• Menu
  • Skip to right header navigation
  • Skip to main content
  • Skip to secondary navigation
  • Skip to primary sidebar
  • Skip to footer

Before Header

Call us today!  (888) 596-3998

  • Facebook
  • Twitter

Landon Technologies, Inc.

  • HOME
  • ABOUT
    • AREAS WE SERVE
      • FLORIDA
        • JACKSONVILLE
          • JACKSONVILLE MANAGED IT
          • JACKSONVILLE CYBERSECURITY
          • JACKSONVILLE IT CONSULTING
          • JACKSONVILLE CLOUD SERVICES
          • JACKSONVILLE IT COMPANY
          • JACKSONVILLE NETWORK CABLING
        • MIAMI
          • N. MIAMI BEACH MANAGED IT
          • MIAMI BEACH MANAGED IT
        • FORT LAUDERDALE
        • TAMPA
          • TAMPA IT SUPPORT
        • ORLANDO
          • ORLANDO MANAGED IT
        • ST AUGUSTINE
        • PALM COAST
        • ORMOND BEACH
      • GEORGIA
        • ATLANTA MANAGED IT
        • ALPHARETTA MANAGED IT
        • KENNESAW MANAGED IT
        • JOHNS CREEK MANAGED IT
        • MARIETTA MANAGED IT
        • NORCROSS MANAGED IT
        • ROSWELL MANAGED IT
        • SANDY SPRINGS MANAGED IT
        • SAVANNAH MANAGED IT
      • TEXAS
        • DALLAS MANAGED IT
        • HOUSTON MANAGED IT
      • CALIFORNIA
        • LOS ANGELES
      • NEW YORK
        • MANHATTAN
        • QUEENS
  • IT SERVICES
    • MANAGED IT SERVICES
      • REMOTE IT SERVICES
      • ENTERPRISE MANAGED IT
    • CYBERSECURITY
    • IT SUPPORT
      • REMOTE IT SUPPORT
    • NETWORK SERVICES
      • NETWORK MAINTENANCE
    • IT CONSULTING
    • DATA CENTER
    • DATA BACKUP
  • BLOG
  • CONTACT

Mobile Menu

  • HOME
  • ABOUT
    • AREAS WE SERVE
      • FLORIDA
        • JACKSONVILLE
          • JACKSONVILLE MANAGED IT
          • JACKSONVILLE CYBERSECURITY
          • JACKSONVILLE IT CONSULTING
          • JACKSONVILLE CLOUD SERVICES
          • JACKSONVILLE IT COMPANY
          • JACKSONVILLE NETWORK CABLING
        • MIAMI
          • N. MIAMI BEACH MANAGED IT
          • MIAMI BEACH MANAGED IT
        • FORT LAUDERDALE
        • TAMPA
          • TAMPA IT SUPPORT
        • ORLANDO
          • ORLANDO MANAGED IT
        • ST AUGUSTINE
        • PALM COAST
        • ORMOND BEACH
      • GEORGIA
        • ATLANTA MANAGED IT
        • ALPHARETTA MANAGED IT
        • KENNESAW MANAGED IT
        • JOHNS CREEK MANAGED IT
        • MARIETTA MANAGED IT
        • NORCROSS MANAGED IT
        • ROSWELL MANAGED IT
        • SANDY SPRINGS MANAGED IT
        • SAVANNAH MANAGED IT
      • TEXAS
        • DALLAS MANAGED IT
        • HOUSTON MANAGED IT
      • CALIFORNIA
        • LOS ANGELES
      • NEW YORK
        • MANHATTAN
        • QUEENS
  • IT SERVICES
    • MANAGED IT SERVICES
      • REMOTE IT SERVICES
      • ENTERPRISE MANAGED IT
    • CYBERSECURITY
    • IT SUPPORT
      • REMOTE IT SUPPORT
    • NETWORK SERVICES
      • NETWORK MAINTENANCE
    • IT CONSULTING
    • DATA CENTER
    • DATA BACKUP
  • BLOG
  • CONTACT
  • Facebook
  • Twitter

Googlers find Poodle bug – what does it mean for you?

By //  by CReed Leave a Comment

On October 14, 2014, Bodo Möller, from the Google Security Team, released a statement that he and two others at Google had discovered a vulnerability in SSL 3.0 that could allow a hacker access to an Internet user’s browsing session and personal account information online.

chrome-firefox-safari-internet-explorer-browsers-affected-by-poodle-bug

SSL stands for “Secure Sockets Layer” and its purpose is to encrypt data while users browse the Internet. SSL 3.0 is old technology. TLS (Transport Layer Security) is the newer encryption protocol.

Möller stated, “SSL 3.0 is nearly 18 years old, but support for it remains widespread. Most importantly, nearly all browsers support it and, in order to work around bugs in HTTPS servers, browsers will retry failed connections with older protocol versions, including SSL 3.0. Because a network attacker can cause connection failures, they can trigger the use of SSL 3.0 and then exploit this issue.”

