Some simple questions, FAQ?

I now play with CD and i see on the end of the url a yellow triangle telling me that forum.comodo.com has insecure items, why?

I found a DNS number in my ip4 remotely looking like the Comodo secure DNS only ending on .25 is this the same?

I have also Verification engine do I still need this and if not what is the new visual that a website is ok.?

Where do I find the search engine, I mean I see a list buthow does this work. Ik firefox there is in the right upper corner a place where is this in Comodo?

If I open new empty TAB there are some small windows in it, how do we make this the start up page?

Where do I quickly find the website history?

What is the SSL 2.0 for, it’s not activated.?

How di I get TABs opened in the front in stead of the back?

I now play with CD and i see on the end of the url a yellow triangle telling me that forum.comodo.com has insecure items, why?
Linked images (including some avatars, images in signatures) that are not encrypted, from other domains.
Where do I find the search engine, I mean I see a list buthow does this work. Ik firefox there is in the right upper corner a place where is this in Comodo?
In the “omnibox”: http://www.google.com/googlebooks/chrome/big_18.html
If I open new empty TAB there are some small windows in it, how do we make this the start up page?
Options, Basics, Homepage, Use the New Tab page.
Where do I quickly find the website history?
Complete history is found on New Tab page.

What about RSS feeds ?

I really like the way I have them in FF right now.

if you want this implemented pls put this in the wishlist for Comodo Dragon, so that our devs can consider it in the next development cycle.

thanks
Melih

Enable SSLv2 at your own risk. It’s a deprecated SSL version. It’s a very weak SSL version and was quickly deprecated.

SSL v2 is flawed in a variety of ways: Identical cryptographic keys are used for message authentication and encryption. MACs are unnecessarily weakened in the "export mode" required by U.S. export restrictions (symmetric key length was limited to 40 bits in Netscape and Internet Explorer). SSL v2 has a weak MAC construction and relies solely on the MD5 hash function. SSL v2 does not have any protection for the handshake, meaning a man-in-the-middle downgrade attack can go undetected. SSL v2 uses the TCP connection close to indicate the end of data. This means that truncation attacks are possible: the attacker simply forges a TCP FIN, leaving the recipient unaware of an illegitimate end of data message (SSL v3 fixes this problem by having an explicit closure alert). SSL v2 assumes a single service, and a fixed domain certificate, which clashes with the standard feature of virtual hosting in webservers. This means that most websites are practically impaired from using SSL. TLS/SNI fixes this but is not deployed in webservers as yet.

If it is so flawed, then maybe you should add some additional information or warning in the brackets following the original string or even a dialogue window.

And clutter up the options area even more? It’s best left as is (an option to disable or enable)

How would something like the examples bellow clutter up the GUI?

  • Use SSL 2.0 (not recommended)
  • Use SSL 2.0 (deprecated)
  • Use SSL 2.0 (not secure)

Your argument has no sense. Look at the length of labels near other check boxes and how descriptive the labels are.

I thought CD is all about security. An ‘average Joe’ might not know the difference between different versions of SSL / TLS and unknowing the consequences enable this option.

[attachment deleted by admin]

You’re right and I am wrong. Will suggest it to developers right now.