Behind the Scenes: POODLE SSLv3 & Network Speedtest

As you may have heard, in October a new vulnerability was disclosed in SSL version 3 that was dubbed POODLE (Padding Oracle On Downgraded Legacy Encryption). This allowed an attacker to read SSLv3 encrypted data via a man-in-the-middle attack. It has long been standard to disable SSLv2 and as a result of this new disclosure many providers, including us, have opted to disable SSLv3 as well. Disabling SSLv3 was really long overdue anyways and only used for legacy support of older operating systems that have long reached their end of life, such as initial releases of Windows XP. Any recent OS or software will instead use a version of TLS to connect which is now the only option that our servers permit. Aside from a couple of very minor cipher issues which were quickly remedied, we’ve experienced no problems with the deployment of these changes back in October. Ultimately this is just another small part that shows our ongoing commitment to security here at Dathorn, where keeping your data safe and secure is a priority.

Screen Shot 2014-10-15 at 10.53.07 AMIn other unrelated news, we have added network performance testing information to our network page. We frequently receive requests for information on how to test our network connectivity from a client’s location. To help make this process easier we’ve added this information directly to our website and have even setup a speedtest there. The image above shows some sample results from my own cable connection at home. Does anyone with Google fiber want to show off a bit?

Leave a Reply