Be A Good Netizen
I was working on my post for today and since that’s taking a little longer than expected, I figured I’d tell this story in the hopes that it gets more people to do the same when they encounter a situation like this.
A toot on the Fediverse about some recent Cisco vulnerabilities caught my attention. I’m used to seeing Cisco vulnerabilities, but what I wasn’t used to was the following SSL connection error I encountered when trying to view the advisories:
Which I was only alerted to when I shared this link with a friend, and he told me about the following settings (which I have since activated) in Firefox:
When those settings are activated (technically only the first is strictly necessary to prevent connections to broken sites) they will stop the browser from connecting to websites with broken SSL negotiation. This is a fairly significant issue so it’s good to have those settings activated.
I poked fun at Cisco in a response to the original toot because… well… how does a company this large which specializes in networking and network security equipment allow something like this to happen, especially on their security advisories page?
However, the moral of this story (aside from turning on those settings in Firefox), is: when something is broken be a good netizen and let the siteowners know; things can’t be fixed if they don’t know about it. I submitted the following report to Cisco letting them know of the problem:
If you come across something like this in the future, I hope you too will be a good netizen and do the right thing!
This is my seventy-second post for the #100DaysToOffload challenge. You can learn more about this challenge over at https://100daystooffload.com.