Twitter has infirm support for SSL 3.0 due to a disadvantage in a 15-year-old Internet software, definition a site will no longer work scrupulously in comparison browsers, such as Internet Explorer 6.
IE6 was a primary browser for Windows XP, that debuted in 2001. Its marketplace share is still significant, according to Net Applications, during 3.23% of all browsers in use. Chrome has 10.06%.
Google suggested a SSL 3.0 vulnerability, infrequently called “Poodle,” in a blog post yesterday. Twitter fast responded around a Twitter Security account:
We have infirm SSLv3 custom support in response to a disadvantage published today. You might need to refurbish your browser to use Twitter
— Twitter Security (@twittersecurity) October 15, 2014
Current browsers use newer confidence protocols — customarily a chronicle of TSL — and usually default to SSL when a site visited isn’t concordant with them. Google pronounced it had formerly updated Chrome to safeguard that doesn’t happen, even yet a browser still technically supports SSL 3.0. But Google also pronounced Chrome will eventually dump all support of SSL 3.0.
Mozilla pronounced it would disable SSL 3.0 support by default in a subsequent chronicle of a Firefox browser (version 34), that is scheduled to be expelled on Nov. 25. Firefox 35 will have even some-more protections opposite any browser confidence hillside from TSL to SSL. Mozilla pronounced it was saying SSL 3.0 being used in only 0.3% of HTTPS connectors in Firefox, though that still amounts to millions of transactions.
If you’re using IE6 and still wish to entrance Twitter and other sites safely but upgrading, we should open your Internet Options, go to Security, and uncheck a boxes for all versions of SSL, that are enabled by default. Then check a box for TSL 1.0. Here’s a screenshot of a add-on (via Windows IT Pro):
Have something to supplement to this story? Share it in a comments.
Article source: http://mashable.com/2014/10/15/twitter-kills-ssl-3-support/