This flaw is being referred to as the POODLE (Padding Oracle on Downloaded Legacy Encryption) bug.

A New York Times article and Time magazine report that home users are not likely to be attacked. Nicole Perlroth, on the New York Times Security blog, reports “to pull off an a Poodle attack security researchers say that the victim has to be actively online and physically close to the attacker — say, using the same public Wi-Fi.”

Still, Möller and the other Googlers, are recommending shutting down SSL 3.0 altogether by taking away the option to downgrade from TLS for browsers. Google Chrome is being tested with changes that disable the fallback to SSL 3.0.

Other browsers and servers are following suit. Mozilla is expected to disable SSL 3.0 in the next version of the Firefox browser, to be released in November. Twitter has disabled support for SSL 3.0. CloudFare CEO Matthew Prince announced: “CloudFlare has disabled SSLv3 across our network by default for all customers. This will have an impact on some older browsers, resulting in an SSL connection error. The biggest impact is Internet Explorer 6 running on Windows XP or older.”

Internet Explorer 6 uses TLS, but not by default. Internet Explorer 6 users are going to have a harder time accessing sites across the Internet with web servers disabling fallback to SSL 3.0.

If you want to command your browser not to use SSL 3.0, Mozilla has a link to instructions for Firefox in their security blog: https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/

For Internet Explorer, go to Internet Options on the Tools menu and click on the Advanced tab. Uncheck the box next to SSL 3.0.

To check your browser, click on https://zmap.io/sslv3/. You will either get a red warning box stating that your browser supports SSL v3 or a blue box stating, ” Good News! Your browser does not support SSLv3.”

Excluding SSL 3.0 in your browser is a step for extra security. It may not be necessary for most home users, or for those on a closed network. It is most necessary for those who use public WiFi.

Security risks like this keep cyber security consulting firms like Landon Technologies busy. Let us know if we can ever help your organization combat cybersecurity!

Filed Under: Educational

Looking for immediate answers to your questions?

You May Also Be Interested In:

A group of professionals discussing network configurations in a modern office setting.

How to Set Up a Corporate Network for Success

Efficient team of IT professionals working on fully managed IT services.

What is Fully Managed IT Services? – Your Personal IT Department

Split-screen image contrasting a composed IT professional monitoring system data under Managed Services with a stressed IT professional surrounded by disarrayed cables and broken equipment under Break-Fix model.

What is the Difference Between Managed Services and Break-Fix?

A technician inspecting network cables for maintenance.

How Often Should Network Maintenance Be Done?

Remote team collaborating on a virtual meeting.

Best Practices for Managing a Remote Workforce

A close-up of a woman's hand typing on a laptop keyboard with a cup of coffee beside it.

How to Provide Effective Technical Support for Remote Work

IT Management Meeting with Client

What Does an IT Managed Services Company Do?

An image of a modern data center with rows of servers and technicians working.

What is Data Center Support?

A team of network technicians carefully planning a network installation project in a business setting.

How Much is Labor to Install a Network? Understanding Network Installations

Previous Post: « How to Minimize Workplace Interruptions
Next Post: Must-Have Software for Students »

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Follow Us

  • Facebook
  • Twitter

Search this Website

Latest Posts

  • A group of professionals discussing network configurations in a modern office setting.How to Set Up a Corporate Network for Success
  • Efficient team of IT professionals working on fully managed IT services.What is Fully Managed IT Services? – Your Personal IT Department
  • Split-screen image contrasting a composed IT professional monitoring system data under Managed Services with a stressed IT professional surrounded by disarrayed cables and broken equipment under Break-Fix model.What is the Difference Between Managed Services and Break-Fix?
  • A technician inspecting network cables for maintenance.How Often Should Network Maintenance Be Done?
  • Remote team collaborating on a virtual meeting.Best Practices for Managing a Remote Workforce
  • A close-up of a woman's hand typing on a laptop keyboard with a cup of coffee beside it.How to Provide Effective Technical Support for Remote Work

Footer

Get in Touch

Landon Technologies, Inc.
221 N. Hogan St. #358
Jacksonville, FL 32202

Main: (904) 647-2248
Toll Free: (888) 596-3998
Hours: Mon-Fri 8am-6pm

IT Services

Managed IT Services
Remote IT Support
Cybersecurity
IT Support
Remote Managed Services
IT Consulting

 

Quick Links

About Us
Tech News
Locations
Why Us?
Testimonials
Home

Company

Founded in 2005, Landon Technologies is a leader in IT Support Services. It’s simple, you get more for your money with us. Find out for yourself why our motto is “More Knowledge, More Experience”.

  • Facebook
  • Twitter
  • Privacy Policy
  • Terms of Service
  • Blog
  • Sitemap
· Copyright © 2005-2023 · Landon Technologies, Inc. ·