| 1 person marked this as a favorite. |
Paizo is punishing customers for having older computers.
Sent from my iPhone, since I can't get on messageboard with my computer anymore.
As indicated earlier in the thread, this is not all an intended punishment, or a measure we're taking on a whim. The change is both to put us in proper compliance with our credit card processor, and to start bringing paizo.com to the place it should be in regards to security. We're not the only website subject this change (many online retailers, banks, and anyone who handles card/senstive data are also changing) to protect our customers account security. I'm sorry this has negatively impacted your experience coming to our site, and we tried to give as much advance warning as was possible. If you need any assistance with selecting a newer browser, or with your current system, we can absolutely try to help you find a option that works.
System Administrator
|
It did go live. Are you using a proxy that might not understand TLS 1.1 or 1.2? Maybe an extension? Might want to check How's My SSL to see what it says.
|
System Administrator
|
| 1 person marked this as a favorite. |
I would try chrome or opera or firefox for android. The problem was that java was pretty far behind and so TLS 1.2 wasn't implemented until there were real problem, ie POODLE, and 4.4 is the first time it supports it natively. Some alternate browser might have implemented it before it was supported by a java library, depending on how forward thinking it was. Being constantly left behind by updates is why I left the android sphere and got an iPhone. I've been so much happier with it. =/ I really wanted to support android as I'm a big supporter of open software but it's very frustrating.
|
I'm on Windows 7 using Firefox 38.0.5 and I was unable to use the secure portions of the site. How's My SSL said I was a bad bad boy.
I then found this guide for turning up the max TLS version available to Firefox to use, and now it's working fine.
Perhaps this has been mentioned in one of the previous posts...I didn't read them all, but in scanning I didn't see one. So hopefully this helps someone.
|
Being constantly left behind by updates is why I left the android sphere and got an iPhone. I've been so much happier with it. =/ I really wanted to support android as I'm a big supporter of open software but it's very frustrating.
OK Lissa, you're the first SysAdmin I've ever heard who made the switch TO iOS. Every admin I've ever worked with, who wasn't a Mac user beforehand, hates the Apple "closed box, no way to really access anything that goes wrong" approach. The Android fragmentation really irritated you that much?
(Fragmentation, for those of you not in the know, refers to the issues with Android OS phones being all over the map in terms of what phone is on what OS. Google can release new versions of Android all day until they're blue in the face, but then the hardware manufacturers get to layer their own skin and various programs on top of the OS, and then the carriers each get to add their own on top of that. Yeah, it causes some definite issues, though some people just go buy a Nexus device straight from Google. Pure Android, no carrier or hardware vendor garbage.)
|
System Administrator
|
The Android fragmentation really irritated you that much?
Yes it did. I had spent a lot of money on my phone and it was obsolete and never updated after the first push. I had an iPad 2 since about the same time as I got my android phone and it's still being updated along with everything else. Plus the camera on the 6 plus is fantastic. It helps that I use a mac at work all day. =) As a tool I use a lot, I've been far more happy with my iPhone as a phone, camera, and small computer than any android I've used.
Luckily, I was able to find the option on IE9 that enables TLS 1.1 and 1.2. I think everything is working again, but the site is still complaining at me and saying that my browser isn't supported, lol.
Well, my phone isn't even close. And it's been acting buggy since I got it (turning itself off for no apparent reason, and so on), so this might just be the push to get me a new one.
But the bit that really annoys me is that I can't even read the main messageboard page on the phone any longer. I can get into the subforums alright, but well - it's annoying.
Does anyone know how to enable TLS 1.2 (or 1.1) support for Opera Mini?
I have version 8 installed but I would not mind upgrading if that solves anything, but I have last version in my Android tablet and it does not work neither (Firefox works there though).
There seems to be no other decent browser option for my old style phone than Operan Mini, and phone upgrade is not an option here.
I can no longer post in my loved Paizo online campaigns while commuting :(
|
| 1 person marked this as a favorite. |
But the bit that really annoys me is that I can't even read the main messageboard page on the phone any longer. I can get into the subforums alright, but well - it's annoying.
Y'know... I've been having the same problem at work the past few days. I think Messageboardsment worked fine up until Monday, but now I get a "connection was reset" by secure.paizo.com or something like that. I can visit individual threads and I can get to sub forums, but Messageboardsment is honked.
My work computer is a Win7 box running Firefox v38.0. I have Chrome available but I haven't tried it. Because I don't have admin privileges, changing configuration or downloading something different is a non-starter.
Any ideas?
-Skeld
What model phone and what version of Android?
The phone runs a Nokia Asha 2 OS and Opera Mini 8.
The tablet is Android and runs Opera Mini 9, but here I have no problem as I can use other browsers like Firefox or Chrome.
In both cases I cannot post to my online campaigns. But I mainly care about the phone as my commuting time is long and I had already committed to a few long term games here at Paizo.com.
It would be great if someone knows how to enable TLS 1.1 or 1.2 in Opera Mini.
|
System Administrator
|
I would check opera:config and see if it's there. I don't know a lot about Opera. I've so rarely used it. But it might show the config settings in there.
