Updates on Disabling SSL 3.0

Due to the recent POODLE flaw, Apple will stop supporting SSL 3.0 for push notifications and switch to the TLS encryption standard. Apple announced on its developer site that it will make the switch on October 29.

The push notification service from Apple forwards notifications of third-party applications to iOS devices; it may include badges, sounds or custom text alerts. Apple notes that providers that only support SSL 3.0 will need to transfer to TLS as soon as possible to ensure the service continues to perform as expected.

Other vendors are also updating their services. Twitter already notified users that is has disabled SSL 3.0 support.

Mozilla advised Firefox users to install a Mozilla security add-on that disables SSL 3.0. It will be disabling the old protocol in Firefox 34, the next version of its browser, by the end of November.

University of Michigan researchers have detailed how to disable SSL 3.0 for Internet Explorer and other sites.

Read the story online.


About MIT
IT Security Awareness Consultant and Communications Specialist at MIT

Comments are closed.

%d bloggers like this: