Friday

This "Poodle" Hack thing - What The Heck?


You may have heard of the latest security snafu, dubbed "Poodle" (an acronym for a long string of fancy computin' words you don't really need to know and would immediately forget anyway - I know I did). Essentially, it only seems to affect an older version of the SSL protocol not much in use anymore (SSL version 3), so the risk is fairly low compared to some other recent exploits. SSL comes into play when you make a secure connection to a website like a bank. This is not a "Windows" thing, or an "Apple" thing, so everyone can and should check how they are connecting at present.

You can very simply check if your browser is currently vulnerable here:

https://www.poodletest.com/

If you don't see an image appear -refresh the page (press the F5 key) and also make sure that javascript is enabled.

If you see a Poodle - disable SSL v3 in your browser.

Disabling SSL 3 may break some older sites, but most browsers will likely be removing support from SSL 3 soon anyway, so those sites need to get with the program.


No comments :