Good midday,
Today is friday the 23rd of March 2018. The time is 12:44:38 and it's week number 12.

(2014-10-15) No dogs allowed!

Yesterday news broke about a newly discovered serious vulnerability in the SSL 3.0 protocol. The vulnerability even got a cute nickname: Poodle. That's an abbreviation of "Padding Oracle On Downgraded Legacy Encryption".

So how does this affect The ERICADE Network? As for the web services and the ActiveSync support: don't worry. SSL 2.0 and SSL 3.0 have been disabled for almost a year now. Unless you use the newer TLS-protocol (which almost modern browsers do!) you cannot even connect to

The mail/im services such as SMTP(s), POP3s, IMAPs and XMPP actually DO support SSL 3.0. The best way to make sure you're protected against attacks using this vulnerability is to update your mail and browsing software to their latest versions available as soon as they come out with mitigation of Poodle-attacks.

I'm researching the possibility to turn SSL 3.0 support off in the mail server. As soon as it's possible SSL 3.0 will be disabled for the SMTP, POP3, IMAPs and XMPP protocols.

Read more here:

Posted: 2014-10-15 by Erik Zalitis
Changed: 2014-10-15 by Erik Zalitis

News archive