Plugincafe.com inaccessible on Mac OS X <= 10.8.x



  • On 04/01/2015 at 18:35, xxxxxxxx wrote:

    User Information:
    Cinema 4D Version:   R15 
    Platform:      Mac OSX  ; 
    Language(s) :   C.O.F.F.E.E  ;  C++  ;  XPRESSO  ;

    ---------
    I'm not really sure where to put this, so apologies if it's the wrong place.

    It appears as though plugincafe.com is now inaccessible under Mac OS X versions equal to or less then 10.8.5 running Safari 6.2.2 or lower. This appears to be caused by some sort of SSL issue, likely because plugincafe.com is redirecting to https://developers.maxon.net and Safari versions <= 6.2.2 do not support TLS 1.1 or 1.2.

    Obviously, it's possible to use another browser to access the main page, but since iCloud is heavily tied into Safari under OS X I'd rather not go that route. It's also possible that this issue is fixed in 10.9/10.10, but unfortunately I'm stuck on 10.8 for the foreseeable future until Apple fixes some other stuff.

    Again, it's not really a big deal, but I thought it might be something you guys should be aware of. Safari is closely tied into Mac OS X so this issue is basically cutting off any users running OS X 10.8.5 or lower.

    -CMPX



  • On 05/01/2015 at 02:41, xxxxxxxx wrote:

    Originally posted by xxxxxxxx

    <ADDRESS>
    User Information:
    Cinema 4D

    Version:   R15 
    Platform:     
    Mac OSX  ; 
    Language(s) :   C.O.F.F.E.E  ; 
    C++  ; 
    XPRESSO  ;

    ---------
    </ADDRESS> I'm not really sure where to put this, so apologies if it's the wrong place.
    It appears as though plugincafe.com is now inaccessible under Mac OS X versions equal to or less then 10.8.5 running Safari 6.2.2 or lower. This appears to be caused by some sort of SSL issue, likely because plugincafe.com is redirecting to https://developers.maxon.net and Safari versions <= 6.2.2 do not support TLS 1.1 or 1.2.
    Obviously, it's possible to use another browser to access the main page, but since iCloud is heavily tied into Safari under OS X I'd rather not go that route. It's also possible that this issue is fixed in 10.9/10.10, but unfortunately I'm stuck on 10.8 for the foreseeable future until Apple fixes some other stuff.
    Again, it's not really a big deal, but I thought it might be something you guys should be aware of. Safari is closely tied into Mac OS X so this issue is basically cutting off any users running OS X 10.8.5 or lower.
    -CMPX

    The issue is fixed in OS X 10.9 / 10.10 as Safari 7 and later support TLS 1.2/1.1.

    Best regards,

    Wilfried



  • On 05/01/2015 at 17:52, xxxxxxxx wrote:

    So then I'm out of luck, unless I use a third party browser or upgrade my entire OS?

    This is literally the only website I visit on the internet that has this problem, and as I recall it wasn't an issue when the new plugincafe.com launched (I could access it just fine)- it went down a week or so later.

    I know it's Apple's fault and all, but it just seems peculiar that MAXON would chose to effectively block the default browser on a platform they still support (10.8.5) CINEMA 4D running on (R15 & R16).

    -CMPX



  • On 06/01/2015 at 08:48, xxxxxxxx wrote:

    Originally posted by xxxxxxxx

    So then I'm out of luck, unless I use a third party browser or upgrade my entire OS?
    This is literally the only website I visit on the internet that has this problem, and as I recall it wasn't an issue when the new plugincafe.com launched (I could access it just fine)- it went down a week or so later.
    I know it's Apple's fault and all, but it just seems peculiar that MAXON would chose to effectively block the default browser on a platform they still support (10.8.5) CINEMA 4D running on (R15 & R16).
    -CMPX

    If you want to use https and don't want to get a false sense of security, then you don't want to use TLS 1.0 (google for "BEAST attack" if you want to find out more).

    Therefore we'd recommend either updating your OS or using a browser that supports TLS 1.1/1.2 on your current OS (and using Safari only for the specific task you deem it necessary).

    Best regards,

    Wilfried



  • On 06/01/2015 at 19:07, xxxxxxxx wrote:

    Originally posted by xxxxxxxx

    If you want to use https and don't want to get a false sense of security, then you don't want to use TLS 1.0 (google for "BEAST attack" if you want to find out more).

    Unless I'm misunderstanding you, are you suggesting that HTTPS is (or should be) optional?

    Right now, http://developers.maxon.net just immediately redirects to the https version and bombs out. Honestly, I could care less about https at home- I control all the equipment between my DOCSIS modem and my various computers. When I'm on the go, it doesn't matter anyways because my iPhone supports TLS 1.1/1.2.

    Forgive me if I'm making assumptions, but your response just made it sound like I should be able to type in "http://" and expect it to work (which it doesn't, it just redirects to https).

    -CMPX



  • On 07/01/2015 at 00:43, xxxxxxxx wrote:

    Originally posted by xxxxxxxx

    Originally posted by xxxxxxxx

    If you want to use https and don't want to get a false sense of security, then you don't want to use TLS 1.0 (google for "BEAST attack" if you want to find out more).

    Unless I'm misunderstanding you, are you suggesting that HTTPS is (or should be) optional?
    Right now, http://developers.maxon.net just immediately redirects to the https version and bombs out. Honestly, I could care less about https at home- I control all the equipment between my DOCSIS modem and my various computers. When I'm on the go, it doesn't matter anyways because my iPhone supports TLS 1.1/1.2.
    Forgive me if I'm making assumptions, but your response just made it sound like I should be able to type in "http://" and expect it to work (which it doesn't, it just redirects to https).
    -CMPX

    Sorry for being ambiguous: I was talking about usage of https in general on your system and the potential security problems you're running into with a browser not supporting TLS 1.2/1.1

    There 's no http version of developers.maxon.net - it intentionally uses https.

    Best regards,

    Wilfried


Log in to reply