Are you following us yet?

414.810.6650

Beware of POODLE

By: 
Jim Jennings
Beware of Poodle

Poodle is the name of a new security vulnerability linked to the SSL (https) protocol (a widely used security measure between two machines operating over the Internet or on an internal network). SSL stands for Secure Socket Layer.


Here Is What You Need To Know 

In support of legacy browsers, the SSL standard is allowed to 'downgrade' to earlier versions of the protocol. A legacy browser is the previous version of an upgraded browser. So, if Internet Explorer is currently on version 11, anything below IE 11 (such as IE 10) is considered a legacy browser. SSL v3.0 (Secure Socket Layer version 3.0) has an error that allowed an attacker to trick the server into downgrading to 3.0 and then exploiting this error.


POODLE, thus far, has only affected those using legacy browsers.

 

How to Protect Yourself from POODLE

As the problem is with SSL 3.0, Keystone Click has turned off support for SSL 3.0 for all of the accounts for which we provide hosting. Firefox and Chrome will soon have updates that will turn off SSL 3.0. To completely avoid the attack, you must have SSL 3.0 turned off on both the server and the browser as it is a two-sided issue.


To learn more, visit this in depth summary of the SSL 3.0 error.

 

Have any questions about what we do? Contact us today!

About the Author

Jim Jennings
Lead Developer

Jim wears many hats around the office…and does a lot for the company too! As the lead developer Jim oversees all website development, planning, technology assessment, custom programming, and keeps our office up and running. In his free time Jim loves to play hockey, find new places to eat, travel, and would love to have the ability to fly.

Enjoy this post? For more tips, sign up for our monthly newsletter. We'll deliver tips like this once a month to your email.