0, unfortunately for SSL 3.0 too. Go to SSLlabs and click on test browser, it should tell which TLS and SSL versions supports
Cnn't try it here as I'm on mobile phone, Maxthon for Androin have no TLS 1.2 support but yes for TL
Only thing then is wait for the websites to update, search in maxthon settings for that or adk in Maxthon support forums *shrugs* It wws based on chrome or chromium so thwre may be some kind of chrome://flags or similar
Can't try as I'm on mobile as Isaid
Only thing then is wait for the websites to update, search in maxthon settings for that or adk in Ma
I don't know if this is a problem or not, but I found this tidbit of information on one of the sites dealing with this new attack. I'll post the link below the quote:
"Worryingly, “prospective attackers can force a server to default back to SSL 3.0 for the sake of the exploit.”"
That is why we disabled it at the server. It can't be downgraded to if it's not supported. If an attacker tries to force SSL anyway, the user's request will never get past "connecting".
That is why we disabled it at the server. It can't be downgraded to if it's not supported. If an att
It depends. In some cases the page is rendered at a distant server, in which case it depends on what they're using - probably something up-to-date. In others, it is rendered locally, and depends on what they had when they built it. If you're using something made in the last three years, it's probably fine.
It depends. In some cases the page is rendered at a distant server, in which case it depends on what
If I have a request or suggestion for future changes or additions to the sites functionality, what is the apropriate way to communicate it? Do you care about such requests at all?
If I have a request or suggestion for future changes or additions to the sites functionality, what i
