Poodle Bug: Mozilla to Disable SSL 3.0 by Default in Firefox 34

Poodle Bug: Mozilla to Disable SSL 3.0 by Default in Firefox 34
Advertisement
Mozilla said it will disable Secure Sockets Layer (SSL) encryption in the latest version of its Firefox Web browser that will be released on Nov. 25 after a security bug called "Poodle" was discovered in a web encryption technology.

"By exploiting this vulnerability, an attacker can gain access to things like passwords and cookies, enabling him to access a user's private account data on a website," Mozilla said in its blog.

SSL 3.0 will be disabled by default in Firefox 34, Mozilla said. The code to disable the security protocol will be available shortly via Mozilla Nightly, an in-development version of Mozilla's browser.

Mozilla also said that Firefox 35 will support a generic Transport Layer Security (TLS) downgrade protection mechanism called SCSV (Signaling Cipher Suite Value), as a precautionary measure.

Servers supporting SCSV can prevent attacks that rely on insecure fallback.

The Poodle bug, which stands for Padding Oracle On Downloaded Legacy Encryption, was recently uncovered by Google researchers. It could allow hackers to steal data from within an encrypted transaction.

© Thomson Reuters 2014

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Spice Stellar 524 with 13-Megapixel Camera Available Online for Rs. 8,899
Ebola.com Domain Name Up for Grabs at $150,000
Share on Facebook Gadgets360 Twitter Share Tweet Snapchat Share Reddit Comment google-newsGoogle News
 
 

Advertisement

Follow Us

Advertisement

© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
Trending Products »
Latest Tech News »