One of the other things you need to watch for are proxies, which you often have in offices, that don't support tls 1.1 and 1.2.
Generally speaking, reading a thread isn't a secure action so it doesn't need to be secure. Posting, getting account info and sometimes getting the front page for messageboards are secure actions so that would be why you can read.
|
System Administrator
|
As long as the browser supports tls 1.1 or 1.2, you shouldn't have any problems. Latest firefox or chrome is pretty easy way to get around the OS problem as long as you aren't behind a proxy that doesn't support it. iOS, as long as it's kept updated gets right through as of, I think, iOS 6 which most idevices can use. I think the first one or two iPhones they stopped supporting a little while back. PowerPC devices are just out of luck, as there is no update or alternate browser available unless they want to install linux maybe.
|
|
But the bit that really annoys me is that I can't even read the main messageboard page on the phone any longer. I can get into the subforums alright, but well - it's annoying.Y'know... I've been having the same problem at work the past few days. I think Messageboardsment worked fine up until Monday, but now I get a "connection was reset" by secure.paizo.com or something like that. I can visit individual threads and I can get to sub forums, but Messageboardsment is honked.
My work computer is a Win7 box running Firefox v38.0. I have Chrome available but I haven't tried it. Because I don't have admin privileges, changing configuration or downloading something different is a non-starter.
Any ideas?
-Skeld
I was in the same boat as you are. My Firefox was set to limit TLS to 1.0
You can follow the instructions HERE to fix it.
Is there going to be support for the google search on windows 8.1 RT? It is the only version of a google browser that I can access as 8.1 RT wont let me use chrome out right
I haven't found a solution for Opera Mini. Opera for PC just works perfectly, but Opera Mini for phones... it is just not working, even on aboug:config, there is no option about TLS.
What it shocked me today is I can click on the favourite button on posts and that is perfectly working.
Previously, I thought the problem was on identifying the user account and that was the reason behind making posts into the secure area. But if "likes" do not require that treatment, I do not see why posts require it.
Messageboards posts are publicly available, so I think there is no real need to encrypt the data on them, am I right? I understand about 'my account' section, downloads section, private messages, etc... but currently posts in publicly accessible areas are requiring my browser to encrypt the content with TLS 1.1, areas which are so public that even search engines can parse, thus they are not expected to contain sensible data.
Can you clarify this please? Is there any possibility you might move posting to public areas like "Online Campaigns" to the http protocol instead of https allowing we, old guys, to remain compatible?
Thanks before hand for the consideration!
Is there going to be support for the google search on windows 8.1 RT? It is the only version of a google browser that I can access as 8.1 RT wont let me use chrome out right
I believe RT uses IE 11 by default, which should support the most recent version of TLS.
I haven't found a solution for Opera Mini. Opera for PC just works perfectly, but Opera Mini for phones... it is just not working, even on aboug:config, there is no option about TLS.
What it shocked me today is I can click on the favourite button on posts and that is perfectly working.
Previously, I thought the problem was on identifying the user account and that was the reason behind making posts into the secure area. But if "likes" do not require that treatment, I do not see why posts require it.
Messageboards posts are publicly available, so I think there is no real need to encrypt the data on them, am I right? I understand about 'my account' section, downloads section, private messages, etc... but currently posts in publicly accessible areas are requiring my browser to encrypt the content with TLS 1.1, areas which are so public that even search engines can parse, thus they are not expected to contain sensible data.
Can you clarify this please? Is there any possibility you might move posting to public areas like "Online Campaigns" to the http protocol instead of https allowing we, old guys, to remain compatible?
Thanks before hand for the consideration!
https:// is two way. That is, everything you send to the server is ALSO encrypted. Including the things your browser uses to prove that you are you and are logged in. (For most sites, this is a cookie.) Using https once you're logged in, even for pages that don't require a login to view, keeps someone from imitating you and accessing other parts of the site.
|
System Administrator
|
| 1 person marked this as a favorite. |
We probably won't and the reason is that, before we put words in your mouth, we need to be reasonably sure that the person talking about them is you. Which requires a recent login, which requires a secure connection. Most of the messageboards are clear to read for that reason unless you have access to some private areas on the main messageboard page. I don't think favoriting is quite as damaging as someone picking up your device and posting as you because that can have consequences and so it's not a highly privileged operation. If we were to consider any changes there we'd probably be considering for MORE security on favoriting and flagging.
|
System Administrator
|
No longer able to browse my games using my PS Vita
I'm not sure, but if you're using up-to-date PS Vita firmware, you should be ok. Can you send me a screenshot of the https://www.howsmyssl.com/. Private message is fine. I mostly need to know that it can handle tls 1.1 or 1.2 and what protocols it understands which is at the bottom.
|
System Administrator
|
Hmmm. Well, that's not good. I had hoped they'd implemented tls 1.2 as they did in the ps4 but if you're up-to-date and it's giving you a bad on SSL Client then that means it won't work. Have you tried any of the vita browser apps? I think you can get the usual suspects of opera, firefox, and chrome.