18 Sep
2014
18 Sep
'14
8:16 p.m.
On Thu, 2014-09-18 at 20:29 +0200, rysiek wrote:
Dnia czwartek, 18 września 2014 11:10:55 Ted Smith pisze:
There's sort of a chicken/egg problem here.
You can actually just disable them in configuration; in Firefox, you can just go to about:config and set all the security.*.rc4* to false instead of true.
However, this breaks a *lot* of sites, including some big ones.
Time for a little name and shame?
This was a while ago and I've forgotten, though it was enough to be annoying. It'd be pretty easy to write a script that harvested the allowed ciphersuites from the top Alexa sites, if you were really interested. The EFF's HTTPS Observatory might also have this information. -- Sent from Ubuntu