EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Regarding Recent Discoveries in Applicability of POODLE Attack to TLS 1.0

It has been recently discovered that POODLE attack can be applied to TLS 1.0 communication if the server doesn't check padding of the TLS packets (which is the design flaw of SSL 3.0 that had its consequences on TLS 1.0 as well).

SecureBlackbox is not vulnerable to this flaw as the padding is checked properly in SecureBlackbox, so there's no immediate need to upgrade or perform any other urgent actions. Yet there exists an industry-wide recommendation to upgrade communications to TLS 1.2 wherever possible and regardless of presence or absence of any particular vulnerabilities in implementations of TLS 1.0, as TLS 1.2 delivers advanced security mechanisms (including new safer algorithms).

more about SecureBlackbox...


Back to news list

|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!