As you probably know by now, a Google Security Team researcher recently discovered another vulnerability in our computer-driven lives. This bug is known as POODLE (short for Padding Oracle On Downgraded Legacy Encryption — has a real ring to it, don’t you think?).
In the briefest terms, Poodle can allow a hacker to force a browser into using an 18 year old version of internet security (SSLv3) and read data—that is supposed to be encrypted—as plain text. That’s the bad news. The good news is that simple fixes are available for whatever browser you are using: UNLESS you are using a very old browser and/or using a very old operating system. IF you are one of those unfortunate folks still using Internet Explorer 6 or 7 on Windows XP, consider this a wake up call.
Old versions of Internet Explorer (IE) are full of security holes you could drive a truck through. In fact, Taleris recommends not using IE at all. We suggest using a modern browser like Google Chrome or Mozilla Firefox. Whatever browser you are using, however, you should be using the latest version. Clicking ‘About’ from the Help Menu of your browser will give you the current version, and let you know if there is an update.
The changes you need to make to your browser are simple and easy. For a page that describes the fixes needed for most browsers, CLICK HERE. This site will also tell you if your browser is vulnerable or not…right at the top of the page. The link will open in a new tab and direct you to a site maintained by Binge Software, LLC.
Another simple fix is to beware of public WiFi hotspots. These are notoriously un-secured and should not be used when communicating sensitive or financial data.
Ask Your Grandparents
A long time ago, most telephones were on what was known as a ‘Party Line.’ This meant that several households shared a single telephone connection…you could pick up the phone to make a call, and hear someone else, making a different call. And sometimes, there would be someone on the line who seemed to have nothing better to do than to try listening in on your private conversations. Your grandparents knew this. They knew to watch out for that person listening in.
We need to learn a lesson from our grandparents. Our online connections are, unfortunately, more and more like the party lines of old. Someone, somewhere, is trying to listen in when you enter sensitive information—like the log on and password to a credit card account, for example. Our best defense is the same now as our grandparents’ was then…pay attention.
The software you use, on your computer, your tablet, your phone, and any other way you access the internet, is regularly updated. These updates, sometimes, are to fix specific security vulnerabilities like Poodle. The updates, however, are completely unable to protect us from online harm if we do not make use of them. There may be nothing you can do about Target or Home Depot or any one of hundreds of other large and small data thefts. There is, however, a lot you can do to protect your own financial and personal information…and that starts with paying attention.