Time to Switch off SSLv3

You probably have heard of the SSL 3.0 vulnerability aka Poodle. So if you haven’t or if you have and haven’t done anything about it, it’s definitely time to switch it off.

I simply went though my browsers and turned it of, as nowadays it should not be used anymore. To check if your browser is vulnerable, just check out the Poddle Test. If it does look like below, follow the instructions to make it look different.

Poodle TestFirefox

In Firefox you simply type in


in the address bar of the browser. In the configurations settings you now need to set the value for security.tls.version.min to 1.

Firefox TLS 1Once done, you should be safe, I was told. However, using Firefox ESR 31.1.1, the Poodle Test above still indicates vulnerability.

However, with version 32.0.3 on Mac OS X, setting the minimum TLS version works as a charme.

Poodle TestInternet Explorer

For IE, you should check out Microsoft Security Advisory 3009008 giving a workaround how to turn SSL 3.0 off.

Tools / Internet Options / Advanced got ot the Security category and uncheck Use SSL 3.0 and check Use TLS 1.0, Use TLS 1.1, and Use TLS 1.2.

IE TLS SettingsAgain this should at least give you the feeling of security.

NDepend v5 Article Published

Already some days overdue, it’s worth a note, that we have published an article about the new features in NDepend v5 in issue 10/2014 of the German magazine dotnetpro.

NDepend v5

The article covers most of the new features in v5, including CQLinq, the Dashboard, an first glance of the new API and some interesting details.