Beware of dog. POODLE is no longer the nice puppy you want to pet, rather it stands for “Padding Oracle On Downgraded Legacy Encryption”. This is a new security attack that makes SSLv3 dangerous by potentially allowing someone to steal your cookies, which is bad and could be taken advantage of by bad people. The flaw in SSLv3 is at least 15 years old and is used by almost all ancient browsers (Internet Explorer 6 in particular) and some modern browsers and servers. Those affected will see an SSL connection error.

Does SmartFile support SSLv3?

Not anymore. SmartFile has stopped taking SSLv3 connections. Older browsers (IE 6 users on Windows XP) will not be able to use SmartFile, as well as API users that are trying to connect with old or insecure API clients. Contact us if you think you’re affected by this bug and you’re having trouble using SmartFile now.

Should I be worried about the POODLE Attack?

Don’t worry, but you should disable SSLv3 in your browsers. Firefox 34 will disable SSLv3 by default. Click here for instructions for IE, Chrome, and older Firefox.

Moral of the story, stop using IE6. Stay safe!

Related Posts

Related Topics & Tags: Online Security SmartFile News

Leave a Reply

Your email address will not be published. Required fields are marked *