agileBase not vulnerable to POODLE attack

A quick note about secure browser connections to agileBase:

You may have seen mention of a security vulnerability on the web that affects ‘SSL’ encrypted data transfers, which is a standard encryption mechanism that all secure websites and apps use, including agileBase. If not, here’s a news article describing the issue:

http://www.forbes.com/sites/jameslyne/2014/10/15/poodle-security-vulnerability-breaks-sslv3-secure-browsing/

The good news for agileBase users is that SSL3 (the affected encryption mechanism) has been disabled on our servers since before the vulnerability was announced, as it is an old protocol that newer web browsers don’t need to use. In fact that only browser that needs SSL3 for encrypted transfers to function is Internet Explorer 6, which agileBase doesn’t support anyway. Hence agileBase connections are not susceptible.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s