Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Security experts warn of 'POODLE' attack against SSL 3.0

Jeremy Kirk | Oct. 16, 2014
Experts say that SSL 3.0 should be disabled even though some legacy products still use it.

Major internet companies are already making adjustments to prevent a POODLE attack. CloudFlare, which has a widely used caching service, has disabled SSL 3.0 across its network by default for all of its customers, wrote CEO Matthew Prince.

"This will have an impact on some older browsers, resulting in an SSL connection error," Prince wrote. "The biggest impact is Internet Explorer 6 running on Windows XP or older."

Prince wrote that just 0.65 percent of the HTTPS encrypted traffic on CloudFlare's network uses SSL 3.0. "The good news is most of that traffic is actually attack traffic and some minor crawlers," he wrote.

 

Previous Page  1  2 

Sign up for Computerworld eNewsletters.