Once again, there’s another attack that can compromise your information. This time it’s called POODLE.
Attackers go after SSLv3, an older Internet security protocol. While most websites have moved on to newer versions, this attack can actually trick sites into downgrading to SSLv3, making the site vulnerable to attack.
SSL protect encrypted data like passwords, credit card information and account details. If that encryption is cracked, you information is vulnerable.
Here’s how to protect yourself. First, check your browser to find out if SSLv3 is enabled. Follow this link. If it’s enabled, you’ll see this warning at the top of the screen.
For Internet Explorer, you’ll need to go to Settings and then Internet Options.
Click the Advanced Tab and then scroll down to Use SSL 3.0. If the box beside that option is checked, uncheck it. Click okay. This will only work on Internet Explorer 9 and above. If you are running an older version, upgrade. If you can’t upgrade, that mean you’re running XP and have no business online anyway.
It’s a little bit more of a process with Firefox and Chrome.
For Firefox, you’ll need to open the browser and type about:config into the address bar and hit enter.
You’ll see this warning. Click on I’ll be careful, I promise!
security.tls.version.min into the search box then double-click on it in the results.
You’ll see this box. Change the number in the box from 0 to 1 and select OK. This will force Firefox to use protocols that are not vulnerable to POODLE.
For Google Chrome, you can’t disable SSLv3, but you can add a command line to make sure it choose a protocol not vulnerable to POODLE.
Right click on your icon for Chrome and choose Properties.
Click the Shortcut tab and carefully arrow your way to the end of the text in the Target field.
You are going to be adding
--ssl-version-min=tls1 to the end of that line. Note the space between the quotation mark and the first dash. Choose OK and restart your browser.