Posts

Showing posts from September, 2013

How To Make Your Browser A Little More Secure

I searched high and low on the internet for a guide to secure my browsing session and disable web servers from preferring insecure SSL sessions. Many websites, such as amazon.com, in an effort to gain better performance, will prefer slightly more insecure methods for establishing a secure SSL session. Unfortunately, I have not found a way to override that preference with the client (browser) preference instead. However, it's probably a better idea to disable any and all weak encryption algorithms in any ways. Two very useful link to verify both a browser and web server's security stance is given below:

Browser accepted security protocols:
https://cc.dcsec.uni-hannover.de/

Web Server accepted security protocols:
https://www.ssllabs.com/ssltest/index.html

Step 1: 
Stop using browsers that do not support SSL encryption algorithm configuration. (Sorry Chrome)

Step 2: 
Download Firefox, which does allow one to

Step 3: 
Go To: about:config

Step 4: 
Search: security.ssl3.

Step 5: 
Set all t…