More on POODLE from Forbes:
POODLE Security Vulnerability Breaks SSLv3 Secure Browsing
"For the attack to work the attacker must be on the same wireless network (or in the path of your communications) and your client must be running Javascript (such as in a web browser) which makes the attack less all out serious than vulnerabilities like Heartbleed . This attack is effective against clients (as opposed to servers like with Heartbleed or Shellshocked) and so is of the greatest concern to users browsing on wireless hotspots where others may be listening but is sufficiently serious that Twitter has announced they have entirely disabled SSLv3 ."
No comments:
Post a Comment