PayPal made the change early. eBay.com has made no security protocol changes (I'm using really old Firefox 3.6.24 with its TLS 1.0 limitations for most eBay functions just fine)
Firefox 3.6.24 can no longer connect to PayPal as of today - which I fully expected as it only supports TLS 1.0, and it appears PayPal made the jump all the way to TLS 1.2 (even though TLS 1.1 was all that was required for PCI-DSS compliance by the credit card companies - a bit of future proofing I guess)
This is happening because of credit card industry security requirements for transaction security. Basically forcing an update to browser that support TLS 1.2 security protocols at a minimum.
This is the error message that PayPal throws in Firefox 3.6.24 beginning today:
"ERROR! Connection is using TLS version lesser than 1.2. Please use TLS1.2"
(obviously written by someone without much command of the English language)
PayPal may still throw an error banner even for a browser that supports TLS 1.2 because they are doing what looks like inept browser user agent checking and flagging compliant but older browsers by version number (ie: I use older Firefox 31 that isn't on their approved list but is compliant and works fine.)
Your friend need to check here:
https://www.paypal.com/us/smarthelp/article/how-do-i-check-and-update-my-web-browser-faq3893and run the browser test near the top of the page to see what is going on.
Without more detail it's impossible to say. It's entirely possible to still be getting warning banners (due to the stupid user-agent checking) but still be able to log in and go about your business (the actual TLS 1.2 session negotiation and the user-agent header checking are two different things).
That's what happened with the USPS TLS upgrade rollout around May of this year. Firefox 31 was still getting a warning banner, but working fine at USPS.com, so I spoofed it as Firefox 59 to get rid of the banner. Looks like they may have removed the user-agent check, so no longer need to spoof the version as it meets the USPS TLS 1.1/1.2 requirement.
Browser user-agent spoofing might be an option if browser is TLS 1.2 to get around warnings, but doubt that Safari can even do that, or that your friend is up to that technical challenge.
Need more information since the eBay thing makes no sense.
What does "can't get on ebay or paypal" mean?
Are we talking about a mobile device?
What error messages are showing or what are the symptoms?
What Safari version is in question here?