How to fix gray triangle website? I went to add-ons and put Flash to ask to activate but still did not take care of problem.
These websites had always been secure before. Now I am getting a gray triangle on them.
Izabrano rješenje
thank you, this is happening because the site is using a weak RC4 encryption: https://tools.ietf.org/html/rfc7465
in upcoming versions of the browser such sites will only show an error message, so i think it's best to contact the webmasters of the site at hand and urge them to update their encryption to something contemporary...
Pročitaj ovaj odgovor u kontekstu 👍 2Svi odgovori (10)
hello, can you tell us the address of the website where you're having this problem?
Odabrano rješenje
thank you, this is happening because the site is using a weak RC4 encryption: https://tools.ietf.org/html/rfc7465
in upcoming versions of the browser such sites will only show an error message, so i think it's best to contact the webmasters of the site at hand and urge them to update their encryption to something contemporary...
I was on that website yesterday and did not have that problem. When I went in there today, I got a message that my Adobe Flash plugin wasn't working. It suggested I download updated version of Firefox. When I did that, that's when I got this message.
That website uses a cipher that is considered weak and thus Firefox shows that warning triangle.
- TLS_RSA_WITH_RC4_128_SHA
Not message. I mean that's when I got the gray triangle instead of the green padlock
what probably happened in the meantime is that your firefox version updated. when you look at the security advisory referenced above you will notice that it is from last month, so browser vendors will follow suit in new versions shortly and remove support for rc4. again, it's an issue that needs to be fixed by the website!
Ok. Thank you both for your help. I will contact the website with this info. Meanwhile, should I not use the website, as it can be unsecure?
the website itself isn't insecure per se, but in light of the rc4 weakness the connection between you and the site shouldn't be trusted anymore and rather be treated as if your data is submitted in plain-text form and open for anyone along the way to see (that's rather bad for login-credentials and sensitive financial data of course).
Ok. Thank you so much for your help!