• Menu
  • Skip to right header navigation
  • Skip to main content
  • Skip to secondary navigation
  • Skip to primary sidebar
  • Skip to footer

Before Header

Call us today!  (888) 596-3998

  • Facebook
  • Twitter

Landon Technologies, Inc.

  • HOME
  • ABOUT
  • IT SERVICES
    • MANAGED IT SERVICES
      • REMOTE IT SERVICES
    • CYBERSECURITY
    • IT SUPPORT
    • IT CONSULTING
    • BACKUP SERVICES
    • NETWORK SERVICES
      • NETWORK MAINTENANCE
    • DATA CENTER
  • BLOG
  • CONTACT

Mobile Menu

  • HOME
  • ABOUT
  • IT SERVICES
    • MANAGED IT SERVICES
      • REMOTE IT SERVICES
    • CYBERSECURITY
    • IT SUPPORT
    • IT CONSULTING
    • BACKUP SERVICES
    • NETWORK SERVICES
      • NETWORK MAINTENANCE
    • DATA CENTER
  • BLOG
  • CONTACT
  • Facebook
  • Twitter

Googlers find Poodle bug – what does it mean for you?

By //  by CReed Leave a Comment

On October 14, 2014, Bodo Möller, from the Google Security Team, released a statement that he and two others at Google had discovered a vulnerability in SSL 3.0 that could allow a hacker access to an Internet user’s browsing session and personal account information online.

chrome-firefox-safari-internet-explorer-browsers-affected-by-poodle-bug

SSL stands for “Secure Sockets Layer” and its purpose is to encrypt data while users browse the Internet. SSL 3.0 is old technology. TLS (Transport Layer Security) is the newer encryption protocol.

Möller stated, “SSL 3.0 is nearly 18 years old, but support for it remains widespread. Most importantly, nearly all browsers support it and, in order to work around bugs in HTTPS servers, browsers will retry failed connections with older protocol versions, including SSL 3.0. Because a network attacker can cause connection failures, they can trigger the use of SSL 3.0 and then exploit this issue.”

This flaw is being referred to as the POODLE (Padding Oracle on Downloaded Legacy Encryption) bug.

A New York Times article and Time magazine report that home users are not likely to be attacked. Nicole Perlroth, on the New York Times Security blog, reports “to pull off an a Poodle attack security researchers say that the victim has to be actively online and physically close to the attacker — say, using the same public Wi-Fi.”

Still, Möller and the other Googlers, are recommending shutting down SSL 3.0 altogether by taking away the option to downgrade from TLS for browsers. Google Chrome is being tested with changes that disable the fallback to SSL 3.0.

Other browsers and servers are following suit. Mozilla is expected to disable SSL 3.0 in the next version of the Firefox browser, to be released in November. Twitter has disabled support for SSL 3.0. CloudFare CEO Matthew Prince announced: “CloudFlare has disabled SSLv3 across our network by default for all customers. This will have an impact on some older browsers, resulting in an SSL connection error. The biggest impact is Internet Explorer 6 running on Windows XP or older.”

Internet Explorer 6 uses TLS, but not by default. Internet Explorer 6 users are going to have a harder time accessing sites across the Internet with web servers disabling fallback to SSL 3.0.

If you want to command your browser not to use SSL 3.0, Mozilla has a link to instructions for Firefox in their security blog: https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/

For Internet Explorer, go to Internet Options on the Tools menu and click on the Advanced tab. Uncheck the box next to SSL 3.0.

To check your browser, click on https://zmap.io/sslv3/. You will either get a red warning box stating that your browser supports SSL v3 or a blue box stating, ” Good News! Your browser does not support SSLv3.”

Excluding SSL 3.0 in your browser is a step for extra security. It may not be necessary for most home users, or for those on a closed network. It is most necessary for those who use public WiFi.

 

Filed Under: Educational

Looking for immediate answers to your questions?

You May Also Be Interested In:

remote-managed-it-services-help-desk-technicians

What are Remote Managed IT Services? A Complete Guide

what is spear phishing

What is Spear Phishing in Cyber Security?

Answering what are IT Support Services.

What Can IT Support Services Do For You?

How do you choose a managed IT services provider

How do you choose a Managed IT Services Provider?

Team of IT techs discussing outsourced IT support services

Why Outsourced IT Support Services is so Important for Your Business

Top Managed Service Provider

Why does your business need a Managed Service Provider?

windows-11-upgrade

Everything You Need to Know About Windows 11

how to improve your cyber security for businesses

Ways to Improve Your Cybersecurity

What Printer Should I Buy

What Printer Should I Buy for Home or Business?

Previous Post: « How to Minimize Workplace Interruptions
Next Post: Must-Have Software for Students »

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Our Popular Posts

  • What are Remote Managed IT Services? A Complete Guide
  • What is Spear Phishing in Cyber Security?
  • What Can IT Support Services Do For You?
  • How do you choose a Managed IT Services Provider?
  • Why Outsourced IT Support Services is so Important for Your Business
  • Why does your business need a Managed Service Provider?
  • Everything You Need to Know About Windows 11
  • Ways to Improve Your Cybersecurity
  • What Printer Should I Buy for Home or Business?
  • 4 Cybersecurity Tips To Secure Your Law Firms IT

Footer

Landon Technologies, Inc.
221 N. Hogan St. #358
Jacksonville, FL 32202

Email: [email protected]
Main: (904) 647-2248

Toll Free: (888) 596-3998
Hours: Mon-Fri 8am-6pm

“More Knowledge,
More Experience”

  • Facebook
  • Twitter

Jacksonville IT Services

IT Support
Managed IT Services
IT Company
Cybersecurity
Cloud Services
IT Consulting

Company Quick Links

About Us
Tech News
Contact Us
Why Us?
Testimonials
Home

Business IT Support Services

Atlanta • Dallas • Houston• Fort Lauderdale • Jacksonville • Los Angeles • Miami • NYC • Orlando Ormond Beach • Palm Coast • St Augustine • Savannah • Tampa

  • Privacy Policy
  • Terms and Conditions
  • Make a Payment
  • Blog
  • Sitemap
· Copyright © 2005-2023 · Landon Technologies, Inc. ·